Virus police & gendarmerie national

Résolu/Fermé
-
 P-importe -
Bonjour j'ai un gros soucis, comme vous le savez il y a le virus police et gendarmerie qui circule et bloque l'ordinateur et ils demandent une rançon. J'ai essayer de suivre les nombreux forum qu'il y a pour le supprimer mais sans résultat. J'ai un ordinateur asus sous windows XP.
Je vous explique avant l'apparition du logo Windows au démarrage j'ai tapé sur la touche F8 comme dit dans le forum et je chois le mode " invite de commande en mode sans echec " et la au lieux d'avoir la fenêtre pour saisir les information mon ordinateur s'éteint et se rallume et me redemande qu'elle mode sélectionné. Je suis a cour de solution si vous voulez bien m'aider se serai super cool je commence a être désespéré.

20 réponses


Bonsoir

Il te reste l'option LiveCD

Télécharge OTLPE sur le bureau.
Prépare un CD vierge
Utilise un logiciel de gravure dont tu disposes.
Ou celui-ci Cdburner
Attention il s'agit de graver une imageISO
Note : Le CD gravé, il faut maintenant redémarrer la machine sur le lecteur CDROM
Pour se faire suivre ce lien : Booter sur un CD
Tuto OTLPE

Tu lances l'iso d'OTLPE que tu as gravé.
Tu choisis le lecteur ou est installé ton système d'exploitation (par défaut C)
Et ensuite Windows
* une fois le bureau de reatogo chargé , tu lances OTLPE , l'icône jaune

* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", select Yes
* Tu choisis ta session
* Sous Vista et Seven il faut développer l'arborescence du lecteur C qui par défaut embarque Windows et arriver sur le dossier Windows.
Rappel :Tutorial ici : https://forum.malekal.com/viewtopic.php?t=23453&start=
Ensuite
* sous Custom Scan box
1) copie_colle le contenu du cadre ci dessous:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
cdrom.sys
disk.sys
ndis.sys
mountmgr.sys
aec.sys
rasacd.sys
mrxsmb10.sys
mrxsmb20.sys
termdd.sys
mrxsmb.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
explorer.exe
winlogon.exe
wininit.exe
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT


* copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.

* 2) Clic Run Scan pour démarrer le scan.
* Une fois terminé , le fichier se trouve là C:\OTL.txt
* Copie_colle le contenu dans ta prochaine réponse.


@+
Je vais voir sa et je vous tien au jus.
Mais rassure moi si je suis tes indication es ce que je retrouverai toute mes donné et le virus sera supprimé ?

Re

Dans le meilleur des cas :tu récupères Windows

Dans le pire:
Sauvegarde de toutes tes données avant mise à plat.

@+
c'est a dire sauvegarde de toutes tes données avant mise a plat ?

Re

On met sur une autre partition ou un support divers tous tes fichiers importants
Mais on n'en est pas là...

Avance
Merci

@+
ok je t'envoi un message dés que j'ai fait les manipes et je te dit ou j'en suis dans la soirée
merci

@+

Re

Commence par le CDLive ;merci

@+
c'est bon j'ai réussi toute les étapes . Par conséquent j'ai pu reprendre les fichiers qui était important de façon a en faire une sauvegarde sur mon autre pc . Qu'elle sont les prochaines étapes a faire de façon a retrouver mon ordinateur comme avant ?

Quand vous me dite " Copie_colle le contenu dans ta prochaine réponse. "

Vous voulez le compte rendu du Run scan ? ( car il ya beaucoup beaucoup de chose .

Re

Je ne t'ai pas demandé de procéder à une sauvegarde.

Tu sais lire;non?

@+
Oui je c'est bien mais d'ici peu de temps j'ai des oraux et je ne peus pas me permettre de perdre ses documents.

Que faut il faire maintenant si vous pouvez m'aider .
Je ne peut rien faire de plus pour retrouver mon ordinateur ?

Re

Si;

Tu peux appliquer ceci

@+
comment sa de refaire la manipulation ? comment supprimer le virus ?
J'ai déjà fait toute les manipulation que vous m'avez dit et je vous en remercie mais une fois fait le run scan que faut il que je fasse ?
Messages postés
13766
Date d'inscription
lundi 2 mars 2009
Statut
Contributeur
Dernière intervention
26 janvier 2022
4 796
slt,

Guillaume5188 ne peut pas t'aider si tu ne fournis pas le rapport demandé !!!
a d'accord
Messages postés
8
Date d'inscription
samedi 26 mai 2012
Statut
Membre
Dernière intervention
26 mai 2012

Je n'arrive pas a posté le rapport . Guillaume5188 es ce que je peu vous le posté autrement ?
Messages postés
13766
Date d'inscription
lundi 2 mars 2009
Statut
Contributeur
Dernière intervention
26 janvier 2022
4 796
Il n'est pas dans le coin pour le moment, tu peux faire héberger ton rapport ici :

https://www.cjoint.com/ ou bien ici : http://pjjoint.malekal.com/

Il faudra juste nous donner le lien correspondant au rapport.
Messages postés
8
Date d'inscription
samedi 26 mai 2012
Statut
Membre
Dernière intervention
26 mai 2012

Mais il n'y a aucun risque a ce que je donne le rapport ?
Et es ce que vous arriveriez a ce que je retrouve mon ordinateur comme avant ou pas ?
Sinon je l'envoi chez l'informaticien ...
Messages postés
8
Date d'inscription
samedi 26 mai 2012
Statut
Membre
Dernière intervention
26 mai 2012

??
Messages postés
13766
Date d'inscription
lundi 2 mars 2009
Statut
Contributeur
Dernière intervention
26 janvier 2022
4 796
Non il n'y a pas de risque à donner le rapport.

Guillaume5188 n'est pas n'importe qui, c'est un contributeur sécurité, donc quelqu'un de vraiment compétent, je te conseille de lui faire confiance pour la désinfection, bien sûr il n'y a aucune garantie de succès mais tu n'as rien à perdre, au mieux ta machine refonctionnera comme avant, au pire tu feras une sauvegarde de tes données importantes et tu iras chez l'informaticien du coin qui te facturera au bas mot 50 euros pour formater et réinstaller windows.

Si tu veux aller directement chez l'informaticien, libre à toi, le choix t'appartient.
Messages postés
8
Date d'inscription
samedi 26 mai 2012
Statut
Membre
Dernière intervention
26 mai 2012

D'accord je te remercie pour ses informations J'envoi le rapport de donner en attendant de vos nouvelles je vous remercie.
Messages postés
8
Date d'inscription
samedi 26 mai 2012
Statut
Membre
Dernière intervention
26 mai 2012

OTL logfile created on: 5/25/2012 11:27:57 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 116.41 Gb Total Space | 35.85 Gb Free Space | 30.80% Space Free | Partition Type: FAT32
Drive D: | 106.68 Gb Total Space | 53.47 Gb Free Space | 50.12% Space Free | Partition Type: NTFS
Drive E: | 5.96 Mb Total Space | 5.96 Mb Free Space | 100.00% Space Free | Partition Type: FAT
Drive F: | 7.45 Gb Total Space | 6.58 Gb Free Space | 88.27% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled] -- -- (HidServ)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2009/09/29 13:11:10 | 000,020,680 | ---- | M] (ESET) [On_Demand] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009/09/29 13:03:46 | 000,735,960 | ---- | M] (ESET) [Auto] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto] -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/03/17 18:07:02 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007/10/16 07:46:08 | 000,364,629 | ---- | M] (Atheros) [Auto] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () [Auto] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () [Auto] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007/05/18 02:31:16 | 000,073,728 | ---- | M] () [Auto] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2012/02/24 11:14:42 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.)
DRV - [2012/02/24 11:14:42 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2012/02/24 11:14:42 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2011/06/07 11:13:36 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009/09/29 13:05:54 | 000,096,408 | ---- | M] (ESET) [Kernel | System] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009/09/29 13:02:58 | 000,108,792 | ---- | M] (ESET) [Kernel | System] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009/09/29 12:56:32 | 000,116,008 | ---- | M] (ESET) [File_System | Auto] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | Disabled] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/01/14 12:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2007/11/02 08:38:56 | 004,620,288 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/10/16 07:35:16 | 001,299,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ar5416.sys -- (AR5416)
DRV - [2007/10/04 15:31:40 | 000,102,656 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007/10/02 08:59:46 | 001,769,984 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/08/25 05:46:48 | 000,005,760 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2007/08/10 20:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot] -- C:\WINDOWS\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007/08/04 06:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007/07/24 11:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007/07/03 19:46:24 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2007/05/14 10:26:10 | 000,508,288 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/29 04:08:40 | 000,005,632 | R--- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/26 03:35:00 | 000,982,272 | R--- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2004/05/27 18:13:04 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\Program Files\ATK Hotkey\ASNDIS5.SYS -- (ASNDIS5)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.asus.com/fr/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrateur_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.asus.com/fr/
IE - HKU\Administrateur_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\cyril_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
IE - HKU\cyril_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\cyril_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKU\cyril_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2851639
IE - HKU\cyril_ON_C\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - File not found
IE - HKU\cyril_ON_C\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\cyril_ON_C\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
IE - HKU\cyril_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.asus.com/fr/

IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.asus.com/fr/


[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledItems: bookmarks@cometmarks.com:1.41
FF - prefs.js..extensions.enabledItems: ctrl-tab@design-noir.de:0.20
FF - prefs.js..extensions.enabledItems: {567F62D2-2162-43fe-A573-E5620D0934B2}:2.02
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.10
FF - prefs.js..extensions.enabledItems: {F5CEF9AD-F6AF-4b69-AB6D-936BF6BCB6D7}:1.7

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/02/21 15:17:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2008/10/04 11:01:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2008/10/04 11:01:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/05/01 21:09:36 | 000,000,000 | ---D | M]

[2008/10/04 11:01:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\cyril\Application Data\Mozilla\Extensions
[2009/02/12 16:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\cyril\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/02/22 19:23:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\cyril\Application Data\Mozilla\Firefox\Profiles\8057ep4b.default\extensions
[2012/03/31 19:22:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\cyril\Application Data\Mozilla\Firefox\Profiles\8057ep4b.default\extensions\{0471d3b0-a403-11df-981c-0800200c9a66}
[2012/04/06 16:57:40 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- C:\Documents and Settings\cyril\Application Data\Mozilla\Firefox\Profiles\8057ep4b.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
[2011/02/13 20:31:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\cyril\Application Data\Mozilla\Firefox\Profiles\8057ep4b.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/01/26 21:51:58 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\cyril\Application Data\Mozilla\Firefox\Profiles\8057ep4b.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/16 20:52:36 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\cyril\Application Data\Mozilla\Firefox\Profiles\8057ep4b.default\extensions\engine@conduit.com
[2012/03/30 22:28:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\{567F62D2-2162-43FE-A573-E5620D0934B2}
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\{B042753D-F57E-4E8E-A01B-7379A6D4CEFB}
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\{F5CEF9AD-F6AF-4B69-AB6D-936BF6BCB6D7}
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\BOOKMARKS@COMETMARKS.COM
File not found (No name found) -- C:\PROGRAM FILES\COMETBIRD\EXTENSIONS\CTRL-TAB@DESIGN-NOIR.DE
[2009/07/17 10:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2010/12/29 22:27:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/26 21:36:16 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/04/21 01:26:52 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/04/21 01:26:52 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/04/21 01:26:52 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/04/21 01:26:52 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/04/21 01:26:52 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/07/31 11:52:32 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Ask Search Assistant BHO) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - Reg Error: Value error. File not found
O2 - BHO: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - Reg Error: Value error. File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (BHO pour Compagnon Web Encarta) - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Documents and Settings\cyril\Application Data\Media Finder\Extensions\gencrawler_gc.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar BHO) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O3 - HKLM\..\Toolbar: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Compagnon Web Encarta) - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O3 - HKU\cyril_ON_C\..\Toolbar\ShellBrowser: (Ask Toolbar) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O3 - HKU\cyril_ON_C\..\Toolbar\WebBrowser: (Compagnon Web Encarta) - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL (Microsoft Corporation)
O3 - HKU\cyril_ON_C\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll (Conduit Ltd.)
O3 - HKU\cyril_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com)
O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe ()
O4 - HKLM..\Run: [ATKHOTKEY] C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [AuditMode] File not found
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [ooquickpdfv7] C:\WINDOWS\System32\oopmagent.exe ()
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Update] C:\WINDOWS\system32\k8h0pp.exe (Y.S. Tech)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe ()
O4 - HKU\cyril_ON_C..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\cyril_ON_C..\Run: [BitComet] File not found
O4 - HKU\cyril_ON_C..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\cyril_ON_C..\Run: [EPSON SX125 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\cyril_ON_C..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\cyril_ON_C..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\cyril_ON_C..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\cyril_ON_C..\Run: [L07FXLRD_1364359] C:\Program Files\Microsoft Etudes\Microsoft Encarta 2007 - Études DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKU\cyril_ON_C..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKU\cyril_ON_C..\Run: [ManyCam] C:\Program Files\ManyCam 2.4\ManyCam.exe (ManyCam LLC)
O4 - HKU\cyril_ON_C..\Run: [Media Finder] File not found
O4 - HKU\cyril_ON_C..\Run: [Power2GoExpress] C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe (Cyberlink)
O4 - HKU\cyril_ON_C..\Run: [ueeew] File not found
O4 - HKU\cyril_ON_C..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\OFFICE One Startup v7.lnk = C:\Program Files\OFFICE One v7\OFFICE One Startup v7\oostartupv7.exe (ISSENDIS)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrateur_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\cyril_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra Button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O30 - LSA: Authentication Packages - (ows\s) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/10 17:54:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2010/12/11 08:45:06 | 000,000,086 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{08c8873e-2ce4-11de-bc10-0015afed2747}\Shell\Setup\command - "" = C:\WINDOWS\System32\setup.exe -- [2008/04/14 04:34:22 | 000,023,040 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{2ece77b4-199b-11df-bd2b-0015afed2747}\Shell\AutoRun\command - "" = F:\WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found




ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.1.3
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.1.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012/05/25 20:42:10 | 000,000,000 | -HSD | C] -- C:\FOUND.058
[2012/05/25 20:27:24 | 000,000,000 | -HSD | C] -- C:\FOUND.057
[2012/05/25 20:15:55 | 000,244,224 | ---- | C] (Y.S. Tech) -- C:\WINDOWS\System32\k8h0pp.exe
[2012/05/25 16:16:48 | 000,000,000 | -HSD | C] -- C:\FOUND.056
[2012/05/25 13:40:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2012/05/13 14:14:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cyril\Application Data\Temp
[2012/05/13 12:52:45 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\WINDOWS\System32\dgderapi.dll
[2012/05/13 12:52:45 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DIFxAPI.dll
[2012/05/13 12:52:45 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\WINDOWS\System32\drivers\dgderdrv.sys
[2012/05/13 12:36:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Samsung
[2012/05/08 23:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cyril\Mes documents\samsung
[2012/05/08 23:46:26 | 000,181,432 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudserd.sys
[2012/05/08 23:46:21 | 000,181,432 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudmdm.sys
[2012/05/08 23:46:19 | 000,080,824 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\WINDOWS\System32\drivers\ssudbus.sys
[2012/05/03 22:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\Iomega
[2012/05/01 21:09:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ESET
[2012/04/30 14:40:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\cyril\Mes documents\CV 2012
[2008/09/10 22:37:29 | 000,005,632 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\kbfiltr.sys
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012/05/25 21:26:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/25 21:20:46 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/05/25 21:20:42 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/25 21:20:04 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\acovcnt.exe
[2012/05/25 20:15:54 | 000,244,224 | ---- | M] (Y.S. Tech) -- C:\WINDOWS\System32\k8h0pp.exe
[2012/05/25 19:14:00 | 000,164,352 | ---- | M] () -- C:\Documents and Settings\cyril\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/25 13:40:34 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-NOM-29DD817F10C-cyril.job
[2012/05/24 08:58:42 | 000,310,004 | ---- | M] () -- C:\Documents and Settings\cyril\Mes documents\revision techno.odt
[2012/05/21 07:24:02 | 002,087,872 | ---- | M] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/05/18 14:10:34 | 000,014,928 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\voiiture.odt
[2012/05/13 19:12:16 | 000,058,450 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\photo.jpg
[2012/05/13 16:50:20 | 000,308,082 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\Sans titre 2.bmp
[2012/05/13 16:50:18 | 000,308,126 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\Sans titre 4.bmp
[2012/05/13 16:44:56 | 000,022,340 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\Sans titre 7.jpg
[2012/05/13 16:39:12 | 000,023,856 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\CiiRiiL.jpg
[2012/05/13 16:25:22 | 000,606,774 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\autre.bmp
[2012/05/13 16:20:24 | 000,840,508 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\SAM_0289.JPG
[2012/05/13 12:54:52 | 000,001,504 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Samsung Kies.lnk
[2012/05/13 12:53:10 | 000,001,522 | ---- | M] () -- C:\Documents and Settings\cyril\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012/05/13 12:36:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Samsung
[2012/05/13 12:18:16 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2012/05/12 17:58:54 | 000,377,564 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\Copie de SAM_0289.JPG
[2012/05/09 19:41:36 | 000,530,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/09 15:36:26 | 000,529,356 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012/05/09 15:36:26 | 000,457,550 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/09 15:36:26 | 000,093,822 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012/05/09 15:36:26 | 000,078,512 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/09 15:33:16 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/05/09 15:26:30 | 000,116,063 | ---- | M] () -- C:\Documents and Settings\cyril\Mes documents\Éco-Gestion dossier Cyrille Guillo Terminale BAC MES.odt
[2012/05/09 14:00:26 | 000,936,657 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\SAM_0296.JPG
[2012/05/09 12:48:04 | 003,152,184 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\SAM_0301.JPG
[2012/05/07 11:00:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/05/01 21:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ESET
[2012/05/01 20:00:08 | 000,472,890 | ---- | M] () -- C:\Documents and Settings\cyril\Bureau\Croix pharmacie Granger (schéma électrique).ai
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/05/25 20:16:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/05/25 13:40:33 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-NOM-29DD817F10C-cyril.job
[2012/05/13 19:12:14 | 000,058,450 | ---- | C] () -- C:\Documents and Settings\cyril\Bureau\photo.jpg
[2012/05/13 16:50:19 | 000,308,082 | ---- | C] () -- C:\Documents and Settings\cyril\Bureau\Sans titre 2.bmp
[2012/05/13 16:50:16 | 000,308,126 | ---- | C] () -- C:\Documents and Settings\cyril\Bureau\Sans titre 4.bmp
[2012/05/13 16:44:53 | 000,022,340 | ---- | C] () -- C:\Documents and Settings\cyril\Bureau\Sans titre 7.jpg
[2012/05/13 16:39:10 | 000,023,856 | ---- | C] () -- C:\Documents and Settings\cyril\Bureau\CiiRiiL.jpg
[2012/05/13 16:25:21 | 000,606,774 | ---- | C] () -- C:\Documents and Settings\cyril\Bureau\autre.bmp
[2012/05/13 12:54:51 | 000,001,504 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Samsung Kies.lnk
[2012/05/13 12:53:09 | 000,001,522 | ---- | C] () -- C:\Documents and Settings\cyril\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012/05/12 14:58:15 | 000,377,564 | ---- | C] () -- C:\Documents and Settings\cyril\Bureau\Copie de SAM_0289.JPG
[2012/05/09 15:42:42 | 002,087,872 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/05/09 15:19:25 | 000,116,063 | ---- | C] () -- C:\Documents and Settings\cyril\Mes documents\Éco-Gestion dossier Cyrille Guillo Terminale BAC MES.odt
[2012/05/09 14:00:52 | 003,152,184 | ---- | C] () -- C:\Documents and Settings\cyril\Bureau\SAM_0301.JPG
[2012/05/09 14:00:43 | 000,936,657 | ---- | C] () -- C:\Documents and Settings\cyril\Bureau\SAM_0296.JPG
[2012/05/09 14:00:43 | 000,840,508 | ---- | C] () -- C:\Documents and Settings\cyril\Bureau\SAM_0289.JPG
[2012/04/30 18:32:06 | 000,310,004 | ---- | C] () -- C:\Documents and Settings\cyril\Mes documents\revision techno.odt
[2012/02/16 13:53:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/16 17:44:31 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\cyril\Application Data\kggvrquypkv69t1h.dat
[2011/10/26 16:49:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2011/06/18 01:03:39 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\acovcnt.exe
[2011/06/07 11:13:38 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/06/07 11:13:38 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/06/07 11:13:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/06/07 11:13:38 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/06/07 11:13:38 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/02/25 18:12:50 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/02/13 20:02:55 | 000,016,384 | ---- | C] () -- C:\Documents and Settings\cyril\Application Data\CDRusersDB.v12
[2011/01/26 17:40:12 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\cyril\.recently-used.xbel
[2010/12/29 19:04:43 | 000,000,314 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2010/06/10 15:47:26 | 000,000,066 | ---- | C] () -- C:\WINDOWS\HFREP.INI
[2010/04/14 17:25:28 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/04/14 17:25:28 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/04/14 17:25:21 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\cyril\Application Data\$_hpcst$.hpc
[2010/04/14 17:14:50 | 000,000,070 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/05/20 22:09:30 | 000,354,107 | ---- | C] () -- C:\Documents and Settings\cyril\Local Settings\Application Data\ueeew_nav.dat
[2009/05/20 22:09:30 | 000,003,093 | ---- | C] () -- C:\Documents and Settings\cyril\Local Settings\Application Data\ueeew.dat
[2009/05/20 22:09:30 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\cyril\Local Settings\Application Data\ueeew_navps.dat
[2009/01/09 21:21:54 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/11/06 17:33:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/10/04 12:33:57 | 000,164,352 | ---- | C] () -- C:\Documents and Settings\cyril\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/04 11:01:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/09/10 22:43:34 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/09/10 22:38:57 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4859.dll
[2008/09/10 22:38:56 | 001,174,000 | R--- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008/09/10 22:38:56 | 000,104,636 | R--- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll
[2008/09/10 22:36:26 | 000,005,760 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2008/09/10 18:27:34 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\oopmdisp.exe
[2008/09/10 18:27:34 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\oopmagent.exe
[2008/09/10 18:27:34 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\progress.exe
[2008/09/10 18:27:27 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\oopmpm.dll
[2008/09/10 18:14:14 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\cyril\Local Settings\Application Data\fusioncache.dat
[2008/09/10 18:11:50 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/09/10 18:10:54 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\fusioncache.dat
[2008/09/10 18:02:18 | 000,000,821 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2008/09/10 18:01:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/09/10 17:52:59 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/09/10 17:49:05 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/09/10 17:48:31 | 000,530,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/09/10 16:55:57 | 000,033,136 | ---- | C] () -- C:\WINDOWS\ASScrPro.exe
[2008/09/10 16:55:56 | 000,037,232 | ---- | C] () -- C:\WINDOWS\ASScrProlog.exe
[2008/09/10 16:55:53 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2008/09/10 16:48:05 | 000,028,160 | R--- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2008/09/10 16:48:04 | 001,769,984 | R--- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2008/09/10 16:42:55 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2006/11/02 09:27:46 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2006/08/18 08:14:51 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2006/08/18 08:14:51 | 000,002,538 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/08/18 08:14:37 | 000,529,356 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2006/08/18 08:14:37 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2006/08/18 08:14:37 | 000,093,822 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2006/08/18 08:14:37 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2006/08/18 08:14:22 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/08/18 08:14:19 | 000,457,550 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/08/18 08:14:19 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/08/18 08:14:19 | 000,078,512 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/08/18 08:14:19 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/08/18 08:14:18 | 000,004,487 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/08/18 08:14:14 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/08/18 08:14:12 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/08/18 08:14:10 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/08/18 08:14:10 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/08/18 08:14:06 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/08/18 08:13:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/05/25 15:52:46 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2005/08/26 01:50:00 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2000/01/28 00:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\wrkgadm.exe
[2000/01/28 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

[color=#E56717]========== LOP Check ==========[/color]

[2008/09/10 18:35:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\OFFICE One v7
[2008/09/28 17:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\Azureus
[2008/11/05 22:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\OFFICEOne7
[2009/01/30 13:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\Shareaza
[2009/02/12 16:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\LimeWire
[2009/02/12 17:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\uTorrent
[2009/02/12 18:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\BitSpirit
[2009/08/09 17:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\CometNetwork
[2009/09/27 16:21:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\Windows Live Writer
[2009/10/03 21:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\gtk-2.0
[2010/02/16 13:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\ManyCam
[2010/04/14 17:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\Samsung
[2010/04/14 17:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\PC Suite
[2011/10/26 12:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\Epson
[2012/01/26 21:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\Babylon
[2012/01/26 21:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\Media Finder
[2012/05/13 14:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\cyril\Application Data\Temp
[2008/09/10 18:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OFFICE One v7
[2008/09/20 17:28:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sophos
[2008/09/28 17:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2008/10/05 16:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2009/04/19 15:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010/01/29 23:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/02/07 18:10:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/04/11 18:16:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/04/14 17:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/09/23 13:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/10/26 12:33:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2011/10/26 12:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2011/10/29 13:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2012/01/26 21:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012/05/25 13:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]


[color=#A23BEC]< MD5 for: AEC.SYS >[/color]
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:aec.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:aec.sys
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:aec.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:aec.sys
[2004/08/03 22:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) MD5=841F385C6CFAF66B58FBD898722BB4F0 -- C:\WINDOWS\$NtServicePackUninstall$\aec.sys
[2008/04/13 18:39:24 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\ServicePackFiles\i386\aec.sys
[2008/04/13 18:39:24 | 000,142,592 | ---- | M] (Microsoft Corporation) MD5=8BED39E3C35D6A489438B8141717A557 -- C:\WINDOWS\system32\drivers\aec.sys

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006/03/02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:cdrom.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006/03/02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

[color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2006/03/02 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 20:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 20:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2006/03/02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
[2007/01/12 22:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2006/03/02 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2011/12/16 18:49:06 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\explorer.exe
[2011/12/16 18:49:06 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2008/04/14 04:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

[color=#A23BEC]< MD5 for: MOUNTMGR.SYS >[/color]
[2006/03/02 14:00:00 | 000,042,240 | ---- | M] (Microsoft Corporation) MD5=65653F3B4477F3C63E68A9659F85EE2E -- C:\WINDOWS\$NtServicePackUninstall$\mountmgr.sys
[2008/04/13 20:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637D
Messages postés
8
Date d'inscription
samedi 26 mai 2012
Statut
Membre
Dernière intervention
26 mai 2012

[color=#A23BEC]< MD5 for: MRXSMB.SYS >[/color]
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:mrxsmb.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:mrxsmb.sys
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:mrxsmb.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:mrxsmb.sys
[2011/04/29 18:19:44 | 000,456,320 | ---- | M] (Microsoft Corporation) MD5=0DC719E9B15E902346E87E9DCD5751FA -- C:\WINDOWS\$NtUninstallKB2536276-v2$\mrxsmb.sys
[2009/12/04 14:37:08 | 000,456,832 | ---- | M] (Microsoft Corporation) MD5=31422F271B5F3E257339541E76569A00 -- C:\WINDOWS\$hf_mig$\KB978251\SP2QFE\mrxsmb.sys
[2010/02/24 14:48:24 | 000,457,216 | ---- | M] (Microsoft Corporation) MD5=3500E756812E716351F2D341AE1D5623 -- C:\WINDOWS\$hf_mig$\KB980232\SP2QFE\mrxsmb.sys
[2009/12/04 19:22:22 | 000,455,424 | ---- | M] (Microsoft Corporation) MD5=421F7B922CEC5A5F340E7574A98F7B7C -- C:\WINDOWS\$hf_mig$\KB978251\SP3GDR\mrxsmb.sys
[2009/12/04 19:22:22 | 000,455,424 | ---- | M] (Microsoft Corporation) MD5=421F7B922CEC5A5F340E7574A98F7B7C -- C:\WINDOWS\$NtUninstallKB980232$\mrxsmb.sys
[2005/01/19 06:26:52 | 000,451,584 | ---- | M] (Microsoft Corporation) MD5=5DDC9A1B2EB5A4BF010CE8C019A18C1F -- C:\WINDOWS\$NtUninstallKB957097_0$\mrxsmb.sys
[2009/12/04 18:25:56 | 000,456,832 | ---- | M] (Microsoft Corporation) MD5=602549D1E8A622E5746991F6C56B21CA -- C:\WINDOWS\$hf_mig$\KB978251\SP3QFE\mrxsmb.sys
[2008/10/24 12:21:10 | 000,455,296 | ---- | M] (Microsoft Corporation) MD5=60AE98742484E7AB80C3C1450E708148 -- C:\WINDOWS\$hf_mig$\KB957097\SP3GDR\mrxsmb.sys
[2008/10/24 12:21:10 | 000,455,296 | ---- | M] (Microsoft Corporation) MD5=60AE98742484E7AB80C3C1450E708148 -- C:\WINDOWS\$NtUninstallKB978251$\mrxsmb.sys
[2008/04/13 21:17:02 | 000,456,576 | ---- | M] (Microsoft Corporation) MD5=68755F0FF16070178B54674FE5B847B0 -- C:\WINDOWS\$NtUninstallKB957097$\mrxsmb.sys
[2008/04/13 21:17:02 | 000,456,576 | ---- | M] (Microsoft Corporation) MD5=68755F0FF16070178B54674FE5B847B0 -- C:\WINDOWS\ServicePackFiles\i386\mrxsmb.sys
[2008/10/24 12:10:42 | 000,453,632 | ---- | M] (Microsoft Corporation) MD5=6F2D483B97B395544E59749C47963C6A -- C:\WINDOWS\$NtUninstallKB978251_0$\mrxsmb.sys
[2008/10/24 12:41:12 | 000,455,936 | ---- | M] (Microsoft Corporation) MD5=7170AB42B51954DEF2781A4D1CCE65F4 -- C:\WINDOWS\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys
[2005/01/19 05:51:58 | 000,451,584 | ---- | M] (Microsoft Corporation) MD5=7B195060FF456FA65954C72C5C1640FF -- C:\WINDOWS\$hf_mig$\KB885250\SP2QFE\mrxsmb.sys
[2011/07/15 15:29:32 | 000,456,320 | ---- | M] (Microsoft Corporation) MD5=7D304A5EB4344EBEEAB53A2FE3FFB9F0 -- C:\WINDOWS\Driver Cache\i386\mrxsmb.sys
[2011/07/15 15:29:32 | 000,456,320 | ---- | M] (Microsoft Corporation) MD5=7D304A5EB4344EBEEAB53A2FE3FFB9F0 -- C:\WINDOWS\system32\dllcache\mrxsmb.sys
[2011/07/15 15:29:32 | 000,456,320 | ---- | M] (Microsoft Corporation) MD5=7D304A5EB4344EBEEAB53A2FE3FFB9F0 -- C:\WINDOWS\system32\drivers\mrxsmb.sys
[2011/04/29 18:47:42 | 000,457,856 | ---- | M] (Microsoft Corporation) MD5=8DD801E28EB76FDA2A38907882A0036F -- C:\WINDOWS\$hf_mig$\KB2536276\SP3QFE\mrxsmb.sys
[2004/10/28 03:15:16 | 000,448,128 | ---- | M] (Microsoft Corporation) MD5=A1BE3CB080DCC0A8270D21E3CA3B7005 -- C:\WINDOWS\$hf_mig$\KB885835\SP2QFE\mrxsmb.sys
[2008/10/24 12:25:30 | 000,455,936 | ---- | M] (Microsoft Corporation) MD5=D07DA410091143336DAE419A921AAE2B -- C:\WINDOWS\$hf_mig$\KB957097\SP2QFE\mrxsmb.sys
[2010/02/24 13:57:58 | 000,457,216 | ---- | M] (Microsoft Corporation) MD5=D09B9F0B9960DD41E73127B7814C115F -- C:\WINDOWS\$hf_mig$\KB980232\SP3QFE\mrxsmb.sys
[2010/02/24 15:11:08 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=F3AEFB11ABC521122B67095044169E98 -- C:\WINDOWS\$hf_mig$\KB980232\SP3GDR\mrxsmb.sys
[2010/02/24 15:11:08 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=F3AEFB11ABC521122B67095044169E98 -- C:\WINDOWS\$NtUninstallKB2536276$\mrxsmb.sys
[2009/12/04 15:41:56 | 000,453,760 | ---- | M] (Microsoft Corporation) MD5=F9692BE777822AB3F1A91C34728786DA -- C:\WINDOWS\$NtUninstallKB980232_0$\mrxsmb.sys
[2011/07/15 15:29:36 | 000,457,856 | ---- | M] (Microsoft Corporation) MD5=FB2FCCC70F7174C7BF64F48E96D3ADF4 -- C:\WINDOWS\$hf_mig$\KB2536276-v2\SP3QFE\mrxsmb.sys
[2010/02/24 14:31:30 | 000,454,016 | ---- | M] (Microsoft Corporation) MD5=FB6C89BB3CE282B08BDB1E3C179E1C39 -- C:\WINDOWS\$NtServicePackUninstall$\mrxsmb.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008/04/13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 21:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006/03/02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2006/03/02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll
[2009/02/06 20:46:50 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009/02/06 20:46:50 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$NtUninstallKB975467_0$\netlogon.dll

[color=#A23BEC]< MD5 for: RASACD.SYS >[/color]
[2006/03/02 14:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys
[2006/03/02 14:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2006/03/02 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll

[color=#A23BEC]< MD5 for: TERMDD.SYS >[/color]
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:termdd.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:termdd.sys
[2006/03/02 14:00:00 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:termdd.sys
[2011/07/04 16:19:50 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:termdd.sys
[2008/04/14 04:34:52 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=88155247177638048422893737429D9E -- C:\WINDOWS\ServicePackFiles\i386\termdd.sys
[2008/04/14 04:34:52 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=88155247177638048422893737429D9E -- C:\WINDOWS\system32\drivers\termdd.sys
[2004/08/19 16:10:18 | 000,040,840 | ---- | M] (Microsoft Corporation) MD5=A540A99C281D933F3D69D55E48727F47 -- C:\WINDOWS\$NtServicePackUninstall$\termdd.sys

[color=#A23BEC]< MD5 for: WIN32K.SYS >[/color]
[2008/04/14 03:58:06 | 001,845,760 | ---- | M] (Microsoft Corporation) MD5=0E65F97FF5B39068D1D2186B3D7600C7 -- C:\WINDOWS\$NtUninstallKB954211$\win32k.sys
[2008/04/14 03:58:06 | 001,845,760 | ---- | M] (Microsoft Corporation) MD5=0E65F97FF5B39068D1D2186B3D7600C7 -- C:\WINDOWS\ServicePackFiles\i386\win32k.sys
[2010/05/02 10:02:26 | 001,860,480 | ---- | M] (Microsoft Corporation) MD5=117089D35359DD8FE8054DA17AC6EE19 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys
[2012/04/11 15:51:40 | 001,862,400 | ---- | M] (Microsoft Corporation) MD5=17E46C7EE44E6BFA0CF398204282BF0C -- C:\WINDOWS\system32\dllcache\win32k.sys
[2012/04/11 15:51:40 | 001,862,400 | ---- | M] (Microsoft Corporation) MD5=17E46C7EE44E6BFA0CF398204282BF0C -- C:\WINDOWS\system32\win32k.sys
[2012/04/11 15:50:48 | 001,871,488 | ---- | M] (Microsoft Corporation) MD5=1A21AF886EC31258E012921D5E5E2398 -- C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\win32k.sys
[2011/06/06 13:36:20 | 001,868,032 | ---- | M] (Microsoft Corporation) MD5=31C9FCD53634B437F36B0417DA48066A -- C:\WINDOWS\$hf_mig$\KB2555917\SP3QFE\win32k.sys
[2011/03/03 15:53:38 | 001,858,048 | ---- | M] (Microsoft Corporation) MD5=3BEDF6024160399E2AF010BB2E7F4F59 -- C:\WINDOWS\$NtUninstallKB2555917$\win32k.sys
[2009/08/14 16:58:52 | 001,859,840 | ---- | M] (Microsoft Corporation) MD5=479DD2D56488951B4842B6ECBB770239 -- C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys
[2009/02/09 14:54:34 | 001,847,552 | ---- | M] (Microsoft Corporation) MD5=47AB7119E1922F8089148485C0597B2C -- C:\WINDOWS\$hf_mig$\KB958690\SP2QFE\win32k.sys
[2008/09/15 17:14:42 | 001,847,040 | ---- | M] (Microsoft Corporation) MD5=4B7F71D24D215A79400C947EE9C9AF7B -- C:\WINDOWS\$hf_mig$\KB954211\SP2QFE\win32k.sys
[2011/09/06 16:08:30 | 001,868,032 | ---- | M] (Microsoft Corporation) MD5=501628FE99EE77D59BFD29B6DC6803DA -- C:\WINDOWS\$hf_mig$\KB2567053\SP3QFE\win32k.sys
[2009/04/19 21:57:24 | 001,848,064 | ---- | M] (Microsoft Corporation) MD5=526847A9449EC1B5901C4083B9AF7391 -- C:\WINDOWS\$hf_mig$\KB968537\SP2QFE\win32k.sys
[2009/08/14 16:04:44 | 001,859,456 | ---- | M] (Microsoft Corporation) MD5=660B528148A752FFFF1D22FF865C220F -- C:\WINDOWS\$hf_mig$\KB969947\SP2QFE\win32k.sys
[2011/06/06 13:35:24 | 001,859,072 | ---- | M] (Microsoft Corporation) MD5=667C2CED1208788BD0FE1F6E8CFE1CD0 -- C:\WINDOWS\$NtUninstallKB2567053$\win32k.sys
[2011/11/23 15:39:14 | 001,868,672 | ---- | M] (Microsoft Corporation) MD5=6B88EAB930D6D14019A627C1A9DFC4DD -- C:\WINDOWS\$hf_mig$\KB2639417\SP3QFE\win32k.sys
[2009/02/09 15:05:54 | 001,846,912 | ---- | M] (Microsoft Corporation) MD5=6D791CDCE0B1551D95A81D69E7352EF5 -- C:\WINDOWS\$hf_mig$\KB958690\SP3GDR\win32k.sys
[2009/02/09 15:05:54 | 001,846,912 | ---- | M] (Microsoft Corporation) MD5=6D791CDCE0B1551D95A81D69E7352EF5 -- C:\WINDOWS\$NtUninstallKB968537$\win32k.sys
[2005/03/02 20:13:08 | 001,836,416 | ---- | M] (Microsoft Corporation) MD5=7EC7E0B304C1D7F73E9B6C4977952220 -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\win32k.sys
[2009/08/14 16:14:00 | 001,850,752 | ---- | M] (Microsoft Corporation) MD5=8441F8A5DC42BD5F2BEAA95297EE0E10 -- C:\WINDOWS\$hf_mig$\KB969947\SP3GDR\win32k.sys
[2009/08/14 16:14:00 | 001,850,752 | ---- | M] (Microsoft Corporation) MD5=8441F8A5DC42BD5F2BEAA95297EE0E10 -- C:\WINDOWS\$NtUninstallKB979559$\win32k.sys
[2005/03/02 20:07:54 | 001,836,416 | ---- | M] (Microsoft Corporation) MD5=8B39DEFB4843B15A3044FFA23332B299 -- C:\WINDOWS\$NtUninstallKB954211_0$\win32k.sys
[2008/09/15 17:26:08 | 001,846,528 | ---- | M] (Microsoft Corporation) MD5=9F1A0FB5BD8ACECC6CB0A9130BD8F3C3 -- C:\WINDOWS\$hf_mig$\KB954211\SP3GDR\win32k.sys
[2008/09/15 17:26:08 | 001,846,528 | ---- | M] (Microsoft Corporation) MD5=9F1A0FB5BD8ACECC6CB0A9130BD8F3C3 -- C:\WINDOWS\$NtUninstallKB958690$\win32k.sys
[2009/02/09 14:59:50 | 001,847,680 | ---- | M] (Microsoft Corporation) MD5=A06AF7F6B26F2BDEFB0961D4641D6453 -- C:\WINDOWS\$hf_mig$\KB958690\SP3QFE\win32k.sys
[2012/01/12 18:21:12 | 001,869,184 | ---- | M] (Microsoft Corporation) MD5=A274CBA14BE87AE4D6FF0DA6DEAA7618 -- C:\WINDOWS\$hf_mig$\KB2660465\SP3QFE\win32k.sys
[2009/04/19 22:09:40 | 001,846,784 | ---- | M] (Microsoft Corporation) MD5=A3CFB28FC2A9B73229CF65B6CA84D19E -- C:\WINDOWS\$NtUninstallKB969947_0$\win32k.sys
[2009/04/19 21:42:34 | 001,847,936 | ---- | M] (Microsoft Corporation) MD5=A4CB910DA61C2AB50D1D4E15CDA48D32 -- C:\WINDOWS\$hf_mig$\KB968537\SP3QFE\win32k.sys
[2008/09/15 17:20:40 | 001,847,040 | ---- | M] (Microsoft Corporation) MD5=AC230363E6F0021E3F8336990F348A87 -- C:\WINDOWS\$hf_mig$\KB954211\SP3QFE\win32k.sys
[2010/05/02 10:26:00 | 001,851,008 | ---- | M] (Microsoft Corporation) MD5=AE4FE6BCC37669A0C9D2FA2E9A3B3DA6 -- C:\WINDOWS\$NtServicePackUninstall$\win32k.sys
[2010/05/02 09:56:22 | 001,860,096 | ---- | M] (Microsoft Corporation) MD5=C672B68BC50206D387725077E8B86D90 -- C:\WINDOWS\$hf_mig$\KB979559\SP2QFE\win32k.sys
[2012/01/12 18:20:34 | 001,860,096 | ---- | M] (Microsoft Corporation) MD5=C72AD6E77768B3DF200FF414CF306AD0 -- C:\WINDOWS\$NtUninstallKB2641653$\win32k.sys
[2012/02/03 10:56:28 | 001,869,312 | ---- | M] (Microsoft Corporation) MD5=CF530A5F9D22E93230A15F4C2E5AF228 -- C:\WINDOWS\$hf_mig$\KB2641653\SP3QFE\win32k.sys
[2011/11/23 15:40:18 | 001,859,712 | ---- | M] (Microsoft Corporation) MD5=D331A16F0A6AA63A738BB24F0E2D13EF -- C:\WINDOWS\$NtUninstallKB2660465$\win32k.sys
[2010/05/02 10:08:14 | 001,851,392 | ---- | M] (Microsoft Corporation) MD5=D6491CA433261FCBDC99D27064E5F180 -- C:\WINDOWS\$hf_mig$\KB979559\SP3GDR\win32k.sys
[2010/05/02 10:08:14 | 001,851,392 | ---- | M] (Microsoft Corporation) MD5=D6491CA433261FCBDC99D27064E5F180 -- C:\WINDOWS\$NtUninstallKB2506223$\win32k.sys
[2009/08/14 16:21:38 | 001,850,240 | ---- | M] (Microsoft Corporation) MD5=E2C10EA786F48051A65D81CF507F6881 -- C:\WINDOWS\$NtUninstallKB979559_0$\win32k.sys
[2009/04/19 21:50:30 | 001,847,296 | ---- | M] (Microsoft Corporation) MD5=E2D4E6609DCF4175FCC8BCA489F28D9C -- C:\WINDOWS\$hf_mig$\KB968537\SP3GDR\win32k.sys
[2009/04/19 21:50:30 | 001,847,296 | ---- | M] (Microsoft Corporation) MD5=E2D4E6609DCF4175FCC8BCA489F28D9C -- C:\WINDOWS\$NtUninstallKB969947$\win32k.sys
[2011/03/03 15:52:12 | 001,867,008 | ---- | M] (Microsoft Corporation) MD5=E832E04ADDD745DC462ED800E8416B9C -- C:\WINDOWS\$hf_mig$\KB2506223\SP3QFE\win32k.sys
[2012/02/03 10:58:02 | 001,860,224 | ---- | M] (Microsoft Corporation) MD5=E94CA8AA938E7BB5D2D8BBCEBC95124B -- C:\WINDOWS\$NtUninstallKB2676562$\win32k.sys
[2009/02/09 15:17:40 | 001,846,400 | ---- | M] (Microsoft Corporation) MD5=EC33096B88A6D66177E83978699EC20B -- C:\WINDOWS\$NtUninstallKB968537_0$\win32k.sys
[2008/09/15 17:39:16 | 001,846,144 | ---- | M] (Microsoft Corporation) MD5=F5FEFC4A30A7B234F62E4339E0FEE476 -- C:\WINDOWS\$NtUninstallKB958690_0$\win32k.sys
[2011/09/06 16:10:02 | 001,859,072 | ---- | M] (Microsoft Corporation) MD5=FD0E6DD2893EB98845EA3C84A774A926 -- C:\WINDOWS\$NtUninstallKB2639417$\win32k.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2006/03/02 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2011/03/03 08:55:26 | 000,149,504 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\dnsapi.dll
[2011/01/21 16:44:12 | 008,518,656 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\shell32.dll
[2012/03/01 13:00:22 | 002,000,384 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\iertutil.dll
[2012/03/02 06:00:24 | 011,082,752 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ieframe.dll
[2008/04/14 04:33:34 | 000,281,600 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\mstask.dll
[2008/04/14 04:33:36 | 000,067,072 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ntdsapi.dll
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2008/09/10 17:48:04 | 000,458,752 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
[2008/09/10 17:48:04 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008/09/10 17:48:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[color=#A23BEC]< CREATERESTOREPOINT >[/color]
< End of report >


LE RAPPORT DE DE DONNER
Messages postés
8
Date d'inscription
samedi 26 mai 2012
Statut
Membre
Dernière intervention
26 mai 2012

Avez vous des idées la dessus ? Il y a quelque chose a en faire ? je suis vraiment perdu.
Messages postés
8
Date d'inscription
samedi 26 mai 2012
Statut
Membre
Dernière intervention
26 mai 2012

J'ai entendu dire que l'on pouvai faire rogue killer pour supprimer le virus ? c'est ce qu'il faut que je fasse ?
Messages postés
13766
Date d'inscription
lundi 2 mars 2009
Statut
Contributeur
Dernière intervention
26 janvier 2022
4 796
Attend l'avis d'une personne qualifiée, il ne faut pas utiliser des outils quand on n'est pas formé, tu pourrais faire empirer les choses.

Bonsoir

* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK


http://imagesup.org/image

* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX



:OTL
O4 - HKLM..\Run: [Update] C:\WINDOWS\system32\k8h0pp.exe (Y.S. Tech)
[2012/05/25 20:15:55 | 000,244,224 | ---- | C] (Y.S. Tech) -- C:\WINDOWS\System32\k8h0pp.exe
[2009/05/20 22:09:30 | 000,354,107 | ---- | C] () -- C:\Documents and Settings\cyril\Local Settings\Application Data\ueeew_nav.dat
[2009/05/20 22:09:30 | 000,003,093 | ---- | C] () -- C:\Documents and Settings\cyril\Local Settings\Application Data\ueeew.dat
[2009/05/20 22:09:30 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\cyril\Local Settings\Application Data\ueeew_navps.dat


tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse


@+
Bonjour,

Je ne pouvais me permettre d'attendre longtemps afin de pouvoir réparé mon ordinateur.

C'est pour cela je l'ai envoyé chez un informaticien et la solution est reglé sans probleme .

Je vous remercie pour votre aide