Ordi bloqué par virus gendarmerie

felicita61 -  
 Utilisateur anonyme -
Bonjour,

Je suis allée sur plusieurs forums parlant de ce problème et rien ne marche :
- ni le redémarrage en mode sans échec
- ni le redémarrage en mode sans échec avec prise en charge réseau
- ni redémarrage invite de commandes sans échec
- ni dernière bonne configuration connue

A chaque fois, j'ai un écran noir et je ne peux rien faire.

J'ai téléchargé le fichier "Malwarebyte's Anti-Malware" sur une clé usb mais cela ne sert à rien si je ne peux accéder à rien. Au démarrage normal, la fenêtre du du virus bloque toutes les commandes.

SVP, que puis-je faire ? J'ai windows XP familiale.

Merci d'avance.
A voir également:

31 réponses

  • 1
  • 2
Réponse 1 / 31
Utilisateur anonyme
 
salut fais ceci et reviens poster les rapport ici comme indiqué :

https://gen-hackman.kanak.fr/
2
Réponse 2 / 31
felicita61 Messages postés 22 Statut Membre
 
Salut,

Merci pour ta réponse. Lorsque j'ai lancé OTLPE.exe, je n'avais pas c: windows ou d:windows mais j'avais à la place : "Cyriaque et Félicia, localservice, networkservice ou systemprofile". J'ai choisi Cyriaque et Félicia.
Voici les 2 rapports :

rapport OLT.txt

OTL logfile created on: 30/03/2012 19:51:32 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Program Files\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 47,43 Gb Total Space | 24,57 Gb Free Space | 51,81% Space Free | Partition Type: FAT32
Drive D: | 45,48 Gb Total Space | 12,90 Gb Free Space | 28,37% Space Free | Partition Type: FAT32
Drive E: | 306,32 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 244,63 Mb Total Space | 57,84 Mb Free Space | 23,65% Space Free | Partition Type: FAT
Drive X: | 256,26 Mb Total Space | 253,83 Mb Free Space | 99,05% Space Free | Partition Type: NTFS

Computer Name: MININT-JMVF359 | User Name: Système
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004

[color=#E56717]========== Win32 Services (All) ==========/color

SRV - File not found [Disabled] -- -- (HidServ)
SRV - File not found [On_Demand] -- -- (getPlus(R) Helper) getPlus(R)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2012/03/29 17:38:26 | 000,138,416 | ---- | M] (Boxore OU.) [Auto] -- C:\Program Files\Software\Update\SoftwareUpdate.exe -- (supdate) Software Update Service (supdate)
SRV - [2011/07/20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010/08/27 07:58:58 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2010/08/17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010/08/11 23:21:40 | 000,188,416 | ---- | M] (Canal+ Active) [Auto] -- C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe -- (CanalPlus.VOD)
SRV - [2010/05/22 15:25:08 | 000,135,664 | ---- | M] (Google Inc.) [On_Demand] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem) Service Google Update (gupdatem)
SRV - [2010/05/22 15:25:08 | 000,135,664 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Service Google Update (gupdate)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/28 00:17:34 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2009/07/28 00:17:34 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/28 00:17:34 | 000,135,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2009/07/25 05:23:10 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/07/21 17:42:04 | 000,602,112 | ---- | M] (ATI Technologies Inc.) [Auto] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009/07/21 10:40:00 | 000,593,920 | ---- | M] () [Auto] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009/06/10 08:15:18 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2009/04/20 18:18:46 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/03/25 20:52:50 | 000,183,280 | ---- | M] (Google) [Auto] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/02/09 13:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009/02/09 13:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009/02/09 12:53:56 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Appel de procédure distante (RPC)
SRV - [2009/02/09 12:53:56 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2008/12/03 20:05:42 | 000,053,760 | ---- | M] (Hewlett-Packard) [Auto] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/12/03 20:05:32 | 000,044,544 | ---- | M] (Hewlett-Packard) [Auto] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008/07/29 21:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 19:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 11:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008/07/07 22:28:20 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/06/20 17:03:54 | 000,247,808 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) NLA (Network Location Awareness)
SRV - [2008/04/14 04:34:28 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008/04/14 04:34:26 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/14 04:34:26 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2008/04/14 04:34:22 | 000,142,848 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008/04/14 04:34:22 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/14 04:34:20 | 000,100,352 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008/04/14 04:34:16 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/14 04:34:16 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/14 04:34:14 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/14 04:34:12 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008/04/14 04:34:12 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2008/04/14 04:34:10 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Localisateur d'appels de procédure distante (RPC)
SRV - [2008/04/14 04:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/14 04:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/14 04:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/14 04:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/14 04:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 04:34:08 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/14 04:34:06 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\fxssvc.exe -- (Fax)
SRV - [2008/04/14 04:34:00 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/14 04:34:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/14 04:34:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2008/04/14 04:33:58 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/14 04:33:58 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2008/04/14 04:33:54 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/14 04:33:52 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/14 04:33:52 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008/04/14 04:33:50 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/14 04:33:50 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/14 04:33:48 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA)
SRV - [2008/04/14 04:33:48 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008/04/14 04:33:48 | 000,178,176 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008/04/14 04:33:48 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/14 04:33:48 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008/04/14 04:33:48 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/14 04:33:46 | 000,297,984 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/14 04:33:46 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/14 04:33:46 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 04:33:46 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/14 04:33:46 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/04/14 04:33:40 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/14 04:33:40 | 000,293,376 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)
SRV - [2008/04/14 04:33:40 | 000,194,560 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/14 04:33:40 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/14 04:33:40 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/14 04:33:40 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/14 04:33:40 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 04:33:38 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/14 04:33:36 | 000,438,272 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/14 04:33:34 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/14 04:33:32 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/14 04:33:30 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/14 04:33:28 | 000,332,800 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/14 04:33:28 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
SRV - [2008/04/14 04:33:28 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\irmon.dll -- (Irmon)
SRV - [2008/04/14 04:33:28 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 04:33:24 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost) Service Protocole EAP (Extensible Authentication Protocol)
SRV - [2008/04/14 04:33:24 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/14 04:33:22 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/14 04:33:22 | 000,127,488 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/14 04:33:22 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 04:33:22 | 000,024,576 | ---- | M] (Microsoft Corp.) [On_Demand] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/14 04:33:20 | 000,077,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/14 04:33:20 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/14 04:33:20 | 000,030,208 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\bthserv.dll -- (BthServ)
SRV - [2008/04/14 04:33:20 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2006/11/03 09:59:14 | 000,918,016 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/18 21:47:16 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2006/09/28 18:56:14 | 000,055,808 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc)
SRV - [2004/08/16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) [Auto] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)
SRV - [2004/08/05 05:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)


[color=#E56717]========== Driver Services (All) ==========/color

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Disabled] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled] -- -- (ultra)
DRV - File not found [Kernel | Disabled] -- -- (TosIde)
DRV - File not found [Kernel | Disabled] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled] -- -- (symc810)
DRV - File not found [Kernel | Disabled] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled] -- -- (Simbad)
DRV - File not found [Kernel | Disabled] -- -- (ql1280)
DRV - File not found [Kernel | Disabled] -- -- (ql1240)
DRV - File not found [Kernel | Disabled] -- -- (ql12160)
DRV - File not found [Kernel | Disabled] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled] -- -- (ql1080)
DRV - File not found [Kernel | Disabled] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled] -- -- (perc2)
DRV - File not found [Kernel | Boot] -- -- (PenClass)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled] -- -- (mraid35x)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled] -- -- (ini910u)
DRV - File not found [Kernel | Disabled] -- -- (i2omp)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | Disabled] -- -- (hpn)
DRV - File not found [Kernel | Disabled] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled] -- -- (dac2w2k)
DRV - File not found [Kernel | Disabled] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled] -- -- (CmdIde)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | Disabled] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled] -- -- (Atdisk)
DRV - File not found [Kernel | System] -- -- (aswTdi)
DRV - File not found [Kernel | System] -- -- (aswSP)
DRV - File not found [File_System | Auto] -- -- (aswMon2)
DRV - File not found [File_System | Auto] -- -- (aswFsBlk)
DRV - File not found [Kernel | Disabled] -- -- (asc3550)
DRV - File not found [Kernel | Disabled] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled] -- -- (asc)
DRV - File not found [Kernel | Disabled] -- -- (amsint)
DRV - File not found [Kernel | Disabled] -- -- (AliIde)
DRV - File not found [Kernel | Disabled] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled] -- -- (Abiosdsk)
DRV - File not found [Kernel | System] -- -- (Aavmker4)
DRV - [2012/01/09 17:20:24 | 000,139,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2011/08/17 14:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2011/07/15 14:29:32 | 000,456,320 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011/07/08 15:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011/04/21 14:37:44 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011/02/17 14:18:04 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/11/02 16:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2009/10/20 17:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/07/21 18:30:48 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/06/24 13:18:42 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008/10/28 12:27:08 | 000,049,920 | R--- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2008/10/28 12:27:08 | 000,021,568 | R--- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2008/10/28 12:27:08 | 000,016,496 | R--- | M] (HP) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2008/06/20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/06/14 19:33:38 | 000,272,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bthport.sys -- (BTHPORT)
DRV - [2008/04/14 04:34:54 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/14 04:34:52 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/14 04:10:04 | 000,073,600 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/14 04:09:54 | 000,120,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/14 04:09:48 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/14 04:09:40 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport)
DRV - [2008/04/14 04:05:14 | 000,025,216 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/14 04:05:12 | 000,154,496 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/14 04:05:08 | 000,800,256 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/14 04:04:36 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/14 04:03:26 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/14 04:03:26 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\intelide.sys -- (IntelIde)
DRV - [2008/04/14 04:00:52 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/14 04:00:08 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2008/04/14 03:57:38 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/14 03:57:34 | 000,058,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/14 03:56:04 | 000,053,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/14 03:53:18 | 000,023,680 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/14 03:53:06 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/14 03:52:42 | 000,188,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 21:28:40 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 21:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 21:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 21:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) Miniport réseau étendu (PPTP)
DRV - [2008/04/13 21:19:44 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) Miniport réseau étendu (L2TP)
DRV - [2008/04/13 21:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 21:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 21:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 21:15:54 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 21:14:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 21:14:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 20:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 20:57:28 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 20:57:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 20:57:16 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 20:57:08 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 20:56:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (usb_rndis)
DRV - [2008/04/13 20:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 20:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 20:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 20:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 20:54:36 | 000,088,192 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\irda.sys -- (irda)
DRV - [2008/04/13 20:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 20:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 20:51:34 | 000,101,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bthpan.sys -- (BthPan) Périphérique Bluetooth (réseau personnel)
DRV - [2008/04/13 20:51:26 | 000,061,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nic1394.sys -- (NIC1394)
DRV - [2008/04/13 20:51:26 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\arp1394.sys -- (Arp1394)
DRV - [2008/04/13 20:51:26 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 20:47:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 20:46:34 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BthEnum.sys -- (BthEnum)
DRV - [2008/04/13 20:46:32 | 000,059,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rfcomm.sys -- (RFCOMM) Périphérique Bluetooth (TDI protocole RFCOMM)
DRV - [2008/04/13 20:46:30 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bthusb.sys -- (BTHUSB)
DRV - [2008/04/13 20:46:26 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nabtsfec.sys -- (NABTSFEC)
DRV - [2008/04/13 20:46:24 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wstcodec.sys -- (WSTCODEC)
DRV - [2008/04/13 20:46:24 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdecode.sys -- (CCDECODE)
DRV - [2008/04/13 20:46:24 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slip.sys -- (SLIP)
DRV - [2008/04/13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2008/04/13 20:46:22 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2008/04/13 20:46:18 | 000,061,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ohci1394.sys -- (ohci1394) Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface)
DRV - [2008/04/13 20:45:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 20:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (usbstor)
DRV - [2008/04/13 20:45:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 20:45:36 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 20:45:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 20:45:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud) Filtre de décodeur DRM (Noyau Microsoft)
DRV - [2008/04/13 20:45:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 20:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 20:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 20:45:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2008/04/13 20:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 20:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 20:40:50 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 20:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 20:40:26 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 20:40:26 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 20:39:54 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 20:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 20:39:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 20:39:50 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mstee.sys -- (MSTEE)
DRV - [2008/04/13 20:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 20:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 20:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 20:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 20:36:38 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/04/13 20:36:38 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/04/13 20:33:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2008/04/13 20:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 20:32:40 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 20:32:40 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 20:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 18:39:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec) Suppresseur d'écho acoustique (Noyau Microsoft)
DRV - [2008/02/29 18:44:24 | 000,020,747 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2007/11/13 11:25:54 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/10/18 20:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2006/09/28 19:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2006/09/28 18:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf)
DRV - [2006/01/12 19:46:28 | 000,252,928 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/11/19 03:13:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2004/09/27 10:25:36 | 000,006,912 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2004/08/16 11:06:04 | 000,160,896 | ---- | M] (Inprocomm, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\i2220ntx.sys -- (IPN2220)
DRV - [2004/08/05 05:00:00 | 000,126,080 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2004/08/05 05:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2004/08/05 05:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2004/08/05 05:00:00 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2004/08/05 05:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2004/08/05 05:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/05 05:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2004/08/05 05:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004/08/05 05:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2004/08/05 05:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/05 05:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2004/08/05 05:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2004/08/05 05:00:00 | 000,006,912 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/08/05 05:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2004/08/05 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2004/08/05 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2004/08/05 05:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2004/08/05 05:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2004/08/05 05:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2004/08/02 21:09:18 | 000,635,281 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/05/07 10:44:54 | 000,182,688 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/04/13 15:48:32 | 001,266,380 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/02/24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/12/05 18:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/11/21 15:20:10 | 000,113,152 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2003/09/14 15:27:50 | 000,018,838 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2002/04/23 13:08:12 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2001/11/25 04:11:54 | 000,081,924 | ---- | M] (FUJI PHOTO FILM CO.,LTD.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\V4CB0115.SYS -- (FINEPIX_PCC)
DRV - [2001/08/23 17:20:50 | 000,006,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\serscan.sys -- (StillCam)
DRV - [2001/08/23 17:15:46 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001/08/23 17:04:42 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001/08/17 21:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001/08/17 21:51:32 | 000,019,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasirda.sys -- (Rasirda) Miniport réseau étendu (IrDA)


[color=#E56717]========== Standard Registry (All) ==========/color


[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Cyriaque_et_Félicia_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Cyriaque_et_Félicia_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\Cyriaque_et_Félicia_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Cyriaque_et_Félicia_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Cyriaque_et_Félicia_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\Cyriaque_et_Félicia_ON_C\Software\Microsoft\Internet Explorer\Search,AutoSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/saautosearch.aspx
IE - HKU\Cyriaque_et_Félicia_ON_C\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKU\Cyriaque_et_Félicia_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\Cyriaque_et_Félicia_ON_C\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - File not found
IE - HKU\Cyriaque_et_Félicia_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0






[color=#E56717]========== FireFox ==========/color

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "https://www.google.fr/?gws_rd=ssl"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.13


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canalplus.fr/Assistants VOD,version=1.0.0.0: C:\Program Files\Canal\Canal Widget\VOD\npCpVod.dll (Canal+ Active)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8: C:\Program Files\Software\Update\1.2.195.0\npSoftwareOneClick8.dll (Boxore OU.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/22 23:02:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/02/23 09:02:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/25 11:03:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/25 11:03:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/03/10 11:07:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2009/10/25 11:04:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Mozilla\Extensions
[2009/10/25 11:04:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/25 11:04:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Mozilla\Firefox\Profiles\k0egi6h6.default\extensions
[2010/11/22 18:36:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Mozilla\Firefox\Profiles\k0egi6h6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/30 15:38:30 | 000,002,195 | ---- | M] () -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Mozilla\Firefox\Profiles\k0egi6h6.default\searchplugins\MyStart Search.xml
[2009/10/25 11:03:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/25 11:03:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/11/03 20:54:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\CYRIAQUE ET FéLICIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\K0EGI6H6.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2009/02/23 09:02:20 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/10 21:28:10 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2010/11/10 21:28:12 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/07/25 05:23:02 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2006/10/26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2010/11/10 21:28:56 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2012/01/03 08:22:02 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2010/11/10 21:29:06 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/11/10 21:29:06 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/11/10 21:29:06 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/11/10 21:29:06 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2010/11/10 21:29:06 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/11/10 21:29:06 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
[2011/11/30 15:44:56 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

O1 HOSTS File: ([2004/08/05 05:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (TBSB02609 Class) - {C0924543-15FD-4F3D-889C-0B4562A9CB45} - File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (searchweb) - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - File not found
O3 - HKU\Cyriaque_et_Félicia_ON_C\..\Toolbar\WebBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Cyriaque_et_Félicia_ON_C\..\Toolbar\WebBrowser: (&Liens) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\Cyriaque_et_Félicia_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Cyriaque_et_Félicia_ON_C\..\Toolbar\WebBrowser: (searchweb) - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Boxore Client] C:\Program Files\Boxore\BoxoreClient\boxore.exe (Boxore OU)
O4 - HKLM..\Run: [Canal Widget] C:\Program Files\Canal\Canal Widget\Launcher.exe (Canal+)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PCMService] C:\Program Files\Aspire Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Update] C:\WINDOWS\system32\cgs8h0.exe ()
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\Cyriaque_et_Félicia_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\Cyriaque_et_Félicia_ON_C..\Run: [Kujytuo] C:\Documents and Settings\Cyriaque et Félicia\Application Data\kujytuo\kujytuo.exe ()
O4 - HKU\Cyriaque_et_Félicia_ON_C..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKU\Cyriaque_et_Félicia_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\LocalService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Exif Launcher.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Ralink Wireless Utility.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Cyriaque_et_Félicia_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_15.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: searchweb - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - File not found
O9 - Extra 'Tools' menuitem : searchweb - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\
0
Réponse 3 / 31
felicita61 Messages postés 22 Statut Membre
 
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_15.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: searchweb - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - File not found
O9 - Extra 'Tools' menuitem : searchweb - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} http://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-chargeur Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Démon de cache des catégories de composant - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/09/27 10:06:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2007/07/26 19:43:50 | 000,000,086 | ---- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{ed0b7c12-3ba0-11dc-b0d2-000fb0622ef5}\Shell\AutoRun\command - "" = G:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found



[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

[2012/03/30 19:46:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/03/30 19:35:16 | 000,000,000 | -HSD | C] -- C:\FOUND.002
[2012/03/29 17:38:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Software
[2012/03/29 17:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\Boxore
[2012/03/29 17:33:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Software
[2012/03/29 17:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\Software
[2012/03/29 17:33:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Local Settings\Application Data\Software
[2012/03/29 17:33:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Menu Démarrer\Programmes\PlayerPlus
[2012/03/29 17:32:45 | 000,000,000 | ---D | C] -- C:\Program Files\PlayerPlus
[2012/03/29 14:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\Searchgo
[2012/03/29 14:56:56 | 002,153,384 | ---- | C] (Conduit) -- C:\Documents and Settings\Cyriaque et Félicia\Bureau\searchgo.exe
[2012/03/29 14:56:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\kujytuo
[2012/03/20 20:21:09 | 000,000,000 | ---D | C] -- C:\Navilog1
[2012/03/20 20:21:08 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2012/03/16 18:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Mes documents\factures
[2012/03/11 10:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Local Settings\Application Data\ATI
[2012/03/11 10:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\ATI
[2012/03/11 10:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ATI
[2012/03/11 10:47:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Catalyst Control Center
[2012/03/11 10:43:51 | 000,475,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll
[2012/03/11 10:43:51 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIDEMGX.dll
[2012/03/11 10:43:51 | 000,290,816 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiok3x2.dll
[2012/03/11 10:43:51 | 000,045,056 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalrt.dll
[2012/03/11 10:43:50 | 003,227,648 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticaldd.dll
[2012/03/11 10:43:50 | 000,126,976 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll
[2012/03/11 10:43:50 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibrtmon.exe
[2012/03/11 10:43:50 | 000,045,056 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalcl.dll
[2012/03/11 10:43:48 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll
[2012/03/11 10:43:48 | 000,049,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\amdpcom32.dll
[2012/03/10 12:40:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Menu Démarrer\Programmes\Panicware
[2012/03/10 11:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Local Settings\Application Data\Thunderbird
[2012/03/10 11:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Thunderbird
[2012/03/10 11:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012/03/04 09:01:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Local Settings\Application Data\PCHealth
[2012/03/04 08:57:45 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/03/04 08:56:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Menu Démarrer\Programmes\Démarrage
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[2012/03/30 19:39:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/30 19:36:38 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/03/30 19:35:48 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\SoftwareUpdateTaskMachineCore.job
[2012/03/30 19:35:48 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/30 19:35:22 | 1340,592,128 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/29 19:43:36 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2012/03/29 19:43:02 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\SoftwareUpdateTaskMachineUA.job
[2012/03/29 18:20:30 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/29 17:49:08 | 000,146,432 | ---- | M] () -- C:\WINDOWS\System32\cgs8h0.exe
[2012/03/29 17:33:06 | 000,000,614 | ---- | M] () -- C:\Documents and Settings\Cyriaque et Félicia\Bureau\PlayerPlus.exe.lnk
[2012/03/29 17:15:34 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E16AEA57-C175-42B6-B770-C01DC25A44C9}.job
[2012/03/29 15:14:28 | 003,221,504 | ---- | M] () -- C:\Documents and Settings\Cyriaque et Félicia\Bureau\SetupWebV2.msi
[2012/03/29 14:57:02 | 002,153,384 | ---- | M] (Conduit) -- C:\Documents and Settings\Cyriaque et Félicia\Bureau\searchgo.exe
[2012/03/26 18:05:08 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/25 10:48:30 | 001,990,592 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/22 20:31:48 | 000,059,735 | ---- | M] () -- C:\Documents and Settings\Cyriaque et Félicia\Bureau\DSCF2655.JPG
[2012/03/20 20:20:32 | 000,231,593 | ---- | M] () -- C:\Documents and Settings\Cyriaque et Félicia\Bureau\Navilog1.exe
[2012/03/19 18:07:34 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/03/14 13:49:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/03/11 10:50:20 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2012/03/11 10:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Catalyst Control Center
[2012/03/10 20:40:10 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk
[2012/03/10 20:40:10 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2012/03/10 11:07:20 | 000,001,594 | ---- | M] () -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012/03/04 08:57:28 | 000,503,060 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012/03/04 08:57:28 | 000,434,668 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/04 08:57:28 | 000,082,382 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012/03/04 08:57:28 | 000,068,954 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/03 20:20:40 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamax Poker.lnk
[2012/03/03 19:52:04 | 000,144,384 | ---- | M] () -- C:\Documents and Settings\Cyriaque et Félicia\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========/color

[2012/03/29 17:49:15 | 000,146,432 | ---- | C] () -- C:\WINDOWS\System32\cgs8h0.exe
[2012/03/29 17:33:09 | 000,001,100 | ---- | C] () -- C:\WINDOWS\tasks\SoftwareUpdateTaskMachineUA.job
[2012/03/29 17:33:09 | 000,001,096 | ---- | C] () -- C:\WINDOWS\tasks\SoftwareUpdateTaskMachineCore.job
[2012/03/29 17:33:04 | 000,000,614 | ---- | C] () -- C:\Documents and Settings\Cyriaque et Félicia\Bureau\PlayerPlus.exe.lnk
[2012/03/29 15:14:18 | 003,221,504 | ---- | C] () -- C:\Documents and Settings\Cyriaque et Félicia\Bureau\SetupWebV2.msi
[2012/03/22 20:31:46 | 000,059,735 | ---- | C] () -- C:\Documents and Settings\Cyriaque et Félicia\Bureau\DSCF2655.JPG
[2012/03/20 20:20:29 | 000,231,593 | ---- | C] () -- C:\Documents and Settings\Cyriaque et Félicia\Bureau\Navilog1.exe
[2012/03/11 10:50:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/03/11 10:46:03 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2012/03/11 10:43:51 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012/03/11 10:43:51 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012/03/11 10:43:51 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012/03/11 10:43:51 | 000,152,496 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap
[2012/03/11 10:43:51 | 000,015,577 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2012/03/11 10:43:51 | 000,007,167 | ---- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2012/03/10 20:40:08 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk
[2012/03/10 20:40:08 | 000,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2012/03/10 11:07:18 | 000,001,594 | ---- | C] () -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2012/03/03 20:20:39 | 000,000,588 | ---- | C] () -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamax Poker.lnk
[2012/02/23 10:25:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/05/08 18:34:01 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/05/08 12:06:03 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2009/10/25 11:03:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/03/04 18:52:34 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
[2008/02/29 18:46:16 | 000,311,296 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2008/02/29 18:46:16 | 000,290,918 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2008/02/29 18:46:16 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt73.bin
[2007/10/31 09:39:54 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2007/08/15 15:48:18 | 000,000,414 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2007/08/15 15:48:14 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007/08/13 18:58:09 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\msnsupport.exe
[2007/08/13 18:58:09 | 000,025,900 | ---- | C] () -- C:\WINDOWS\System32\libweb.dll
[2007/08/08 18:55:36 | 000,144,384 | ---- | C] () -- C:\Documents and Settings\Cyriaque et Félicia\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/26 20:37:00 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2007/05/17 13:58:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll
[2004/09/27 11:23:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/09/27 10:28:30 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2004/09/27 10:28:29 | 000,000,319 | ---- | C] () -- C:\WINDOWS\uninstall.ini
[2004/09/27 10:28:29 | 000,000,222 | ---- | C] () -- C:\WINDOWS\FlashSaver.dat
[2004/09/27 10:25:34 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\ntiembed.dll
[2004/09/27 10:25:05 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2004/09/27 10:25:05 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2004/09/27 10:20:04 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2004/09/27 10:15:24 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2004/09/27 10:15:21 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2004/09/27 10:15:21 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2004/09/27 10:15:21 | 000,001,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2004/09/27 10:15:21 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxhweq.dat
[2004/09/27 10:10:59 | 000,037,684 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/09/27 10:10:59 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMOVE.EXE
[2004/09/27 10:09:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/09/27 10:03:57 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/09/27 10:02:25 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/09/27 09:57:31 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/09/27 09:56:30 | 001,990,592 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2001/12/26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1980/01/01 00:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[1980/01/01 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[1980/01/01 00:00:00 | 000,589,824 | ---- | C] () -- C:\WINDOWS\ANTIV.EXE
[1980/01/01 00:00:00 | 000,503,060 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[1980/01/01 00:00:00 | 000,434,668 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[1980/01/01 00:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[1980/01/01 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[1980/01/01 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[1980/01/01 00:00:00 | 000,082,382 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[1980/01/01 00:00:00 | 000,068,954 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[1980/01/01 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[1980/01/01 00:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[1980/01/01 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[1980/01/01 00:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[1980/01/01 00:00:00 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1980/01/01 00:00:00 | 000,004,500 | ---- | C] () -- C:\WINDOWS\System32\FILTRCOI.DLL
[1980/01/01 00:00:00 | 000,002,790 | ---- | C] () -- C:\WINDOWS\ANTIV.INI
[1980/01/01 00:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[1980/01/01 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1980/01/01 00:00:00 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ALaunch.ini

[color=#E56717]========== LOP Check ==========/color

[2007/08/15 15:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\FUJIFILM
[2007/12/30 20:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\BSplayer
[2007/12/30 20:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\BSplayer Pro
[2008/10/27 19:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Microgaming
[2009/02/13 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\SecondLife
[2010/10/06 13:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
[2010/10/06 14:42:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Partouche Poker
[2011/11/30 15:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Toolbar4
[2011/11/30 15:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Babylon
[2012/03/10 11:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Thunderbird
[2012/03/29 14:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\kujytuo
[2011/11/30 15:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2011/11/30 15:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2011/11/30 15:44:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2011/11/30 15:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator
[2012/03/29 17:15:34 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E16AEA57-C175-42B6-B770-C01DC25A44C9}.job
[2012/03/30 19:35:48 | 000,001,096 | ---- | M] () -- C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineCore.job
[2012/03/29 19:43:02 | 000,001,100 | ---- | M] () -- C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineUA.job

[color=#E56717]========== Purity Check ==========/color



[color=#E56717]========== Custom Scans ==========/color



[color=#A23BEC]< MD5 for: EXPLORER.EXE >/color
[2004/08/05 05:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007/06/13 15:10:54 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 15:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/14 04:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 04:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >/color
[2004/08/05 05:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >/color
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\system32\*.ini >/color
[2004/08/05 05:00:00 | 001,015,477 | ---- | M] () -- C:\WINDOWS\system32\esentprf.ini
[2004/08/05 05:00:00 | 000,003,030 | ---- | M] () -- C:\WINDOWS\system32\perfci.ini
[2004/08/05 05:00:00 | 000,001,293 | ---- | M] () -- C:\WINDOWS\system32\perffilt.ini
[2004/08/05 05:00:00 | 000,002,994 | ---- | M] () -- C:\WINDOWS\system32\perfwci.ini
[2004/08/05 05:00:00 | 000,000,367 | ---- | M] () -- C:\WINDOWS\system32\prodspec.ini
[2004/08/05 05:00:00 | 000,014,073 | ---- | M] () -- C:\WINDOWS\system32\pschdprf.ini
[2004/08/05 05:00:00 | 000,006,212 | ---- | M] () -- C:\WINDOWS\system32\rasctrs.ini
[2004/08/05 05:00:00 | 000,015,937 | ---- | M] () -- C:\WINDOWS\system32\rsvp.ini
[2004/08/05 05:00:00 | 000,053,478 | ---- | M] () -- C:\WINDOWS\system32\tcpmon.ini
[2004/08/05 05:00:00 | 000,000,002 | ---- | M] () -- C:\WINDOWS\system32\desktop.ini
[2003/05/20 14:15:50 | 000,037,684 | ---- | M] () -- C:\WINDOWS\system32\OEMINFO.INI
[2012/03/04 08:57:26 | 001,100,880 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2004/08/05 05:00:00 | 000,003,712 | ---- | M] () -- C:\WINDOWS\system32\fxsperf.ini
[2004/08/05 05:00:00 | 000,003,914 | ---- | M] () -- C:\WINDOWS\system32\msdtcprf.ini
[2004/08/05 05:00:00 | 000,027,768 | ---- | M] () -- C:\WINDOWS\system32\tslabels.ini
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\Tasks\*.* >/color
[2004/08/05 05:00:00 | 000,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2012/03/30 19:35:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2012/03/30 19:36:38 | 000,001,000 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2012/03/30 19:35:48 | 000,001,052 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012/03/29 18:20:30 | 000,001,056 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012/03/29 17:15:34 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{E16AEA57-C175-42B6-B770-C01DC25A44C9}.job
[2012/03/30 19:35:48 | 000,001,096 | ---- | M] () -- C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineCore.job
[2012/03/29 19:43:02 | 000,001,100 | ---- | M] () -- C:\WINDOWS\Tasks\SoftwareUpdateTaskMachineUA.job

[color=#A23BEC]< %systemroot%\system32\Tasks\*.* >/color

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >/color

[color=#A23BEC]< %systemroot%\System32\config\*.sav >/color
[2004/09/27 09:55:56 | 000,430,080 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
[2004/09/27 09:55:56 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004/09/27 09:55:56 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >/color

[color=#A23BEC]< %systemroot%\system32\*.sys >/color
[2004/08/05 05:00:00 | 000,009,037 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2004/08/05 05:00:00 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2004/08/05 05:00:00 | 000,004,912 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2004/08/05 05:00:00 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/05 05:00:00 | 000,027,916 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2004/08/05 05:00:00 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2004/08/05 05:00:00 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2004/08/05 05:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2004/08/05 05:00:00 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2008/04/13 20:45:00 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2004/08/05 05:00:00 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2004/08/05 05:00:00 | 000,034,000 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/05 05:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/05 05:00:00 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/05 05:00:00 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/05 05:00:00 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2012/02/03 10:58:02 | 001,860,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa /s >/color
"Authentication Packages" = msv1_0 [binary data] -- [2009/09/11 15:18:20 | 000,136,192 | ---- | M] (Microsoft Corporation)
"Bounds" = 0 [binary data]
"Security Packages" = kerberosmsv1_0schannelwdigest [binary data]
"ImpersonatePrivilegeUpgradeToolHasRun" = 1
"LsaPid" = 1064
"SecureBoot" = 1
"auditbaseobjects" = 0
"crashonauditfail" = 0
"disabledomaincreds" = 0
"everyoneincludesanonymous" = 0
"fipsalgorithmpolicy" = 0
"forceguest" = 1
"fullprivilegeauditing" = [binary data]
"limitblankpassworduse" = 1
"lmcompatibilitylevel" = 0
"nodefaultadminowner" = 1
"nolmhash" = 0
"restrictanonymous" = 0
"restrictanonymoussam" = 1
"Notification Packages" = scecli [binary data] -- [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders]
"ProviderOrder" = Windows NT Access Provider [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders\Windows NT Access Provider]
"ProviderPath" = %SystemRoot%\system32\ntmarta.dll -- [2008/04/14 04:33:36 | 000,119,808 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit\PerUserAuditing]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit\PerUserAuditing\System]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Data]
"Pattern" = 9F 8F 4F F7 F6 25 08 BF 0E 15 31 B9 63 B3 AB E4 39 62 34 62 33 39 32 33 00 00 00 00 A9 A1 00 00 18 CA 06 00 99 D0 B5 71 04 CA 06 00 10 00 00 00 00 00 00 00 23 CD B7 1B 7F 82 4B 67 A1 8C BB 9B [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\GBG]
"GrafBlumGroup" = 69 A1 62 23 8F B8 F1 30 71 [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\JD]
"Lookup" = 5E B3 09 4A 21 57 [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos\Domains]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos\SidCache]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\msv1_0]
"ntlmminclientsec" = 0
"ntlmminserversec" = 0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Skew1]
"SkewMatrix" = D2 B1 3C 41 B4 05 9A 84 F0 D6 B7 42 5D 40 37 9C [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO\Passport1.4]
"SSOURL" = http://www.passport.com
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache]
"Time" = F8 A5 DE A0 67 37 C9 01 [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache\digest.dll]
"Name" = Digest
"Comment" = Digest SSPI Authentication Package
"Capabilities" = 16464
"RpcId" = 65535
"Version" = 1
"TokenSize" = 65535
"Time" = 00 ED 02 4A E0 9D C8 01 [binary data]
"Type" = 49
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache\msapsspc.dll]
"Name" = DPA
"Comment" = DPA Security Package
"Capabilities" = 55
"RpcId" = 17
"Version" = 1
"TokenSize" = 768
"Time" = 00 A1 C7 4E E0 9D C8 01 [binary data]
"Type" = 49
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache\msnsspc.dll]
"Name" = MSN
"Comment" = MSN Security Package
"Capabilities" = 55
"RpcId" = 18
"Version" = 1
"TokenSize" = 768
"Time" = 00 CE F8 4F E0 9D C8 01 [binary data]
"Type" = 49

[color=#A23BEC]< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon >/color
"AutoRestartShell" = 1
"DefaultDomainName" = ACER-4F6EC417F4
"DefaultUserName" = Cyriaque et Félicia
"LegalNoticeCaption" =
"LegalNoticeText" =
"PowerdownAfterShutdown" = 0
"ReportBootOk" = 1
"Shell" = Explorer.exe -- [2008/04/14 04:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation)
"ShutdownWithoutLogon" = 0
"System" =
"Userinit" = C:\WINDOWS\system32\userinit.exe,
"VmApplet" = rundll32 shell32,Control_RunDLL "sysdm.cpl"
"SfcQuota" = -1
"allocatecdroms" = 0
"allocatedasd" = 0
"allocatefloppies" = 0
"cachedlogonscount" = 10
"forceunlocklogon" = 0
"passwordexpirywarning" = 14
"scremoveoption" = 0
"AllowMultipleTSSessions" = 1
"UIHost" = logonui.exe -- [2008/04/14 04:34:10 | 000,515,584 | ---- | M] (Microsoft Corporation)
"LogonType" = 1
"Background" = 0 0 0
"DebugServerCommand" = no
"SFCDisable" = 0
"WinStationsDisabled" = 0
"HibernationPreviouslyEnabled" = 1
"ShowLogonOptions" = 0
"AltDefaultUserName" = Cyriaque et Félicia
"AltDefaultDomainName" = ACER-4F6EC417F4
"ChangePasswordUseKerberos" = 1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SCLogon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts]
< End of report >
0
Réponse 4 / 31
Utilisateur anonyme
 
ok t'as pas bien lu il est demandé d'heberger les rapports
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 31
felicita61 Messages postés 22 Statut Membre
 
rapport extras.txt

OTL Extras logfile created on: 30/03/2012 19:51:32 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Program Files\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): C:\pagefile.sys 1920 3840 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 47,43 Gb Total Space | 24,57 Gb Free Space | 51,81% Space Free | Partition Type: FAT32
Drive D: | 45,48 Gb Total Space | 12,90 Gb Free Space | 28,37% Space Free | Partition Type: FAT32
Drive E: | 306,32 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 244,63 Mb Total Space | 57,84 Mb Free Space | 23,65% Space Free | Partition Type: FAT
Drive X: | 256,26 Mb Total Space | 253,83 Mb Free Space | 99,05% Space Free | Partition Type: NTFS

Computer Name: MININT-JMVF359 | User Name: Système
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004

[color=#E56717]========== Extra Registry (All) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
"427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"E:\setup\hpznui01.exe" = E:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" = C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule
"C:\Program Files\SecondLife\SLVoice.exe" = C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player
"C:\Program Files\Zattoo\zattood.exe" = C:\Program Files\Zattoo\zattood.exe:*:Enabled:zattood
"E:\setup\hpznui01.exe" = E:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\IncrediMail\Bin\IncMail.exe" = C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail
"C:\Program Files\IncrediMail\Bin\ImApp.exe" = C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail
"C:\Program Files\IncrediMail\Bin\ImpCnt.exe" = C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0002040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Standard
"{006E6A46-8D55-4F10-BBA8-2C9653B4278B}" = Software Update Helper
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0893078B-8A9A-84D6-D393-119B9B0B033A}" = CCC Help French
"{09B6B322-325F-4A5F-9051-830ED194A1A7}" = CANAL WIDGET
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0E2A60F7-2907-5718-FF16-7D8FAF70051E}" = CCC Help Chinese Standard
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{14FAE013-AE19-4FC9-B5BF-E56ADC01ECE6}" = CCC Help Turkish
"{17BB2784-6EE4-D7FF-FE63-58A3AD2B3708}" = CCC Help Russian
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18FF8DB9-922C-41C9-AA29-6DA648D6B071}" = Acer GridVista
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{233588CF-96D5-46AF-EF74-7EC382662791}" = Catalyst Control Center Graphics Full Existing
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.3.0
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Aspire Arcade 3.0
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 15
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3260ECBC-9DDF-E7A3-0863-449473BC7BD5}" = CCC Help Chinese Traditional
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39C6C229-CFFD-639E-229A-E463FCD87478}" = CCC Help German
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{497BCFDD-F589-448D-A1C3-78D1B1809CCC}" = Boxore Client
"{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"{4F11FC80-CE8C-1BD4-5C39-EBE5744E5135}" = CCC Help Portuguese
"{4FAB2BA7-E16C-95D2-F326-60A68409373F}" = Catalyst Control Center HydraVision Full
"{529AA9A8-5020-6CFB-A809-BC5943C87077}" = CCC Help Thai
"{53604297-26FD-516D-6FF7-1063BA64A0A4}" = Catalyst Control Center Graphics Light
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{55BD3B0B-F054-9341-514F-295A5F7EA450}" = CCC Help Spanish
"{5A4FA9C8-ED56-08C3-153B-FC5C19256290}" = CCC Help Dutch
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{6C390D51-E5F0-4FCD-24C4-731ACAF34571}" = CCC Help Japanese
"{75B3963E-2D52-0E21-A92F-321161FB90CD}" = Winamax Poker
"{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator
"{7AA8FA9A-1656-7DBD-633B-FE7A62BBED0C}" = CCC Help Czech
"{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C22131B-8634-CECF-F0D1-A2ECC160B450}" = CCC Help Norwegian
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90FBE4D0-2ACA-A8A8-2CC4-CFFBAE528504}" = CCC Help Finnish
"{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}" = Adobe Illustrator CS
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D74375E-3012-E7D2-9229-B220C91F326A}" = Catalyst Control Center Core Implementation
"{9EE8BDCA-7505-4895-D91E-8108DD16292E}" = CCC Help English
"{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8AF8BD3-61B5-7945-4D1B-217421F604FC}" = CCC Help Hungarian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA46E1C5-A709-6D9B-D99D-92E4C6E042A9}" = CCC Help Korean
"{AA62A33C-9E5E-3913-7D88-7E58A8CB1493}" = CCC Help Greek
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B653F643-A1B4-9936-2DB6-FEA9A3110D8D}" = ccc-core-preinstall
"{B71C4637-0247-78CE-6A3D-D61645CB8921}" = ccc-utility
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BC2E7C0B-1AC6-5F6C-F31D-E1E72D8E0B5C}" = CCC Help Danish
"{BF8C7DA7-2DE6-ED67-6C82-6BE82F8BA8D3}" = Catalyst Control Center Graphics Full New
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C409F338-BB20-6C4A-F40D-20CA07AF714C}" = CCC Help Polish
"{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R)
"{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live
"{D4B7B2DC-E688-A9D6-6EC0-56AE540E074C}" = Catalyst Control Center Localization All
"{D9CD701B-3F04-FC69-D974-F3A7F5E9BA30}" = CCC Help Swedish
"{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}" = Catalyst Control Center - Branding
"{E213321B-1E88-B38D-DAB2-D8CB9355984A}" = Skins
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink Wireless LAN Card
"{EC86822D-3A20-11D5-801B-00E029348F40}" = SMSC IrCC Driver V5.1.2462.0 (WinXP)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4148D8F-ED3A-3097-509C-04D5560220F9}" = ccc-core-static
"{F7E68997-E626-952B-A7BF-F72066CD5D77}" = Catalyst Control Center Graphics Previews Common
"{FA36C82B-464D-51F2-A6A1-0BC9140BE067}" = CCC Help Italian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
"ArcSoft VideoImpression 16FP" = ArcSoft VideoImpression 1.6FP
"Aspire Series" = Aspire Series
"ATI Display Driver" = ATI Display Driver
"Google Updater" = Outil de mise à jour Google
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.3.0
"InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"InstallShield_{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker Gold
"LManager" = Launch Manager
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.13)" = Mozilla Firefox (3.5.13)
"Mozilla Thunderbird 11.0.1 (x86 fr)" = Mozilla Thunderbird 11.0.1 (x86 fr)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Neuf_Kit" = Neuf - Kit de connexion
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"PlayerPlus" = PlayerPlus
"PROPLUS" = Microsoft Office Professional Plus 2007
"Q828026" = Correctif pour le Lecteur Windows Media [Voir Q828026 pour plus d'informations]
"QuickTime" = QuickTime
"searchweb" = searchweb
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC Player" = VLC Player
"wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1" = Winamax Poker
"WinamaxPoker" = Winamax Poker (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

< End of report >

Merci d'avance pour ton aide.
0
Réponse 6 / 31
Utilisateur anonyme
 
lis ce que j ai ecrit plus haut
0
Réponse 7 / 31
felicita61 Messages postés 22 Statut Membre
 
Désolée, j'avais pas fais attention à cette partie.

https://pjjoint.malekal.com/files.php?id=20120331_n8s7b11h12s14


https://pjjoint.malekal.com/files.php?id=20120331_d12t57g11s7

ça devrait être bon cette fois-ci.

Merci.
0
Réponse 8 / 31
Utilisateur anonyme
 
quelle poubelle !! ^^

===========

ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.


▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous "Personnalisation" (custom scan/fixes):



:OTL
IE - HKU\Cyriaque_et_Félicia_ON_C\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - File not found
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - HKLM\Software\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8: C:\Program Files\Software\Update\1.2.195.0\npSoftwareOneClick8.dll (Boxore OU.)
[2011/11/30 15:38:30 | 000,002,195 | ---- | M] () -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Mozilla\Firefox\Profiles\k0egi6h6.default\searchplugins\MyStart Search.xml
[2009/11/03 20:54:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2011/11/30 15:44:56 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (TBSB02609 Class) - {C0924543-15FD-4F3D-889C-0B4562A9CB45} - File not found
O3 - HKLM\..\Toolbar: (searchweb) - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - File not found
O4 - HKU\Cyriaque_et_Félicia_ON_C..\Run: [Kujytuo] C:\Documents and Settings\Cyriaque et Félicia\Application Data\kujytuo\kujytuo.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Exif Launcher.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Ralink Wireless Utility.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = File not found
O9 - Extra Button: searchweb - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - File not found
O9 - Extra 'Tools' menuitem : searchweb - {CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - File not found
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
[2012/03/29 17:38:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Software
[2012/03/29 17:33:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Software
[2012/03/29 17:33:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Local Settings\Application Data\Software
[2012/03/29 14:56:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\kujytuo
[2012/03/29 14:57:02 | 002,153,384 | ---- | M] (Conduit) -- C:\Documents and Settings\Cyriaque et Félicia\Bureau\searchgo.exe
[1980/01/01 00:00:00 | 000,589,824 | ---- | C] () -- C:\WINDOWS\ANTIV.EXE
[1980/01/01 00:00:00 | 000,002,790 | ---- | C] () -- C:\WINDOWS\ANTIV.INI
[2011/11/30 15:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Toolbar4
[2011/11/30 15:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cyriaque et Félicia\Application Data\Babylon
[2011/11/30 15:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Photo Notifier and Animation Creator

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=-
"MSPY2002"=-
"PHIME2002A"=-
"PHIME2002ASync"=-
"Update"=-
[HKU\Cyriaque_et_Félicia_ON_C\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=-

:Files
C:\WINDOWS\system32\cgs8h0.exe

▶ Clique sur "Correction"(RunFix) pour lancer la suppression.


▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
0
Réponse 9 / 31
felicita61 Messages postés 22 Statut Membre
 
Je pensai pas que c'était à ce point là quand même !

voilà le rapport :

https://pjjoint.malekal.com/files.php?id=20120331_q13z10u7b14q9
0
Réponse 10 / 31
Utilisateur anonyme
 
vire le cd et redemarre ton pc normalement ?
0
Réponse 11 / 31
felicita61 Messages postés 22 Statut Membre
 
Ouahhhh !
C'est revenu à la normale !
Je suis impressionnée !
Le virus a t-il totalement disparu ?
En tous cas je te dois une fière chandelle. Merci beaucoup.
0
Réponse 12 / 31
Utilisateur anonyme
 
telecharge et enregistre Pre_Scan sur ton bureau :

http://sd-4.archive-host.com/membres/up/829108531491024/Pre_Scan.exe

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"

si l'outil est bloqué par l'infection utilise cette version renommée winlogon.exe :

http://sd-4.archive-host.com/membres/up/829108531491024/winlogon.exe

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan


NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider

=============

pour faire evoluer l'outil , l'auteur a besoin du fichier reboot.txt qui se trouve dans le Dossier C:\Pre_scan

relance pre_scan , clic sur "Explore" , puis "Internet" , puis "Upload"
une page internet va s'ouvrir , clic sur Upload , puis "parcourir" , jusqu'au fichier Reboot.txt , puis envoie le fichier

ce fichier texte (que tu peux ouvrir par curiosité) , contient uniquement ce qui concerne les fichiers infectieux ou des noms de repertoires qui serviront à créer une liste blanche.

0
Réponse 13 / 31
felicita61 Messages postés 22 Statut Membre
 
J'ai lancé pré-scan.exe et le bureau est éteint depuis 10 minutes. C'est toujours normal ?
0
Réponse 14 / 31
Utilisateur anonyme
 
eteint comment ca ?
0
Réponse 15 / 31
felicita61 Messages postés 22 Statut Membre
 
je n'ai plus d'icones
0
Réponse 16 / 31
Utilisateur anonyme
 
rien ne se passe ?

j'ai pas vu d antivirus dans le rapport OTL , t'en as pas ?
0
Réponse 17 / 31
felicita61 Messages postés 22 Statut Membre
 
il faut que je le remette mais pour l'instant je n'en ai plus.
0
Réponse 18 / 31
felicita61 Messages postés 22 Statut Membre
 
j'ai rallumé l'ordi et cette fois ça a l'air de marcher
0
Réponse 19 / 31
felicita61 Messages postés 22 Statut Membre
 
ah non toujours pas. il a ouvert la fenêtre de pre-scan. j'ai cliqué sur kill et depuis plus d'icones sur le bureau.
0
Réponse 20 / 31
felicita61 Messages postés 22 Statut Membre
 
Avant de ne plus rien faire, la fenêtre suivante s'affiche :

message "autolt error"
Line 13183 (File"C:\Documents and Settings\Cyriaque et Félicia\Bureau\Pre_scan.exe") :
Error : Error parsing function call.
0