Redémarrage en boucle pas de solution...

vika59 Messages postés 6 Statut Membre -  
 Utilisateur anonyme -
Bonjour à toutes et à tous,

Je suis actuellement sous Windows Vista et tout à l'heure en naviguant sur internet j'ai ouvert une page et là soudain mon ordinateur a redémarré tout seul. Je retourne sur ma session et sans qu'elle puisse s'ouvrir, juste après le "Bienvenue", mon ordinateur redémarre à nouveau et ça à chaque fois que j'ouvre cette session.
Ayant déjà eu un virus embêtant j'avais fait une session de secours (que je ne pensais pas utiliser de sitôt mais bon...). J'ai donc pu faire une analyse anti virus en ligne grâce à TrendMicro qui n'a rien détecté, puis j'ai utilisé mon logiciel Malwarebytes Anti-Malware qui a détecté quelques fichiers que j'ai effacés, j'ai même utilisé FindyKill qui n'a rien détecté non plus.
Après tout cela j'ai essayé de changer de session et là redémarrage en boucle de nouveau.
Je suis perdue et je ne sais plus quoi faire, j'aimerais bien être conseillée, sur un autre logiciel par exemple, afin de supprimer ce dérangeant virus.
Voila merci d'avance pour vos réponses :)

19 réponses

  1. Utilisateur anonyme
     
    Bonsoir

    Le mode sans echec est fonctionnel?

    @+
    0
  2. vika59
     
    J'ai essayé le mode sans échec et ca ne fonctionnait pas. Ca a d'ailleurs fait pire que mieux car actuellement mes 2sessions ne fonctionnent plus, ni en mode normal ni en mode sans échec. Il n'y a plus de redémarrage en boucle mais un écran noir, blanc ou bleu au démarrage normal après le "Bienvenue", en mode sans échec j'ai une page de la SACEM me disant que je dois débourser 50euros afin de débloquer mon ordinateur car des fichiers illégaux de musique ont été detectés sur mon ordinateur. La je suis désesperée car mon ordinateur est complétement bloqué et inutilisable. J'espère une réponse de votre part. Merci
    0
  3. Utilisateur anonyme
     
    Bonjour

    Il ne reste que la solution du LiveCD.

    Télécharge OTLPE sur le bureau.
    Prépare un CD vierge
    Utilise un logiciel de gravure dont tu disposes.
    Ou celui-ci Cdburner
    Attention il s'agit de graver une imageISO
    Note : Le CD gravé, il faut maintenant redémarrer la machine sur le lecteur CDROM
    Pour se faire suivre ce lien : Booter sur un CD
    Tuto OTLPE

    Tu lances l'iso d'OTLPE que tu as gravé.
    Tu choisis le lecteur ou est installé ton système d'exploitation (par défaut C)
    Et ensuite Windows
    * une fois le bureau de reatogo chargé , tu lances OTLPE , l'icône jaune

    * Double-clique sur l'icone OTLPE
    * quand demandé "Do you wish to load the remote registry", select Yes
    * Tu choisis ta session
    * Sous Vista et Seven il faut développer l'arborescence du lecteur C qui par défaut embarque Windows et arriver sur le dossier Windows.
    Rappel :Tutorial ici : https://forum.malekal.com/viewtopic.php?t=23453&start=
    Ensuite
    * sous Custom Scan box
    1) copie_colle le contenu du cadre ci dessous:

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    cdrom.sys
    disk.sys
    ndis.sys
    mountmgr.sys
    aec.sys
    rasacd.sys
    mrxsmb10.sys
    mrxsmb20.sys
    termdd.sys
    mrxsmb.sys
    win32k.sys
    storport.sys
    IdeChnDr.sys
    viasraid.sys
    explorer.exe
    winlogon.exe
    wininit.exe
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    CREATERESTOREPOINT


    * copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.

    * 2) Clic Run Scan pour démarrer le scan.
    * Une fois terminé , le fichier se trouve là C:\OTL.txt
    * Copie_colle le contenu dans ta prochaine réponse.

    @+
    0
  4. vika59
     
    Merci pour ta réponse, juste une question est-ce que cela va effacer ldes données de mon disque dur? Je ne dispose pas pour l'instant d'un autre ordi pour la manipulation (je suis au boulot la) mais dès que je peux je ferai la manipulation et je posterai le résultat. En tout cas merci pour ton aide et la rapidité de tes réponses.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Re

    Ce CD va me permettre de détecter les lignes néfastes au bon fonctionnement de Windows et de les supprimer.
    Tu ne perdras aucunes données.

    @+
    0
  7. vika59 Messages postés 6 Statut Membre
     
    J'ai enfin pu faire la manipulation grâce à un second ordinateur, je poste le compte rendu du scan par OTLPE.
    0
  8. vika59 Messages postés 6 Statut Membre
     
    OTL logfile created on: 9/13/2012 9:01:42 PM - Run
    OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
    64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 85.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 95.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 232.88 Gb Total Space | 40.76 Gb Free Space | 17.50% Space Free | Partition Type: NTFS
    Drive D: | 231.42 Gb Total Space | 37.61 Gb Free Space | 16.25% Space Free | Partition Type: NTFS
    Drive E: | 1.86 Gb Total Space | 1.86 Gb Free Space | 99.99% Space Free | Partition Type: FAT
    Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

    Computer Name: REATOGO | User Name: SYSTEM
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
    Using ControlSet: ControlSet001

    [color=#E56717]========== Win32 Services (SafeList) ==========/color

    SRV:[b]64bit:/b - [2009/04/24 05:40:26 | 000,242,176 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
    SRV:[b]64bit:/b - [2009/04/21 16:07:16 | 000,203,264 | ---- | M] (AMD) [Auto] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV:[b]64bit:/b - [2009/04/15 11:08:20 | 000,803,696 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
    SRV:[b]64bit:/b - [2009/03/17 05:48:54 | 000,084,480 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
    SRV:[b]64bit:/b - [2009/03/06 12:30:32 | 000,488,288 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
    SRV:[b]64bit:/b - [2008/09/15 08:35:20 | 000,564,536 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Windows\System32\ThpSrv.exe -- (Thpsrv)
    SRV:[b]64bit:/b - [2007/11/21 11:53:16 | 000,135,168 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
    SRV - [2012/09/07 18:31:33 | 000,722,528 | ---- | M] () [Auto] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
    SRV - [2012/08/19 22:53:34 | 000,184,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
    SRV - [2012/08/19 22:53:32 | 001,286,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
    SRV - [2012/08/19 22:52:42 | 005,751,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
    SRV - [2012/08/15 11:52:35 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/07/31 04:25:06 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/05/10 10:32:43 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2012/05/10 10:32:42 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
    SRV - [2012/05/10 10:32:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2012/04/25 13:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
    SRV - [2012/02/29 02:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/04/16 12:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [Auto] -- C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
    SRV - [2009/04/01 12:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
    SRV - [2009/03/30 10:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
    SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/03/10 12:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
    SRV - [2009/03/06 11:27:10 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
    SRV - [2009/02/11 07:05:16 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)

    [color=#E56717]========== Driver Services (SafeList) ==========/color

    DRV:[b]64bit:/b - [2012/09/07 18:31:34 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System] -- C:\Windows\System32\drivers\avgtpx64.sys -- (avgtp)
    DRV:[b]64bit:/b - [2012/08/13 10:40:52 | 000,150,880 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System] -- C:\Windows\System32\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
    DRV:[b]64bit:/b - [2012/08/09 22:52:38 | 000,199,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdia.sys -- (Avgtdia)
    DRV:[b]64bit:/b - [2012/08/09 22:52:34 | 000,105,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx64.sys -- (Avgmfx64)
    DRV:[b]64bit:/b - [2012/08/09 22:52:16 | 000,040,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\Windows\System32\drivers\avgrkx64.sys -- (Avgrkx64)
    DRV:[b]64bit:/b - [2012/08/09 07:56:42 | 000,230,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot] -- C:\Windows\System32\drivers\avgloga.sys -- (Avgloga)
    DRV:[b]64bit:/b - [2012/08/09 07:56:34 | 000,060,768 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\Windows\System32\drivers\avgidsha.sys -- (AVGIDSHA)
    DRV:[b]64bit:/b - [2012/08/09 07:56:20 | 000,175,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx64.sys -- (Avgldx64)
    DRV:[b]64bit:/b - [2012/05/10 10:32:43 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
    DRV:[b]64bit:/b - [2012/05/10 10:32:43 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
    DRV:[b]64bit:/b - [2011/09/16 10:09:16 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
    DRV:[b]64bit:/b - [2011/05/22 19:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgfwd6a.sys -- (Avgfwfd)
    DRV:[b]64bit:/b - [2010/03/21 17:18:42 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
    DRV:[b]64bit:/b - [2009/11/16 05:21:50 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand] -- C:\Windows\System32\drivers\TFsExDisk.sys -- (TFsExDisk)
    DRV:[b]64bit:/b - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
    DRV:[b]64bit:/b - [2009/09/21 04:55:38 | 000,158,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
    DRV:[b]64bit:/b - [2009/09/21 04:55:38 | 000,116,224 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
    DRV:[b]64bit:/b - [2009/09/21 04:55:38 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
    DRV:[b]64bit:/b - [2009/09/16 04:22:40 | 000,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
    DRV:[b]64bit:/b - [2009/09/16 04:22:40 | 000,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
    DRV:[b]64bit:/b - [2009/09/16 04:22:40 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
    DRV:[b]64bit:/b - [2009/09/16 04:15:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
    DRV:[b]64bit:/b - [2009/04/24 08:29:40 | 000,206,336 | ---- | M] (Realtek ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh64.sys -- (RTL8169)
    DRV:[b]64bit:/b - [2009/04/21 17:30:46 | 005,356,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV:[b]64bit:/b - [2009/04/08 10:36:40 | 000,138,592 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
    DRV:[b]64bit:/b - [2009/03/25 11:23:26 | 000,035,392 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\thpdrv.sys -- (Thpdrv)
    DRV:[b]64bit:/b - [2009/03/23 10:48:20 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
    DRV:[b]64bit:/b - [2009/03/19 08:07:46 | 000,052,736 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
    DRV:[b]64bit:/b - [2009/03/18 05:46:44 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
    DRV:[b]64bit:/b - [2009/03/05 05:03:34 | 000,088,576 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
    DRV:[b]64bit:/b - [2009/01/27 13:12:14 | 000,504,912 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\tos_sps64.sys -- (tos_sps64)
    DRV:[b]64bit:/b - [2008/12/30 06:18:40 | 000,068,608 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
    DRV:[b]64bit:/b - [2008/11/17 01:50:30 | 004,751,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v64.sys -- (NETw5v64) Intel(R)
    DRV:[b]64bit:/b - [2008/11/11 12:30:12 | 000,189,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
    DRV:[b]64bit:/b - [2008/10/06 11:56:58 | 000,173,696 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
    DRV:[b]64bit:/b - [2008/05/07 05:30:14 | 000,032,040 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
    DRV:[b]64bit:/b - [2008/04/28 19:56:00 | 000,014,336 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecirhid.sys -- (enecirhid)
    DRV:[b]64bit:/b - [2008/04/25 03:16:00 | 000,006,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecirhidma.sys -- (enecirhidma)
    DRV:[b]64bit:/b - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
    DRV:[b]64bit:/b - [2007/12/11 08:03:36 | 000,027,272 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
    DRV:[b]64bit:/b - [2007/11/09 08:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
    DRV:[b]64bit:/b - [2007/09/04 04:29:04 | 000,014,872 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\Thpevm.sys -- (Thpevm)
    DRV:[b]64bit:/b - [2006/10/23 10:33:08 | 000,018,944 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
    DRV:[b]64bit:/b - [2006/09/18 17:38:10 | 001,074,688 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\agrsm64.sys -- (AgereSoftModem)
    DRV:[b]64bit:/b - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
    DRV - [2009/11/16 05:21:50 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
    DRV - [2008/05/07 05:30:14 | 000,032,040 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot] -- C:\Windows\SysWOW64\drivers\LPCFilter.sys -- (LPCFilter)

    [color=#E56717]========== Standard Registry (SafeList) ==========/color

    [color=#E56717]========== Internet Explorer ==========/color

    IE:[b]64bit:/b - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl

    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\secours_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/webhp?gws_rd=ssl
    IE - HKU\secours_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/webhp?gws_rd=ssl
    IE - HKU\secours_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\Victoria_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    IE - HKU\Victoria_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKU\Victoria_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\Victoria_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:58808

    FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_3_300_271.dll ()
    FF:[b]64bit:/b - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: File not found
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@virtools.com/3DviaPlayer: File not found
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.5.4\ [2012/09/07 18:31:45 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/31 04:25:07 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/02/01 14:16:26 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

    [2012/02/13 17:27:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2012/07/31 04:25:06 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2011/11/10 00:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2010/12/02 11:58:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
    [2011/10/01 20:23:55 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
    [2012/09/07 18:31:31 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
    [2011/10/01 20:23:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2011/10/01 20:23:55 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2011/10/01 20:23:55 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
    [2011/10/01 20:23:55 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2011/10/01 20:23:55 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll ()
    O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.4\AVG Secure Search_toolbar.dll ()
    O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O4:[b]64bit:/b - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
    O4:[b]64bit:/b - HKLM..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
    O4:[b]64bit:/b - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
    O4:[b]64bit:/b - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:[b]64bit:/b - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
    O4:[b]64bit:/b - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
    O4:[b]64bit:/b - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
    O4:[b]64bit:/b - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
    O4:[b]64bit:/b - HKLM..\Run: [ThpSrv] C:\Windows\System32\thpsrv.exe (TOSHIBA Corporation)
    O4:[b]64bit:/b - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
    O4:[b]64bit:/b - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
    O4:[b]64bit:/b - HKLM..\Run: [TPCHWMsg] C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
    O4:[b]64bit:/b - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
    O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
    O4 - HKLM..\Run: [cfFncEnabler.exe] C:\Program Files (x86)\TOSHIBA\ConfigFree\cfFncEnabler.exe (Toshiba Corporation)
    O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
    O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
    O4 - HKLM..\Run: [NDSTray.exe] C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
    O4 - HKLM..\Run: [NPSStartup] File not found
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
    O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TRCMan] C:\Program Files (x86)\Toshiba\TRCMan\TRCMan.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TUSBSleepChargeSrv] File not found
    O4 - HKLM..\Run: [TWebCamera] File not found
    O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
    O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
    O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\Toshiba\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
    O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
    O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
    O4 - HKU\secours_ON_C..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
    O4 - HKU\secours_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
    O4 - HKU\Victoria_ON_C..\Run: [6f1ziu7p.exe] File not found
    O4 - HKU\Victoria_ON_C..\Run: [Kujytuo] File not found
    O4 - HKLM..\RunOnce: [] File not found
    O4 - Startup: C:\Users\Default\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
    O4 - Startup: C:\Users\Default User\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
    O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10:[b]64bit:/b - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
    O13:[b]64bit:/b - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.5.1)
    O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.5.1)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18:[b]64bit:/b - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:[b]64bit:/b - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:[b]64bit:/b - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
    O18:[b]64bit:/b - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:[b]64bit:/b - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
    O18:[b]64bit:/b - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
    O20:[b]64bit:/b - HKLM Winlogon: Shell - (C:\Users\secours\AppData\Roaming\1.exe) - C:\Users\secours\AppData\Roaming\1.exe ()
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O31 - SafeBoot: AlternateShell - C:\Users\secours\AppData\Roaming\1.exe
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe (AVG Technologies CZ, s.r.o.)
    [b]64bit:/b O35 - HKLM\..comfile [open] -- "%1" %* File not found
    [b]64bit:/b O35 - HKLM\..exefile [open] -- "%1" %* File not found
    O37:[b]64bit:/b - HKLM\...com [@ = comfile] -- "%1" %*
    O37:[b]64bit:/b - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    SafeBootMin:[b]64bit:/b AppMgmt - Service
    SafeBootMin:[b]64bit:/b Base - Driver Group
    SafeBootMin:[b]64bit:/b Boot Bus Extender - Driver Group
    SafeBootMin:[b]64bit:/b Boot file system - Driver Group
    SafeBootMin:[b]64bit:/b File system - Driver Group
    SafeBootMin:[b]64bit:/b Filter - Driver Group
    SafeBootMin:[b]64bit:/b HelpSvc - Service
    SafeBootMin:[b]64bit:/b mcmscsvc - Service
    SafeBootMin:[b]64bit:/b MCODS - Service
    SafeBootMin:[b]64bit:/b PCI Configuration - Driver Group
    SafeBootMin:[b]64bit:/b PNP Filter - Driver Group
    SafeBootMin:[b]64bit:/b Primary disk - Driver Group
    SafeBootMin:[b]64bit:/b sacsvr - Service
    SafeBootMin:[b]64bit:/b SCSI Class - Driver Group
    SafeBootMin:[b]64bit:/b System Bus Extender - Driver Group
    SafeBootMin:[b]64bit:/b {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin:[b]64bit:/b {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin:[b]64bit:/b {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin:[b]64bit:/b {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin:[b]64bit:/b {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin:[b]64bit:/b {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin:[b]64bit:/b {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin:[b]64bit:/b {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin:[b]64bit:/b {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin:[b]64bit:/b {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin:[b]64bit:/b {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin:[b]64bit:/b {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin:[b]64bit:/b {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootMin:[b]64bit:/b {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin:[b]64bit:/b {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin:[b]64bit:/b {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootMin:[b]64bit:/b {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
    SafeBootMin: AppMgmt - Service
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: HelpSvc - Service
    SafeBootMin: mcmscsvc - Service
    SafeBootMin: MCODS - Service
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: sacsvr - Service
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    SafeBootNet:[b]64bit:/b AppMgmt - Service
    SafeBootNet:[b]64bit:/b Base - Driver Group
    SafeBootNet:[b]64bit:/b Boot Bus Extender - Driver Group
    SafeBootNet:[b]64bit:/b Boot file system - Driver Group
    SafeBootNet:[b]64bit:/b File system - Driver Group
    SafeBootNet:[b]64bit:/b Filter - Driver Group
    SafeBootNet:[b]64bit:/b HelpSvc - Service
    SafeBootNet:[b]64bit:/b mcmscsvc - Service
    SafeBootNet:[b]64bit:/b MCODS - Service
    SafeBootNet:[b]64bit:/b Messenger - Service
    SafeBootNet:[b]64bit:/b MpfService - Service
    SafeBootNet:[b]64bit:/b NDIS Wrapper - Driver Group
    SafeBootNet:[b]64bit:/b NetBIOSGroup - Driver Group
    SafeBootNet:[b]64bit:/b NetDDEGroup - Driver Group
    SafeBootNet:[b]64bit:/b Network - Driver Group
    SafeBootNet:[b]64bit:/b NetworkProvider - Driver Group
    SafeBootNet:[b]64bit:/b PCI Configuration - Driver Group
    SafeBootNet:[b]64bit:/b PNP Filter - Driver Group
    SafeBootNet:[b]64bit:/b PNP_TDI - Driver Group
    SafeBootNet:[b]64bit:/b Primary disk - Driver Group
    SafeBootNet:[b]64bit:/b rdsessmgr - Service
    SafeBootNet:[b]64bit:/b sacsvr - Service
    SafeBootNet:[b]64bit:/b SCSI Class - Driver Group
    SafeBootNet:[b]64bit:/b Streams Drivers - Driver Group
    SafeBootNet:[b]64bit:/b System Bus Extender - Driver Group
    SafeBootNet:[b]64bit:/b TDI - Driver Group
    SafeBootNet:[b]64bit:/b WudfPf - Driver
    SafeBootNet:[b]64bit:/b WudfUsbccidDriver - Driver
    SafeBootNet:[b]64bit:/b {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet:[b]64bit:/b {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet:[b]64bit:/b {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet:[b]64bit:/b {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet:[b]64bit:/b {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet:[b]64bit:/b {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet:[b]64bit:/b {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet:[b]64bit:/b {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet:[b]64bit:/b {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet:[b]64bit:/b {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet:[b]64bit:/b {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet:[b]64bit:/b {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet:[b]64bit:/b {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet:[b]64bit:/b {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet:[b]64bit:/b {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet:[b]64bit:/b {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
    SafeBootNet:[b]64bit:/b {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet:[b]64bit:/b {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootNet:[b]64bit:/b {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet:[b]64bit:/b {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet:[b]64bit:/b {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootNet:[b]64bit:/b {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
    SafeBootNet: AppMgmt - Service
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: HelpSvc - Service
    SafeBootNet: mcmscsvc - Service
    SafeBootNet: MCODS - Service
    SafeBootNet: Messenger - Service
    SafeBootNet: MpfService - Service
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: rdsessmgr - Service
    SafeBootNet: sacsvr - Service
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: WudfPf - Driver
    SafeBootNet: WudfUsbccidDriver - Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    ActiveX:[b]64bit:/b {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
    ActiveX:[b]64bit:/b {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
    ActiveX:[b]64bit:/b {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:[b]64bit:/b {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:[b]64bit:/b {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX:[b]64bit:/b {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
    ActiveX:[b]64bit:/b {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:[b]64bit:/b {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:[b]64bit:/b {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:[b]64bit:/b {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:[b]64bit:/b {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:[b]64bit:/b {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX:[b]64bit:/b {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:[b]64bit:/b {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX:[b]64bit:/b {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:[b]64bit:/b {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
    ActiveX:[b]64bit:/b {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX:[b]64bit:/b {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:[b]64bit:/b {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:[b]64bit:/b {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX:[b]64bit:/b {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:[b]64bit:/b {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:[b]64bit:/b {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX:[b]64bit:/b {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX:[b]64bit:/b >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
    ActiveX:[b]64bit:/b >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
    ActiveX:[b]64bit:/b >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

    Drivers32:[b]64bit:/b aux - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:/b aux1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:/b midi - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:/b midi1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:/b midimapper - C:\Windows\System32\midimap.dll (Microsoft Corporation)
    Drivers32:[b]64bit:/b mixer - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:/b mixer1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:/b msacm.imaadpcm - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
    Drivers32:[b]64bit:/b msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32:[b]64bit:/b msacm.msadpcm - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
    Drivers32:[b]64bit:/b msacm.msg711 - C:\Windows\System32\msg711.acm (Microsoft Corporation)
    Drivers32:[b]64bit:/b msacm.msgsm610 - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
    Drivers32:[b]64bit:/b MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32:[b]64bit:/b vidc.i420 - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
    Drivers32:[b]64bit:/b VIDC.IYUV - C:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
    Drivers32:[b]64bit:/b vidc.mrle - C:\Windows\System32\msrle32.dll (Microsoft Corporation)
    Drivers32:[b]64bit:/b vidc.msvc - C:\Windows\System32\msvidc32.dll (Microsoft Corporation)
    Drivers32:[b]64bit:/b VIDC.UYVY - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
    Drivers32:[b]64bit:/b VIDC.YUY2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
    Drivers32:[b]64bit:/b VIDC.YVU9 - C:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
    Drivers32:[b]64bit:/b VIDC.YVYU - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
    Drivers32:[b]64bit:/b wave - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:/b wave1 - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
    Drivers32:[b]64bit:/b wavemapper - C:\Windows\System32\msacm32.drv (Microsoft Corporation)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: MSVideo8 - C:\Windows\SysWow64\vfwwdm32.dll (Microsoft Corporation)

    [color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

    [2012/09/08 02:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    [2012/09/08 02:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
    [2012/09/07 18:32:36 | 000,000,000 | ---D | C] -- C:\Users\secours\AppData\Roaming\AVG2013
    [2012/09/07 18:31:53 | 000,000,000 | ---D | C] -- C:\Users\secours\AppData\Local\AVG Secure Search
    [2012/09/07 18:31:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    [2012/09/07 18:31:46 | 000,000,000 | ---D | C] -- C:\Users\secours\AppData\Roaming\TuneUp Software
    [2012/09/07 18:31:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
    [2012/09/07 18:31:34 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx64.sys
    [2012/09/07 18:31:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
    [2012/09/07 18:31:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
    [2012/09/07 18:30:34 | 000,000,000 | -H-D | C] -- C:\$AVG
    [2012/09/07 18:30:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
    [2012/09/07 18:29:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
    [2012/09/07 18:22:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
    [2012/09/07 18:22:01 | 000,000,000 | ---D | C] -- C:\Users\secours\AppData\Local\MFAData
    [2012/09/07 18:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
    [2012/09/07 18:22:01 | 000,000,000 | ---D | C] -- C:\Users\secours\AppData\Local\Avg2013
    [2012/09/07 17:50:25 | 000,000,000 | ---D | C] -- C:\FyK
    [2012/09/07 17:29:09 | 000,000,000 | ---D | C] -- C:\Users\secours\AppData\Local\Macromedia
    [2012/09/07 17:26:02 | 000,000,000 | ---D | C] -- C:\Users\secours\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
    [2012/09/07 17:24:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
    [2012/09/07 17:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
    [2012/09/07 17:15:09 | 000,000,000 | ---D | C] -- C:\Users\secours\AppData\Roaming\QuickScan
    [2012/09/07 16:38:19 | 000,000,000 | ---D | C] -- C:\Users\secours\AppData\Local\Google
    [2012/08/15 19:26:46 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
    [2012/08/15 19:26:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2012/08/15 19:26:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2012/08/15 19:26:44 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2012/08/15 19:26:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2012/08/15 19:26:43 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2012/08/15 19:26:43 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2012/08/15 19:26:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2012/08/15 19:26:43 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2012/08/15 19:26:43 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2012/08/15 19:26:43 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2012/08/15 19:26:42 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
    [2012/08/15 19:26:42 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2012/08/15 19:26:41 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2012/08/15 18:29:14 | 000,788,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
    [2012/08/15 18:29:14 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localspl.dll
    [2012/08/15 18:29:11 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
    [3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

    [color=#E56717]========== Files - Modified Within 30 Days ==========/color

    [2012/09/13 12:43:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/09/13 12:41:41 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/09/13 12:38:57 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/09/13 12:38:55 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/09/12 03:42:37 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/09/12 03:42:36 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/09/08 02:24:36 | 000,001,906 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
    [2012/09/08 02:24:36 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    [2012/09/07 18:57:09 | 000,000,604 | ---- | M] () -- C:\Users\secours\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
    [2012/09/07 18:54:56 | 000,000,563 | ---- | M] () -- C:\ja.lnk
    [2012/09/07 18:31:47 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
    [2012/09/07 18:31:47 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    [2012/09/07 18:31:34 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx64.sys
    [2012/09/07 17:40:04 | 000,799,734 | ---- | M] () -- C:\Users\secours\AppData\Local\census.cache
    [2012/09/07 17:39:10 | 000,189,690 | ---- | M] () -- C:\Users\secours\AppData\Local\ars.cache
    [2012/09/07 17:25:40 | 000,000,989 | ---- | M] () -- C:\Users\secours\Desktop\Kaspersky Security Scan.lnk
    [2012/09/07 17:14:11 | 000,000,036 | ---- | M] () -- C:\Users\secours\AppData\Local\housecall.guid.cache
    [2012/09/07 16:45:56 | 000,000,977 | ---- | M] () -- C:\Users\secours\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
    [2012/09/07 16:45:56 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/09/07 16:45:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012/09/07 16:37:44 | 000,002,014 | ---- | M] () -- C:\Users\secours\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2012/09/07 16:37:32 | 000,001,875 | ---- | M] () -- C:\Users\secours\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
    [2012/09/07 16:33:31 | 000,391,573 | ---- | M] () -- C:\Users\Victoria\AppData\Roaming\1.exe
    [2012/09/07 16:33:31 | 000,391,573 | ---- | M] () -- C:\Users\secours\AppData\Roaming\1.exe
    [2012/09/07 15:32:58 | 455,959,880 | ---- | M] () -- C:\Users\Victoria\Desktop\Precious.2009.FRENCH.BDRiP.XviD.avi
    [2012/09/06 18:33:48 | 000,000,680 | ---- | M] () -- C:\Users\Victoria\AppData\Local\d3d9caps.dat
    [2012/09/05 10:53:07 | 000,679,292 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2012/09/05 10:53:07 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2012/09/05 10:53:07 | 000,126,876 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2012/09/05 10:53:07 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2012/09/05 10:50:31 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2012/08/17 22:07:01 | 000,154,624 | ---- | M] () -- C:\Users\Victoria\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/08/16 13:13:30 | 000,387,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2012/08/15 11:52:35 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2012/08/15 11:52:35 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

    [color=#E56717]========== Files Created - No Company Name ==========/color

    [2012/09/07 18:57:09 | 000,000,604 | ---- | C] () -- C:\Users\secours\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
    [2012/09/07 18:56:56 | 000,391,573 | ---- | C] () -- C:\Users\secours\AppData\Roaming\1.exe
    [2012/09/07 18:54:56 | 000,000,563 | ---- | C] () -- C:\ja.lnk
    [2012/09/07 18:31:47 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
    [2012/09/07 17:40:04 | 000,799,734 | ---- |
    0
  9. Utilisateur anonyme
     
    Bonsoir

    Excuse moi du retard

    * Double-clique sur l'icone OTLPE
    * quand demandé "Do you wish to load the remote registry", selectionne "Yes"
    * quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
    * verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK

    http://imagesup.org/image

    * sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX

    :OTL
    O20:[b]64bit:/b - HKLM Winlogon: Shell - (C:\Users\secours\AppData\Roaming\1.exe) - C:\Users\secours\AppData\Roaming\1.exe ()
    O31 - SafeBoot: AlternateShell - C:\Users\secours\AppData\Roaming\1.exe
    [2012/09/07 16:33:31 | 000,391,573 | ---- | M] () -- C:\Users\Victoria\AppData\Roaming\1.exe
    [2012/09/07 16:33:31 | 000,391,573 | ---- | M] () -- C:\Users\secours\AppData\Roaming\1.exe
    [2012/09/07 18:56:56 | 000,391,573 | ---- | C] () -- C:\Users\secours\AppData\Roaming\1.exe


    tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse

    @+
    0
  10. vika59 Messages postés 6 Statut Membre
     
    Merci pour ta réponse, je fais la manipulation dès ce soir en attendant je te poste le compte rendu complet du scan précédent : https://www.cjoint.com/?BIskihF6QYe
    Merci à bientot
    0
  11. vika59
     
    Je te poste le rapport de la manipulation
    0
  12. vika59
     
    voici le lien qui mène au résultats : http://cjoint.com/?BItkLrPiHNW
    0
  13. vika59
     
    OTL logfile created on: 9/18/2012 11:51:06 PM - Run
    OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
    64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 232.88 Gb Total Space | 40.87 Gb Free Space | 17.55% Space Free | Partition Type: NTFS
    Drive D: | 231.42 Gb Total Space | 37.61 Gb Free Space | 16.25% Space Free | Partition Type: NTFS
    Drive E: | 955.73 Mb Total Space | 950.11 Mb Free Space | 99.41% Space Free | Partition Type: FAT
    Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

    Computer Name: REATOGO | User Name: SYSTEM
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
    Using ControlSet: ControlSet001

    [color=#E56717]========== Win32 Services (SafeList) ==========[/color]

    SRV:[b]64bit:[/b] - [2009/04/24 05:40:26 | 000,242,176 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
    SRV:[b]64bit:[/b] - [2009/04/21 16:07:16 | 000,203,264 | ---- | M] (AMD) [Auto] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV:[b]64bit:[/b] - [2009/04/15 11:08:20 | 000,803,696 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
    SRV:[b]64bit:[/b] - [2009/03/17 05:48:54 | 000,084,480 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
    SRV:[b]64bit:[/b] - [2009/03/06 12:30:32 | 000,488,288 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
    SRV:[b]64bit:[/b] - [2008/09/15 08:35:20 | 000,564,536 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Windows\System32\ThpSrv.exe -- (Thpsrv)
    SRV:[b]64bit:[/b] - [2007/11/21 11:53:16 | 000,135,168 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
    SRV - [2012/09/07 18:31:33 | 000,722,528 | ---- | M] () [Auto] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
    SRV - [2012/08/19 22:53:34 | 000,184,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
    SRV - [2012/08/19 22:53:32 | 001,286,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
    SRV - [2012/08/19 22:52:42 | 005,751,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
    SRV - [2012/08/15 11:52:35 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/07/31 04:25:06 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/05/10 10:32:43 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2012/05/10 10:32:42 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
    SRV - [2012/05/10 10:32:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2012/04/25 13:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
    SRV - [2012/02/29 02:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/04/16 12:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [Auto] -- C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
    SRV - [2009/04/01 12:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
    SRV - [2009/03/30 10:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
    SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/03/10 12:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
    SRV - [2009/03/06 11:27:10 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
    SRV - [2009/02/11 07:05:16 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)

    [color=#E56717]========== Driver Services (SafeList) ==========[/color]

    DRV:[b]64bit:[/b] - [2012/09/07 18:31:34 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System] -- C:\Windows\System32\drivers\avgtpx64.sys -- (avgtp)
    DRV:[b]64bit:[/b] - [2012/08/13 10:40:52 | 000,150,880 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System] -- C:\Windows\System32\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
    DRV:[b]64bit:[/b] - [2012/08/09 22:52:38 | 000,199,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdia.sys -- (Avgtdia)
    DRV:[b]64bit:[/b] - [2012/08/09 22:52:34 | 000,105,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx64.sys -- (Avgmfx64)
    DRV:[b]64bit:[/b] - [2012/08/09 22:52:16 | 000,040,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\Windows\System32\drivers\avgrkx64.sys -- (Avgrkx64)
    DRV:[b]64bit:[/b] - [2012/08/09 07:56:42 | 000,230,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot] -- C:\Windows\System32\drivers\avgloga.sys -- (Avgloga)
    DRV:[b]64bit:[/b] - [2012/08/09 07:56:34 | 000,060,768 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\Windows\System32\drivers\avgidsha.sys -- (AVGIDSHA)
    DRV:[b]64bit:[/b] - [2012/08/09 07:56:20 | 000,175,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx64.sys -- (Avgldx64)
    DRV:[b]64bit:[/b] - [2012/05/10 10:32:43 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
    DRV:[b]64bit:[/b] - [2012/05/10 10:32:43 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
    DRV:[b]64bit:[/b] - [2011/09/16 10:09:16 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
    DRV:[b]64bit:[/b] - [2011/05/22 19:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgfwd6a.sys -- (Avgfwfd)
    DRV:[b]64bit:[/b] - [2010/03/21 17:18:42 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
    DRV:[b]64bit:[/b] - [2009/11/16 05:21:50 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand] -- C:\Windows\System32\drivers\TFsExDisk.sys -- (TFsExDisk)
    DRV:[b]64bit:[/b] - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
    DRV:[b]64bit:[/b] - [2009/09/21 04:55:38 | 000,158,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
    DRV:[b]64bit:[/b] - [2009/09/21 04:55:38 | 000,116,224 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
    DRV:[b]64bit:[/b] - [2009/09/21 04:55:38 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
    DRV:[b]64bit:[/b] - [2009/09/16 04:22:40 | 000,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
    DRV:[b]64bit:[/b] - [2009/09/16 04:22:40 | 000,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
    DRV:[b]64bit:[/b] - [2009/09/16 04:22:40 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
    DRV:[b]64bit:[/b] - [2009/09/16 04:15:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
    DRV:[b]64bit:[/b] - [2009/04/24 08:29:40 | 000,206,336 | ---- | M] (Realtek ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh64.sys -- (RTL8169)
    DRV:[b]64bit:[/b] - [2009/04/21 17:30:46 | 005,356,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV:[b]64bit:[/b] - [2009/04/08 10:36:40 | 000,138,592 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
    DRV:[b]64bit:[/b] - [2009/03/25 11:23:26 | 000,035,392 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\thpdrv.sys -- (Thpdrv)
    DRV:[b]64bit:[/b] - [2009/03/23 10:48:20 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
    DRV:[b]64bit:[/b] - [2009/03/19 08:07:46 | 000,052,736 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
    DRV:[b]64bit:[/b] - [2009/03/18 05:46:44 | 000,032,832 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
    DRV:[b]64bit:[/b] - [2009/03/05 05:03:34 | 000,088,576 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
    DRV:[b]64bit:[/b] - [2009/01/27 13:12:14 | 000,504,912 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\tos_sps64.sys -- (tos_sps64)
    DRV:[b]64bit:[/b] - [2008/12/30 06:18:40 | 000,068,608 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
    DRV:[b]64bit:[/b] - [2008/11/17 01:50:30 | 004,751,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v64.sys -- (NETw5v64) Intel(R)
    DRV:[b]64bit:[/b] - [2008/11/11 12:30:12 | 000,189,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
    DRV:[b]64bit:[/b] - [2008/10/06 11:56:58 | 000,173,696 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
    DRV:[b]64bit:[/b] - [2008/05/07 05:30:14 | 000,032,040 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
    DRV:[b]64bit:[/b] - [2008/04/28 19:56:00 | 000,014,336 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecirhid.sys -- (enecirhid)
    DRV:[b]64bit:[/b] - [2008/04/25 03:16:00 | 000,006,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecirhidma.sys -- (enecirhidma)
    DRV:[b]64bit:[/b] - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
    DRV:[b]64bit:[/b] - [2007/12/11 08:03:36 | 000,027,272 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
    DRV:[b]64bit:[/b] - [2007/11/09 08:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
    DRV:[b]64bit:[/b] - [2007/09/04 04:29:04 | 000,014,872 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\Thpevm.sys -- (Thpevm)
    DRV:[b]64bit:[/b] - [2006/10/23 10:33:08 | 000,018,944 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
    DRV:[b]64bit:[/b] - [2006/09/18 17:38:10 | 001,074,688 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\agrsm64.sys -- (AgereSoftModem)
    DRV:[b]64bit:[/b] - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
    DRV - [2009/11/16 05:21:50 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
    DRV - [2008/05/07 05:30:14 | 000,032,040 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot] -- C:\Windows\SysWOW64\drivers\LPCFilter.sys -- (LPCFilter)
    0
  14. vika59
     
    Je n'arrive pas à poster le rapport en entier sur le forum alors je te laisse aller voir le lien que j'ai mis.
    0
  15. vika59
     
    Bonjour,
    Voila ce que ca me dit :

    ========= OTL ==========
    Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\\AlternateShell not found.
    File C:\Users\Victoria\AppData\Roaming\1.exe not found.
    File C:\Users\secours\AppData\Roaming\1.exe not found.
    File C:\Users\secours\AppData\Roaming\1.exe not found.

    OTLPE by OldTimer - Version 3.1.48.0 log created on 09202012_032538
    0
  16. Utilisateur anonyme
     
    Bonjour

    Enlève le CD et démarre ton PC normalement;cela devrait fonctionner

    @+
    0
  17. vika59
     
    J'essaie tout de suite ce soir en rentrant, encore merci de ton aide précieuse.
    0
  18. vika59
     
    C'est embetant ca ne fonctionne toujours pas, j'ai toujours une page noire après le "bienvenue" de l'ouverture de session..
    0