Security sphere
Fermé
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
-
9 déc. 2011 à 14:15
Beloune Messages postés 194 Date d'inscription samedi 12 mai 2007 Statut Membre Dernière intervention 4 octobre 2024 - 13 déc. 2011 à 18:24
Beloune Messages postés 194 Date d'inscription samedi 12 mai 2007 Statut Membre Dernière intervention 4 octobre 2024 - 13 déc. 2011 à 18:24
A voir également:
- Security sphere
- Microsoft security essentials - Télécharger - Antivirus & Antimalwares
- Eset internet security download - Télécharger - Sécurité
- Usb disk security - Télécharger - Sécurité
- Security monitor pro - Télécharger - TV & Vidéo
- Harddisk security - Forum Disque dur / SSD
26 réponses
Utilisateur anonyme
9 déc. 2011 à 14:20
9 déc. 2011 à 14:20
Bonjour
Le PC démarre t' il en mode sans echec avec prise en charge réseau?
@+
Le PC démarre t' il en mode sans echec avec prise en charge réseau?
@+
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 14:22
9 déc. 2011 à 14:22
Bonjour,
je n'ai pas essayé. Et puis surtout je ne sais plus comment on démarre en mode sans échec :-(
je n'ai pas essayé. Et puis surtout je ne sais plus comment on démarre en mode sans échec :-(
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 14:24
9 déc. 2011 à 14:24
Je précise que j'ai installé un contrôle parental qui du coup ne réponde plus non plus et qui m'empêche d'aller sur internet en démarrage normal. J'ai bien essayé de le désinstaller mais ce n'est pas possible.
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 14:32
9 déc. 2011 à 14:32
J'ai réussi à démarrer en mode sans échec. Mais je n'ai toujours pas accès à internet à cause du contrôle parental qui est bloqué. J'ai voulu le désinstaller et Security sphère m'en empêche.
Qu'est ce que je peux faire ?
Qu'est ce que je peux faire ?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
9 déc. 2011 à 14:47
9 déc. 2011 à 14:47
Re
Désolé ;mais je ne peux t'aider plus pour supprimer ce contrôle parental.
@+
Désolé ;mais je ne peux t'aider plus pour supprimer ce contrôle parental.
@+
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 14:49
9 déc. 2011 à 14:49
Et pour supprimer Security sphere ? Parcequ'au départ c'est surtout ce que je voulais faire mais je me demande si c'est faisable sans avoir accès à internet avec l'ordinateur infecté. Sinon nous avons un autre ordinateur dans le salon et lui n'as aucun problème.
Utilisateur anonyme
9 déc. 2011 à 14:52
9 déc. 2011 à 14:52
Re
Nous allons procéder avec un CDlive
Pour cela:
Télécharge OTLPENet sur le bureau.
Double clique ou clic droit sous Vista ou Seven pour lancer l'application.
On va te demander si tu veux graver ...
Prépare un CD vierge et lance OTLPENet, cela va te permettre de graver une image iso.
Note : Le CD gravé, il faut maintenant redémarrer la machine sur le lecteur CDROM
Pour se faire suivre ce lien : Booter sur un CD
Tuto OTLPE
Tu lances l'iso d'OTLPENet que tu as gravé.
* une fois le bureau de reatogo chargé , tu lances OTLPE , l'icône jaune
* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", select Yes
* quand demandé "Do you wish to load remote user profile(s) for scanning", select Yes
* vérifier que "Automatically Load All Remaining Users" est sélectionné et press OK
* sous Custom Scan box
1) copie_colle le contenu du cadre ci dessous:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
cdrom.sys
disk.sys
ndis.sys
mountmgr.sys
aec.sys
rasacd.sys
mrxsmb10.sys
mrxsmb20.sys
termdd.sys
mrxsmb.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
explorer.exe
winlogon.exe
wininit.exe
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
* copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.
* 2) Clic Run Scan pour démarrer le scan.
* Une fois terminé , le fichier se trouve là C:\OTL.txt
* Copie_colle le contenu dans ta prochaine réponse.
@+
Nous allons procéder avec un CDlive
Pour cela:
Télécharge OTLPENet sur le bureau.
Double clique ou clic droit sous Vista ou Seven pour lancer l'application.
On va te demander si tu veux graver ...
Prépare un CD vierge et lance OTLPENet, cela va te permettre de graver une image iso.
Note : Le CD gravé, il faut maintenant redémarrer la machine sur le lecteur CDROM
Pour se faire suivre ce lien : Booter sur un CD
Tuto OTLPE
Tu lances l'iso d'OTLPENet que tu as gravé.
* une fois le bureau de reatogo chargé , tu lances OTLPE , l'icône jaune
* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", select Yes
* quand demandé "Do you wish to load remote user profile(s) for scanning", select Yes
* vérifier que "Automatically Load All Remaining Users" est sélectionné et press OK
* sous Custom Scan box
1) copie_colle le contenu du cadre ci dessous:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
cdrom.sys
disk.sys
ndis.sys
mountmgr.sys
aec.sys
rasacd.sys
mrxsmb10.sys
mrxsmb20.sys
termdd.sys
mrxsmb.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
explorer.exe
winlogon.exe
wininit.exe
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
* copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.
* 2) Clic Run Scan pour démarrer le scan.
* Une fois terminé , le fichier se trouve là C:\OTL.txt
* Copie_colle le contenu dans ta prochaine réponse.
@+
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 14:59
9 déc. 2011 à 14:59
Juste une question :
Une fois le cd gravé, je suppose que je dois démarrer l'ordinateur infecté via le lecteur de cd rom ? Je suis désolée si ma question parait idiote mais je préfères être certaine de ce que tu m'expliques.
Une fois le cd gravé, je suppose que je dois démarrer l'ordinateur infecté via le lecteur de cd rom ? Je suis désolée si ma question parait idiote mais je préfères être certaine de ce que tu m'expliques.
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 15:07
9 déc. 2011 à 15:07
merci, je fais ça et je te poste le rapport. Je vais devoir jongler avec ma clé usb pour cop/col les lignes que tu m'as donné.
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 15:44
9 déc. 2011 à 15:44
voici le rapport, très long d'ailleurs :
OTL logfile created on: 12/9/2011 3:25:13 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,022.00 Mb Total Physical Memory | 834.00 Mb Available Physical Memory | 82.00% Memory free
906.00 Mb Paging File | 850.00 Mb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 74.27 Gb Free Space | 58.03% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Disabled] -- -- (HidServ)
SRV - [2011/11/18 05:32:02 | 003,313,752 | ---- | M] () [Auto] -- C:\program files\fichiers communs\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/01/24 08:49:34 | 000,310,640 | ---- | M] (CybelSoft) [On_Demand] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/12/07 15:18:00 | 003,979,632 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010/10/25 02:42:10 | 000,110,240 | ---- | M] (Intel Corporation) [Auto] -- C:\WINDOWS\system32\IPROSetMonitor.exe -- (Intel(R) PROSet Monitoring Service) Intel(R)
SRV - [2010/03/04 16:38:00 | 000,071,096 | ---- | M] () [Auto] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2007/02/07 18:01:29 | 000,184,320 | ---- | M] () [Auto] -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe -- (WebFilter)
SRV - [2006/10/26 13:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (EagleXNt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2011/09/30 11:06:17 | 000,137,464 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2011/09/06 15:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 15:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 15:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 15:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 15:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 15:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 15:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/02/10 11:56:23 | 000,255,360 | ---- | M] (D-Link) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AIRPLUS.sys -- (AIRPLUS)
DRV - [2010/09/22 10:31:34 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2010/08/30 05:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2009/11/12 07:48:56 | 000,005,504 | ---- | M] () [File_System | Auto] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/05 16:23:22 | 000,588,032 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2008/09/24 03:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007/03/05 11:48:22 | 000,048,512 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\cwmtdi.sys -- (cwmtdi)
DRV - [2006/03/21 22:56:22 | 001,522,688 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/17 17:00:00 | 000,007,168 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt -- (EverestDriver)
DRV - [2004/08/04 01:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) Port jeux Crystal SoundFusion(tm)
DRV - [2001/08/17 14:19:48 | 000,093,952 | ---- | M] (Crystal Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cwcwdm.sys -- (cwcwdm) Pilote WDM Crystal SoundFusion(tm)
DRV - [2001/08/17 14:19:36 | 000,111,872 | ---- | M] (Crystal Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cwcspud.sys -- (cwcspud) Pilote Crystal SoundFusion(tm)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\nous_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
IE - HKU\nous_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\nous_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl"
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..keyword.URL: "https://www.bing.com/?scope=web&mkt=fr-FR&FORM=MIMWA5"
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "https://desertoperations.gamigo.com/fr-fr"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\nous\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\nous\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/28 16:17:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/18 09:43:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.1.0\FF [2011/04/30 08:45:16 | 000,000,000 | ---D | M]
[2011/02/03 06:28:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\nous\Application Data\Mozilla\Extensions
[2011/12/08 16:30:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\extensions
[2011/02/10 12:52:01 | 000,000,000 | ---D | M] (DriverAgent Plugin for Firefox and Opera) -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}
[2011/10/08 03:40:06 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011/11/08 15:20:04 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2011/02/21 03:41:10 | 000,002,650 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\searchplugins\bing.xml
[2011/06/10 12:01:30 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\searchplugins\SweetIM Search.xml
[2011/04/30 08:43:37 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\searchplugins\sweetim.xml
[2011/02/03 06:23:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/30 08:45:16 | 000,000,000 | ---D | M] (PriceGong) -- C:\PROGRAM FILES\PRICEGONG\2.1.0\FF
[2011/05/02 04:48:16 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/05/02 04:48:16 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/02 04:48:16 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/05/02 04:48:16 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/05/02 04:48:16 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2001/10/04 06:55:19 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\nous_ON_C\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\nous_ON_C..\Run: [Akamai NetSession Interface] C:\Documents and Settings\nous\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\nous_ON_C..\Run: [gC14001JhGeN14001] C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\D-Link AirPlus.lnk = C:\Program Files\D-Link AirPlus\AIRPLUS.EXE (D-Link)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\nous_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\nous\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296732266702 (WUWebControl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe) - C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\dotnet3.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnet3[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnet3[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/02 12:40:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^nous^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk - C:\Documents and Settings\nous\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe - (Microsoft Corporation)
MsConfig - StartUpReg: [b]CTFMON.EXE[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]KPeerNexonEU[/b] - hkey= - key= - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
MsConfig - StartUpReg: [b]SweetIM[/b] - hkey= - key= - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Logiciel de navigation hors connexion
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Aide sur Internet Explorer
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Outils d'installation Internet Explorer
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Améliorations pour la navigation
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Accès au site MSN
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Liaison de données Dynamic HTML
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Polices de base Internet Explorer
ActiveX: {CAAFB8F9-F8D1-3D27-9AAA-6301A4429440} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - Aide HTML
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/12/09 08:29:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/12/08 16:22:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001
[2011/12/03 01:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nous\Local Settings\Application Data\Help
[2011/12/03 01:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nous\Application Data\Help
[2011/11/22 09:45:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2011/11/21 14:04:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\McAfee Security Scan Plus
[2011/11/18 09:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2011/11/18 09:39:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/11/18 09:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011/11/18 09:38:51 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/12/09 09:00:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/09 08:17:00 | 000,001,144 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1957994488-682003330-1003UA.job
[2011/12/08 05:17:04 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1957994488-682003330-1003Core.job
[2011/12/07 15:05:18 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\nous\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/07 03:14:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/03 06:17:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/02 15:03:40 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\D2Info0
[2011/12/02 15:03:40 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_1
[2011/12/02 15:02:46 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_2
[2011/11/28 16:02:11 | 000,267,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/28 15:31:33 | 000,001,785 | ---- | M] () -- C:\Documents and Settings\nous\Bureau\Age of Empires.lnk
[2011/11/28 15:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Games
[2011/11/21 14:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\McAfee Security Scan Plus
[2011/11/21 14:04:59 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk
[2011/11/21 14:04:59 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
[2011/11/19 12:21:59 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/19 12:21:58 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\nous\Bureau\Google Chrome.lnk
[2011/11/18 09:43:49 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2011/11/18 09:43:49 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2011/11/15 17:16:29 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\nous\Mes documents\spider.sav
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/11/28 15:31:33 | 000,001,785 | ---- | C] () -- C:\Documents and Settings\nous\Bureau\Age of Empires.lnk
[2011/11/21 14:04:59 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk
[2011/11/18 09:43:49 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2011/11/18 09:43:49 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2011/11/15 17:16:29 | 000,000,372 | ---- | C] () -- C:\Documents and Settings\nous\Mes documents\spider.sav
[2011/11/10 14:39:30 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\nous\Bureau\VLC media player skinned.lnk
[2011/09/24 12:20:48 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini
[2011/09/07 14:09:52 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\PnkBstrK.sys
[2011/09/07 14:09:52 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011/09/07 14:09:24 | 000,214,520 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011/09/07 14:09:16 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011/06/24 09:55:39 | 000,136,088 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/24 09:48:38 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/06/19 03:22:47 | 000,000,529 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/04/23 04:29:38 | 000,000,124 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2011/04/12 03:02:57 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011/03/01 13:57:28 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_4
[2011/02/10 12:44:06 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/02/10 12:32:26 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2011/02/07 13:08:44 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_3
[2011/02/05 14:44:04 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\nous\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/04 13:24:55 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_1
[2011/02/03 15:14:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2011/02/03 12:50:25 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\D2Info0
[2011/02/03 12:50:25 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_2
[2011/02/03 08:14:41 | 000,003,796 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/03 07:52:10 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011/02/03 06:46:14 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2011/02/03 06:28:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/02/02 12:43:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/02/02 12:37:38 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/02 12:31:08 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/02 12:30:13 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/03/05 11:48:22 | 000,048,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\cwmtdi.sys
[2006/02/13 15:29:25 | 000,121,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2004/08/19 18:09:27 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2003/09/02 08:33:30 | 000,040,636 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLANGEN.bin
[2003/07/27 04:02:16 | 000,000,964 | ---- | C] () -- C:\WINDOWS\System32\drivers\RADIO11.bin
[2003/07/25 04:24:32 | 000,000,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\RADIO0d.bin
[2003/05/18 13:04:46 | 000,000,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\RADIO15.bin
[2001/10/04 06:56:27 | 000,544,244 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2001/10/04 06:56:27 | 000,474,580 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/10/04 06:56:27 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2001/10/04 06:56:27 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/10/04 06:56:26 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2001/10/04 06:56:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/10/04 06:56:25 | 000,089,596 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2001/10/04 06:56:25 | 000,075,070 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/10/04 06:56:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/10/04 06:55:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/10/04 06:55:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/10/04 06:55:04 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/10/04 06:54:36 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1997/06/14 03:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[color=#E56717]========== LOP Check ==========[/color]
[2011/02/03 12:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\app
[2011/06/24 09:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Canneverbe Limited
[2011/12/02 14:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Dofus 2
[2011/02/03 12:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/02/07 13:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/03/01 13:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/02/04 13:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/06/28 08:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\FOG Downloader
[2011/09/18 07:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\IMVU
[2011/05/21 08:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\IMVUClient
[2011/02/15 10:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\My Games
[2011/06/24 09:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\OpenCandy
[2011/12/09 08:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\PriceGong
[2011/02/03 12:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/11/02 13:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\TuneUp Software
[2011/02/03 06:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/06/24 09:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/12/09 07:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001
[2011/02/03 07:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2011/02/08 12:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2011/03/31 06:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU
[2011/04/30 08:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2011/11/02 13:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011/11/02 12:59:58 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011/09/26 05:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[color=#A23BEC]< MD5 for: AEC.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:aec.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:aec.sys
[2004/08/04 00:39:36 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=841F385C6CFAF66B58FBD898722BB4F0 -- C:\WINDOWS\ServicePackFiles\i386\aec.sys
[2004/08/04 00:39:36 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=841F385C6CFAF66B58FBD898722BB4F0 -- C:\WINDOWS\system32\drivers\aec.sys
[2001/07/23 19:25:14 | 000,122,472 | ---- | M] (Microsoft Corporation) MD5=B45A744CA0A15A59D8B0307CE9741E92 -- C:\WINDOWS\$NtServicePackUninstall$\aec.sys
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2001/10/04 06:54:18 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2004/08/04 00:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004/08/04 00:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
[2001/10/04 06:54:25 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=CB762E814F602229A574F4D78D3D6A30 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys
[2004/08/04 00:59:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2004/08/04 00:59:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys
[2001/10/04 06:54:37 | 000,033,664 | ---- | M] (Microsoft Corporation) MD5=43A10CD19D648E57ED039A6CAA667A56 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2001/10/04 06:55:08 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=21625DD16C2B397E3F69341E1D7E72BF -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004/08/19 18:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004/08/19 18:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\system32\eventlog.dll
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2004/08/19 18:09:53 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\explorer.exe
[2004/08/19 18:09:53 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2001/10/04 06:55:08 | 001,005,056 | ---- | M] (Microsoft Corporation) MD5=9E20A8EF0CA524446AFEE29F4423CC8F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[color=#A23BEC]< MD5 for: MOUNTMGR.SYS >[/color]
[2004/08/04 00:58:30 | 000,042,240 | ---- | M] (Microsoft Corporation) MD5=65653F3B4477F3C63E68A9659F85EE2E -- C:\WINDOWS\ServicePackFiles\i386\mountmgr.sys
[2004/08/04 00:58:30 | 000,042,240 | ---- | M] (Microsoft Corporation) MD5=65653F3B4477F3C63E68A9659F85EE2E -- C:\WINDOWS\system32\drivers\mountmgr.sys
[2001/10/04 06:55:41 | 000,037,504 | ---- | M] (Microsoft Corporation) MD5=D4FACE53A1C48CF8419B4CF494D2EE2E -- C:\WINDOWS\$NtServicePackUninstall$\mountmgr.sys
[color=#A23BEC]< MD5 for: MRXSMB.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:mrxsmb.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:mrxsmb.sys
[2004/08/04 01:15:16 | 000,451,456 | ---- | M] (Microsoft Corporation) MD5=1FD607FC67F7F7C633C3DA65BFC53D18 -- C:\WINDOWS\ServicePackFiles\i386\mrxsmb.sys
[2004/08/04 01:15:16 | 000,451,456 | ---- | M] (Microsoft Corporation) MD5=1FD607FC67F7F7C633C3DA65BFC53D18 -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2001/10/04 06:55:43 | 000,407,680 | ---- | M] (Microsoft Corporation) MD5=A3AD34D36242E92C86B0C1BFBD131255 -- C:\WINDOWS\$NtServicePackUninstall$\mrxsmb.sys
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2001/10/04 06:56:03 | 000,161,536 | ---- | M] (Microsoft Corporation) MD5=3EFD4F59BA0A340DE0A3AB984001DBF7 -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004/08/04 01:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004/08/04 01:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2001/10/04 06:56:04 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=5C6CAFA21A45A3F51DB9C2B699D98D7B -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/19 18:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004/08/19 18:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\system32\netlogon.dll
[color=#A23BEC]< MD5 for: RASACD.SYS >[/color]
[2001/10/04 06:56:38 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys
[2001/10/04 06:56:38 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2001/10/04 06:56:43 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=414426B3CCD8D9A2AADFB9A9A4538F66 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004/08/19 18:09:39 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004/08/19 18:09:39 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< MD5 for: TERMDD.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:termdd.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:termdd.sys
[2001/08/18 00:38:00 | 000,037,896 | ---- | M] (Microsoft Corporation) MD5=68B71EB2E79F60640B4B3A1A714317E5 -- C:\WINDOWS\$NtServicePackUninstall$\termdd.sys
[2004/08/19 18:10:17 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=A540A99C281D933F3D69D55E48727F47 -- C:\WINDOWS\ServicePackFiles\i386\termdd.sys
[2004/08/19 18:10:17 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=A540A99C281D933F3D69D55E48727F47 -- C:\WINDOWS\system32\drivers\termdd.sys
[color=#A23BEC]< MD5 for: WIN32K.SYS >[/color]
[2001/10/04 06:57:21 | 001,799,808 | ---- | M] (Microsoft Corporation) MD5=32F14C4C8C7A9E6F1A58705DF6E07B9C -- C:\WINDOWS\$NtServicePackUninstall$\win32k.sys
[2004/08/19 18:00:55 | 001,836,032 | ---- | M] (Microsoft Corporation) MD5=6B8D8840CC7D6C822FD159613D61EBA3 -- C:\WINDOWS\ServicePackFiles\i386\win32k.sys
[2004/08/19 18:00:55 | 001,836,032 | ---- | M] (Microsoft Corporation) MD5=6B8D8840CC7D6C822FD159613D61EBA3 -- C:\WINDOWS\system32\win32k.sys
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004/08/19 18:10:04 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004/08/19 18:10:04 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\system32\winlogon.exe
[2001/10/04 06:57:24 | 000,434,176 | ---- | M] (Microsoft Corporation) MD5=7486A7D62930D64E83CD847C3C69E7CC -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2004/08/19 18:09:22 | 000,148,480 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dnsapi.dll
[2004/08/19 18:09:34 | 000,281,600 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\mstask.dll
[2004/08/19 18:09:36 | 000,067,072 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ntdsapi.dll
[2004/08/19 18:09:40 | 001,483,776 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\shdocvw.dll
[2004/08/19 18:09:40 | 008,440,320 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\shell32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lo
OTL logfile created on: 12/9/2011 3:25:13 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,022.00 Mb Total Physical Memory | 834.00 Mb Available Physical Memory | 82.00% Memory free
906.00 Mb Paging File | 850.00 Mb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 74.27 Gb Free Space | 58.03% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Disabled] -- -- (HidServ)
SRV - [2011/11/18 05:32:02 | 003,313,752 | ---- | M] () [Auto] -- C:\program files\fichiers communs\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/01/24 08:49:34 | 000,310,640 | ---- | M] (CybelSoft) [On_Demand] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
SRV - [2010/12/07 15:18:00 | 003,979,632 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2010/10/25 02:42:10 | 000,110,240 | ---- | M] (Intel Corporation) [Auto] -- C:\WINDOWS\system32\IPROSetMonitor.exe -- (Intel(R) PROSet Monitoring Service) Intel(R)
SRV - [2010/03/04 16:38:00 | 000,071,096 | ---- | M] () [Auto] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2007/02/07 18:01:29 | 000,184,320 | ---- | M] () [Auto] -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe -- (WebFilter)
SRV - [2006/10/26 13:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (EagleXNt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2011/09/30 11:06:17 | 000,137,464 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2011/09/06 15:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 15:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 15:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 15:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 15:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 15:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 15:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/02/10 11:56:23 | 000,255,360 | ---- | M] (D-Link) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AIRPLUS.sys -- (AIRPLUS)
DRV - [2010/09/22 10:31:34 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2010/08/30 05:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2009/11/12 07:48:56 | 000,005,504 | ---- | M] () [File_System | Auto] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/08/05 16:23:22 | 000,588,032 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2008/09/24 03:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007/03/05 11:48:22 | 000,048,512 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\cwmtdi.sys -- (cwmtdi)
DRV - [2006/03/21 22:56:22 | 001,522,688 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/08/17 17:00:00 | 000,007,168 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt -- (EverestDriver)
DRV - [2004/08/04 01:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) Port jeux Crystal SoundFusion(tm)
DRV - [2001/08/17 14:19:48 | 000,093,952 | ---- | M] (Crystal Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cwcwdm.sys -- (cwcwdm) Pilote WDM Crystal SoundFusion(tm)
DRV - [2001/08/17 14:19:36 | 000,111,872 | ---- | M] (Crystal Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cwcspud.sys -- (cwcspud) Pilote Crystal SoundFusion(tm)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\nous_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
IE - HKU\nous_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\nous_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl"
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..keyword.URL: "https://www.bing.com/?scope=web&mkt=fr-FR&FORM=MIMWA5"
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.startup.homepage: "https://desertoperations.gamigo.com/fr-fr"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\nous\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\nous\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/28 16:17:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/18 09:43:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.1.0\FF [2011/04/30 08:45:16 | 000,000,000 | ---D | M]
[2011/02/03 06:28:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\nous\Application Data\Mozilla\Extensions
[2011/12/08 16:30:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\extensions
[2011/02/10 12:52:01 | 000,000,000 | ---D | M] (DriverAgent Plugin for Firefox and Opera) -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}
[2011/10/08 03:40:06 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011/11/08 15:20:04 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2011/02/21 03:41:10 | 000,002,650 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\searchplugins\bing.xml
[2011/06/10 12:01:30 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\searchplugins\SweetIM Search.xml
[2011/04/30 08:43:37 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\searchplugins\sweetim.xml
[2011/02/03 06:23:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/30 08:45:16 | 000,000,000 | ---D | M] (PriceGong) -- C:\PROGRAM FILES\PRICEGONG\2.1.0\FF
[2011/05/02 04:48:16 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/05/02 04:48:16 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/02 04:48:16 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/05/02 04:48:16 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/05/02 04:48:16 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2001/10/04 06:55:19 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\nous_ON_C\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\nous_ON_C..\Run: [Akamai NetSession Interface] C:\Documents and Settings\nous\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\nous_ON_C..\Run: [gC14001JhGeN14001] C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\D-Link AirPlus.lnk = C:\Program Files\D-Link AirPlus\AIRPLUS.EXE (D-Link)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\nous_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\nous\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1296732266702 (WUWebControl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe) - C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\dotnet3.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnet3[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnet3[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx30SP1setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx35setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\dotnetfx3setup[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP1_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx20SP2_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx30SP1_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_ia64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx35_x86[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64.exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64[1].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O27 - HKLM IFEO\NetFx64[2].exe: Debugger - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\DotNetFxInstallBlock.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/02 12:40:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^nous^Menu Démarrer^Programmes^Démarrage^Notification de cadeaux MSN.lnk - C:\Documents and Settings\nous\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe - (Microsoft Corporation)
MsConfig - StartUpReg: [b]CTFMON.EXE[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]KPeerNexonEU[/b] - hkey= - key= - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
MsConfig - StartUpReg: [b]SweetIM[/b] - hkey= - key= - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Logiciel de navigation hors connexion
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Aide sur Internet Explorer
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Outils d'installation Internet Explorer
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Améliorations pour la navigation
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Accès au site MSN
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Liaison de données Dynamic HTML
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Polices de base Internet Explorer
ActiveX: {CAAFB8F9-F8D1-3D27-9AAA-6301A4429440} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - Aide HTML
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/12/09 08:29:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/12/08 16:22:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001
[2011/12/03 01:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nous\Local Settings\Application Data\Help
[2011/12/03 01:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nous\Application Data\Help
[2011/11/22 09:45:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2011/11/21 14:04:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\McAfee Security Scan Plus
[2011/11/18 09:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2011/11/18 09:39:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2011/11/18 09:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2011/11/18 09:38:51 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/12/09 09:00:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/09 08:17:00 | 000,001,144 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1957994488-682003330-1003UA.job
[2011/12/08 05:17:04 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1957994488-682003330-1003Core.job
[2011/12/07 15:05:18 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\nous\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/07 03:14:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/03 06:17:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/12/02 15:03:40 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\D2Info0
[2011/12/02 15:03:40 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_1
[2011/12/02 15:02:46 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_2
[2011/11/28 16:02:11 | 000,267,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/11/28 15:31:33 | 000,001,785 | ---- | M] () -- C:\Documents and Settings\nous\Bureau\Age of Empires.lnk
[2011/11/28 15:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Games
[2011/11/21 14:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\McAfee Security Scan Plus
[2011/11/21 14:04:59 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk
[2011/11/21 14:04:59 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
[2011/11/19 12:21:59 | 000,002,255 | ---- | M] () -- C:\Documents and Settings\nous\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/19 12:21:58 | 000,002,277 | ---- | M] () -- C:\Documents and Settings\nous\Bureau\Google Chrome.lnk
[2011/11/18 09:43:49 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2011/11/18 09:43:49 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2011/11/15 17:16:29 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\nous\Mes documents\spider.sav
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/11/28 15:31:33 | 000,001,785 | ---- | C] () -- C:\Documents and Settings\nous\Bureau\Age of Empires.lnk
[2011/11/21 14:04:59 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk
[2011/11/18 09:43:49 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2011/11/18 09:43:49 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2011/11/15 17:16:29 | 000,000,372 | ---- | C] () -- C:\Documents and Settings\nous\Mes documents\spider.sav
[2011/11/10 14:39:30 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\nous\Bureau\VLC media player skinned.lnk
[2011/09/24 12:20:48 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini
[2011/09/07 14:09:52 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\PnkBstrK.sys
[2011/09/07 14:09:52 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011/09/07 14:09:24 | 000,214,520 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011/09/07 14:09:16 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011/06/24 09:55:39 | 000,136,088 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/06/24 09:48:38 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/06/19 03:22:47 | 000,000,529 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/04/23 04:29:38 | 000,000,124 | ---- | C] () -- C:\WINDOWS\Sierra.ini
[2011/04/12 03:02:57 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011/03/01 13:57:28 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_4
[2011/02/10 12:44:06 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/02/10 12:32:26 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2011/02/07 13:08:44 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_3
[2011/02/05 14:44:04 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\nous\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/04 13:24:55 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_1
[2011/02/03 15:14:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2011/02/03 12:50:25 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\D2Info0
[2011/02/03 12:50:25 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\nous\Application Data\DofusAppId0_2
[2011/02/03 08:14:41 | 000,003,796 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/03 07:52:10 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011/02/03 06:46:14 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2011/02/03 06:28:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/02/02 12:43:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/02/02 12:37:38 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/02 12:31:08 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/02 12:30:13 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/03/05 11:48:22 | 000,048,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\cwmtdi.sys
[2006/02/13 15:29:25 | 000,121,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2004/08/19 18:09:27 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2003/09/02 08:33:30 | 000,040,636 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLANGEN.bin
[2003/07/27 04:02:16 | 000,000,964 | ---- | C] () -- C:\WINDOWS\System32\drivers\RADIO11.bin
[2003/07/25 04:24:32 | 000,000,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\RADIO0d.bin
[2003/05/18 13:04:46 | 000,000,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\RADIO15.bin
[2001/10/04 06:56:27 | 000,544,244 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2001/10/04 06:56:27 | 000,474,580 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/10/04 06:56:27 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2001/10/04 06:56:27 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/10/04 06:56:26 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2001/10/04 06:56:26 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/10/04 06:56:25 | 000,089,596 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2001/10/04 06:56:25 | 000,075,070 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/10/04 06:56:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/10/04 06:55:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/10/04 06:55:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/10/04 06:55:04 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/10/04 06:54:36 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1997/06/14 03:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[color=#E56717]========== LOP Check ==========[/color]
[2011/02/03 12:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\app
[2011/06/24 09:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Canneverbe Limited
[2011/12/02 14:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Dofus 2
[2011/02/03 12:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/02/07 13:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/03/01 13:57:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/02/04 13:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/06/28 08:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\FOG Downloader
[2011/09/18 07:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\IMVU
[2011/05/21 08:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\IMVUClient
[2011/02/15 10:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\My Games
[2011/06/24 09:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\OpenCandy
[2011/12/09 08:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\PriceGong
[2011/02/03 12:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/11/02 13:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nous\Application Data\TuneUp Software
[2011/02/03 06:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/06/24 09:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/12/09 07:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001
[2011/02/03 07:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ma-config.com
[2011/02/08 12:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2011/03/31 06:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU
[2011/04/30 08:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM
[2011/11/02 13:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011/11/02 12:59:58 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011/09/26 05:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[color=#A23BEC]< MD5 for: AEC.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:aec.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:aec.sys
[2004/08/04 00:39:36 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=841F385C6CFAF66B58FBD898722BB4F0 -- C:\WINDOWS\ServicePackFiles\i386\aec.sys
[2004/08/04 00:39:36 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=841F385C6CFAF66B58FBD898722BB4F0 -- C:\WINDOWS\system32\drivers\aec.sys
[2001/07/23 19:25:14 | 000,122,472 | ---- | M] (Microsoft Corporation) MD5=B45A744CA0A15A59D8B0307CE9741E92 -- C:\WINDOWS\$NtServicePackUninstall$\aec.sys
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004/08/04 01:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2001/10/04 06:54:18 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004/08/04 00:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2004/08/04 00:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004/08/04 00:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
[2001/10/04 06:54:25 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=CB762E814F602229A574F4D78D3D6A30 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys
[2004/08/04 00:59:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2004/08/04 00:59:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys
[2001/10/04 06:54:37 | 000,033,664 | ---- | M] (Microsoft Corporation) MD5=43A10CD19D648E57ED039A6CAA667A56 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2001/10/04 06:55:08 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=21625DD16C2B397E3F69341E1D7E72BF -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004/08/19 18:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004/08/19 18:09:25 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\system32\eventlog.dll
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2004/08/19 18:09:53 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\explorer.exe
[2004/08/19 18:09:53 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2001/10/04 06:55:08 | 001,005,056 | ---- | M] (Microsoft Corporation) MD5=9E20A8EF0CA524446AFEE29F4423CC8F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[color=#A23BEC]< MD5 for: MOUNTMGR.SYS >[/color]
[2004/08/04 00:58:30 | 000,042,240 | ---- | M] (Microsoft Corporation) MD5=65653F3B4477F3C63E68A9659F85EE2E -- C:\WINDOWS\ServicePackFiles\i386\mountmgr.sys
[2004/08/04 00:58:30 | 000,042,240 | ---- | M] (Microsoft Corporation) MD5=65653F3B4477F3C63E68A9659F85EE2E -- C:\WINDOWS\system32\drivers\mountmgr.sys
[2001/10/04 06:55:41 | 000,037,504 | ---- | M] (Microsoft Corporation) MD5=D4FACE53A1C48CF8419B4CF494D2EE2E -- C:\WINDOWS\$NtServicePackUninstall$\mountmgr.sys
[color=#A23BEC]< MD5 for: MRXSMB.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:mrxsmb.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:mrxsmb.sys
[2004/08/04 01:15:16 | 000,451,456 | ---- | M] (Microsoft Corporation) MD5=1FD607FC67F7F7C633C3DA65BFC53D18 -- C:\WINDOWS\ServicePackFiles\i386\mrxsmb.sys
[2004/08/04 01:15:16 | 000,451,456 | ---- | M] (Microsoft Corporation) MD5=1FD607FC67F7F7C633C3DA65BFC53D18 -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2001/10/04 06:55:43 | 000,407,680 | ---- | M] (Microsoft Corporation) MD5=A3AD34D36242E92C86B0C1BFBD131255 -- C:\WINDOWS\$NtServicePackUninstall$\mrxsmb.sys
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2001/10/04 06:56:03 | 000,161,536 | ---- | M] (Microsoft Corporation) MD5=3EFD4F59BA0A340DE0A3AB984001DBF7 -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004/08/04 01:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004/08/04 01:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2001/10/04 06:56:04 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=5C6CAFA21A45A3F51DB9C2B699D98D7B -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/19 18:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004/08/19 18:09:36 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\system32\netlogon.dll
[color=#A23BEC]< MD5 for: RASACD.SYS >[/color]
[2001/10/04 06:56:38 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys
[2001/10/04 06:56:38 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2001/10/04 06:56:43 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=414426B3CCD8D9A2AADFB9A9A4538F66 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004/08/19 18:09:39 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004/08/19 18:09:39 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< MD5 for: TERMDD.SYS >[/color]
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:termdd.sys
[2011/02/03 07:20:52 | 022,282,803 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:termdd.sys
[2001/08/18 00:38:00 | 000,037,896 | ---- | M] (Microsoft Corporation) MD5=68B71EB2E79F60640B4B3A1A714317E5 -- C:\WINDOWS\$NtServicePackUninstall$\termdd.sys
[2004/08/19 18:10:17 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=A540A99C281D933F3D69D55E48727F47 -- C:\WINDOWS\ServicePackFiles\i386\termdd.sys
[2004/08/19 18:10:17 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=A540A99C281D933F3D69D55E48727F47 -- C:\WINDOWS\system32\drivers\termdd.sys
[color=#A23BEC]< MD5 for: WIN32K.SYS >[/color]
[2001/10/04 06:57:21 | 001,799,808 | ---- | M] (Microsoft Corporation) MD5=32F14C4C8C7A9E6F1A58705DF6E07B9C -- C:\WINDOWS\$NtServicePackUninstall$\win32k.sys
[2004/08/19 18:00:55 | 001,836,032 | ---- | M] (Microsoft Corporation) MD5=6B8D8840CC7D6C822FD159613D61EBA3 -- C:\WINDOWS\ServicePackFiles\i386\win32k.sys
[2004/08/19 18:00:55 | 001,836,032 | ---- | M] (Microsoft Corporation) MD5=6B8D8840CC7D6C822FD159613D61EBA3 -- C:\WINDOWS\system32\win32k.sys
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2004/08/19 18:10:04 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004/08/19 18:10:04 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\system32\winlogon.exe
[2001/10/04 06:57:24 | 000,434,176 | ---- | M] (Microsoft Corporation) MD5=7486A7D62930D64E83CD847C3C69E7CC -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2004/08/19 18:09:22 | 000,148,480 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dnsapi.dll
[2004/08/19 18:09:34 | 000,281,600 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\mstask.dll
[2004/08/19 18:09:36 | 000,067,072 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ntdsapi.dll
[2004/08/19 18:09:40 | 001,483,776 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\shdocvw.dll
[2004/08/19 18:09:40 | 008,440,320 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\shell32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lo
Utilisateur anonyme
9 déc. 2011 à 15:46
9 déc. 2011 à 15:46
Re
Pour transmettre le rapport clique sur ce lien :
http://pjjoint.malekal.com/
https://www.cjoint.com/
Sélectionne le fichier
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
@+
Pour transmettre le rapport clique sur ce lien :
http://pjjoint.malekal.com/
https://www.cjoint.com/
Sélectionne le fichier
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
@+
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 15:48
9 déc. 2011 à 15:48
voici le lien :
http://cjoint.com/11dc/ALjpV6VL5Jg.htm
http://cjoint.com/11dc/ALjpV6VL5Jg.htm
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 15:50
9 déc. 2011 à 15:50
ça ne me donne pas de lien en .txt
Utilisateur anonyme
9 déc. 2011 à 16:04
9 déc. 2011 à 16:04
Re
* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK
http://imagesup.org/image
* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX
:OTL
O4 - HKU\nous_ON_C..\Run: [gC14001JhGeN14001] C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe ()
O20 - HKLM Winlogon: Shell - (C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe) - C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe ()
tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse
@+
* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK
http://imagesup.org/image
* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX
:OTL
O4 - HKU\nous_ON_C..\Run: [gC14001JhGeN14001] C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe ()
O20 - HKLM Winlogon: Shell - (C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe) - C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe ()
tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse
@+
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 16:12
9 déc. 2011 à 16:12
Voici le rapport
========== OTL ==========
Registry value HKEY_USERS\nous_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\gC14001JhGeN14001 deleted successfully.
C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe deleted successfully.
File C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 12092011_160918
========== OTL ==========
Registry value HKEY_USERS\nous_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\gC14001JhGeN14001 deleted successfully.
C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe deleted successfully.
File C:\Documents and Settings\All Users\Application Data\gC14001JhGeN14001\gC14001JhGeN14001.exe not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 12092011_160918
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 16:13
9 déc. 2011 à 16:13
je dois partir dans une dizaine de minutes pour chercher mon fils au collège. j'en aurais pour au moins 3/4 d'heure aller retour.
Utilisateur anonyme
9 déc. 2011 à 16:15
9 déc. 2011 à 16:15
Re
Pas de soucis .
A ton retour ;essaie de démarrer ton PC normalement.
Cela fonctionne t' il?
@+
Pas de soucis .
A ton retour ;essaie de démarrer ton PC normalement.
Cela fonctionne t' il?
@+
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 16:16
9 déc. 2011 à 16:16
Je vais essayer dès maintenant et je te tiens au courant
merci.
merci.
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 16:21
9 déc. 2011 à 16:21
Et voilà,
l'ordinateur démarre impeccable et il a de nouveau accès à internet. Et plus aucune trace de Security sphère.
Je te remercie beaucoup de ton aide.
Bye
Cécile
l'ordinateur démarre impeccable et il a de nouveau accès à internet. Et plus aucune trace de Security sphère.
Je te remercie beaucoup de ton aide.
Bye
Cécile
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 16:22
9 déc. 2011 à 16:22
D'ailleurs j'écris depuis la chambre de mon fils... encore merci.
Bonne soirée
Bye
Bonne soirée
Bye
Utilisateur anonyme
9 déc. 2011 à 16:23
9 déc. 2011 à 16:23
Re
Ce n'est pas fini...
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien :
http://pjjoint.malekal.com/
https://www.cjoint.com/
Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
A+
Ce n'est pas fini...
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien :
http://pjjoint.malekal.com/
https://www.cjoint.com/
Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
A+
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 17:47
9 déc. 2011 à 17:47
re
voici le rapport :
https://www.cjoint.com/?ALjrViW0zB5
voici le rapport :
https://www.cjoint.com/?ALjrViW0zB5
Utilisateur anonyme
9 déc. 2011 à 17:58
9 déc. 2011 à 17:58
Re
Utilisation de l'outil ZHPFix :
* Copie tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )
-------------------------------------------------------------------------------------------------
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: Modified
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} . (.PriceGong - PriceGong Comparative Shopping Tool.) -- C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll
O42 - Logiciel: PriceGong 2.1.0 - (.PriceGong.) [HKLM] -- PriceGong
[HKCU\Software\PriceGong]
O43 - CFD: 30/04/2011 - 14:45:18 - [0,728] ----D- C:\Program Files\PriceGong
O43 - CFD: 24/06/2011 - 15:48:18 - [2,133] ----D- C:\Documents and Settings\nous\Application Data\OpenCandy
O43 - CFD: 09/12/2011 - 17:33:12 - [3,750] ----D- C:\Documents and Settings\nous\Application Data\PriceGong
O43 - CFD: 25/06/2011 - 10:26:28 - [0] ----D- C:\Documents and Settings\nous\Local Settings\Application Data\OpenCandy
[HKLM\Software\Classes\AppID\PriceGongIE.DLL]
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong]
[HKLM\Software\Classes\PriceFactorIE.PriceGongBHO]
[HKLM\Software\Classes\PriceFactorIE.PriceGongBHO.1]
[HKLM\Software\Classes\PriceGongIE.PriceGongCtrl]
[HKLM\Software\Classes\PriceGongIE.PriceGongCtrl.1]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}]
[HKLM\Software\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}]
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}]
[HKLM\Software\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}]
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}]
C:\Program Files\PriceGong
C:\Documents and Settings\nous\Application Data\OpenCandy
C:\Documents and Settings\nous\Application Data\PriceGong
C:\Documents and Settings\nous\Local Settings\Application Data\OpenCandy
M3 - MFPP: Plugins - [nous] -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\searchplugins\sweetim.xml
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar Helper Module.) (4, 1, 0, 3) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O42 - Logiciel: SweetIM Toolbar for Internet Explorer 4.1 - (.SweetIM Technologies Ltd..) [HKLM] -- {A1194237-547A-461d-BD44-B97B1574A7DA}
[HKCU\Software\SweetIM]
[HKLM\Software\SweetIM]
O43 - CFD: 30/04/2011 - 14:43:44 - [8,441] ----D- C:\Program Files\SweetIM
[HKLM\Software\Classes\sim-packages]
[HKLM\Software\Classes\sweetie.ietoolbar]
[HKLM\Software\Classes\sweetie.ietoolbar.1]
[HKLM\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook]
[HKLM\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1]
[HKLM\Software\Classes\Toolbar3.sweetie]
[HKLM\Software\Classes\Toolbar3.sweetie.1]
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}]
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A1194237-547A-461d-BD44-B97B1574A7DA}]
[HKLM\Software\Classes\Interface\{eee6c358-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Classes\Interface\{eee6c35a-6118-11dc-9c72-001320c79847}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Classes\CLSID\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Classes\TypeLib\{eee6c35e-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Classes\TypeLib\{eee6c35f-6118-11dc-9c72-001320c79847}]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}]
[HKCU\Software\SweetIM]
[HKLM\Software\SweetIM]
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM]
C:\Program Files\SweetIM
C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\SearchPlugins\sweetim.xml
FirewallRAZ
Emptytemp
--------------------------------------------------------------------------------------------
Puis lance ZHPFix depuis le raccourci du bureau. Sous Vista :Clic droit sur l'icône ZHPFix.exe
« Exécuter en tant qu'administrateur »
.
* Une fois l'outil ZHPFix ouvert, clique sur le bouton [ H ] ( "coller les lignes Helper" ) .
*Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
*Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
-> laisse travailler l'outil et ne touche à rien ...
-> Si il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le !
Une fois terminé, un nouveau rapport s'affiche : poste le contenu de ce dernier dans ta prochaine réponse ...
( ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ ZHPFixReport.txt )
A+
Utilisation de l'outil ZHPFix :
* Copie tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )
-------------------------------------------------------------------------------------------------
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: Modified
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} . (.PriceGong - PriceGong Comparative Shopping Tool.) -- C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll
O42 - Logiciel: PriceGong 2.1.0 - (.PriceGong.) [HKLM] -- PriceGong
[HKCU\Software\PriceGong]
O43 - CFD: 30/04/2011 - 14:45:18 - [0,728] ----D- C:\Program Files\PriceGong
O43 - CFD: 24/06/2011 - 15:48:18 - [2,133] ----D- C:\Documents and Settings\nous\Application Data\OpenCandy
O43 - CFD: 09/12/2011 - 17:33:12 - [3,750] ----D- C:\Documents and Settings\nous\Application Data\PriceGong
O43 - CFD: 25/06/2011 - 10:26:28 - [0] ----D- C:\Documents and Settings\nous\Local Settings\Application Data\OpenCandy
[HKLM\Software\Classes\AppID\PriceGongIE.DLL]
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong]
[HKLM\Software\Classes\PriceFactorIE.PriceGongBHO]
[HKLM\Software\Classes\PriceFactorIE.PriceGongBHO.1]
[HKLM\Software\Classes\PriceGongIE.PriceGongCtrl]
[HKLM\Software\Classes\PriceGongIE.PriceGongCtrl.1]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}]
[HKLM\Software\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}]
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}]
[HKLM\Software\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}]
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}]
C:\Program Files\PriceGong
C:\Documents and Settings\nous\Application Data\OpenCandy
C:\Documents and Settings\nous\Application Data\PriceGong
C:\Documents and Settings\nous\Local Settings\Application Data\OpenCandy
M3 - MFPP: Plugins - [nous] -- C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\searchplugins\sweetim.xml
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar Helper Module.) (4, 1, 0, 3) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O42 - Logiciel: SweetIM Toolbar for Internet Explorer 4.1 - (.SweetIM Technologies Ltd..) [HKLM] -- {A1194237-547A-461d-BD44-B97B1574A7DA}
[HKCU\Software\SweetIM]
[HKLM\Software\SweetIM]
O43 - CFD: 30/04/2011 - 14:43:44 - [8,441] ----D- C:\Program Files\SweetIM
[HKLM\Software\Classes\sim-packages]
[HKLM\Software\Classes\sweetie.ietoolbar]
[HKLM\Software\Classes\sweetie.ietoolbar.1]
[HKLM\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook]
[HKLM\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1]
[HKLM\Software\Classes\Toolbar3.sweetie]
[HKLM\Software\Classes\Toolbar3.sweetie.1]
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}]
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A1194237-547A-461d-BD44-B97B1574A7DA}]
[HKLM\Software\Classes\Interface\{eee6c358-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Classes\Interface\{eee6c35a-6118-11dc-9c72-001320c79847}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Classes\CLSID\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Classes\TypeLib\{eee6c35e-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Classes\TypeLib\{eee6c35f-6118-11dc-9c72-001320c79847}]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}]
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}]
[HKCU\Software\SweetIM]
[HKLM\Software\SweetIM]
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM]
C:\Program Files\SweetIM
C:\Documents and Settings\nous\Application Data\Mozilla\Firefox\Profiles\57v8ls16.default\SearchPlugins\sweetim.xml
FirewallRAZ
Emptytemp
--------------------------------------------------------------------------------------------
Puis lance ZHPFix depuis le raccourci du bureau. Sous Vista :Clic droit sur l'icône ZHPFix.exe
« Exécuter en tant qu'administrateur »
.
* Une fois l'outil ZHPFix ouvert, clique sur le bouton [ H ] ( "coller les lignes Helper" ) .
*Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
*Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
-> laisse travailler l'outil et ne touche à rien ...
-> Si il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le !
Une fois terminé, un nouveau rapport s'affiche : poste le contenu de ce dernier dans ta prochaine réponse ...
( ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ ZHPFixReport.txt )
A+
Beloune
Messages postés
194
Date d'inscription
samedi 12 mai 2007
Statut
Membre
Dernière intervention
4 octobre 2024
18
9 déc. 2011 à 18:10
9 déc. 2011 à 18:10
re
voici le rapport :
https://www.cjoint.com/?ALjsktfxzqu
voici le rapport :
https://www.cjoint.com/?ALjsktfxzqu