A voir également:
- Ce programme ne peut pas afficher la page web
- Traduire une page web - Guide
- Supprimer une page word - Guide
- Instagram web - Guide
- Capture page web - Guide
113 réponses
benhabbo
Messages postés
2225
Date d'inscription
jeudi 10 juillet 2008
Statut
Membre
Dernière intervention
30 juin 2018
256
4 oct. 2012 à 23:01
4 oct. 2012 à 23:01
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
5 oct. 2012 à 08:38
5 oct. 2012 à 08:38
Bonjour,
Fais ceci : https://www.commentcamarche.net/faq/34284-pre-scan-pe-sous-environnement-win-7-live
Fais ceci : https://www.commentcamarche.net/faq/34284-pre-scan-pe-sous-environnement-win-7-live
mon PC me dit qu'il est dangereux d'éxécuter 7pe_x86_E.exe
Je fais quand même ? Est ce le bon fichier ?
Je fais quand même ? Est ce le bon fichier ?
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
5 oct. 2012 à 09:58
5 oct. 2012 à 09:58
Oui oui c'est lui. Rien de dangereux ...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
CD ok ! (heureusement que j'ai un netbook avec un petit lecteur volant)
En revanche, je n'arrive pas a booter mon BIOS....
Aucune touche Setup n'apparait (comme indiqué sur descriptif)
Faut il que je démarre avec une touche particulière ?
En revanche, je n'arrive pas a booter mon BIOS....
Aucune touche Setup n'apparait (comme indiqué sur descriptif)
Faut il que je démarre avec une touche particulière ?
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
Modifié par juju666 le 5/10/2012 à 11:06
Modifié par juju666 le 5/10/2012 à 11:06
mmmmh F5, DEL ... ?
marque et modele du pc ? jsuis pas dedans, ni devant ta machine :)
.::. Contributeur Sécurité .::.
marque et modele du pc ? jsuis pas dedans, ni devant ta machine :)
.::. Contributeur Sécurité .::.
Même problème pour moi! La solution n'a pas marché :s
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
5 oct. 2012 à 18:12
5 oct. 2012 à 18:12
merci d'ouvrir ton sujet !
bon, beaucoup de mal a trouver la bonne touche pour ouvrir le bios.... tapoter le Suppr !
Donc ca c'est fait. Démarrer sur CD? J'ai fini par y arriver.
Sur le bureau avec les outils Pre-scan.
Utiliser une souris a fil !!! ma souris sans fil ne marche pas dans ces conditions.
Démarrage, Pre-Scan..... j'ai 2 disques locaux qui apparaissent.....
J'en sélectionne un, je fais ok..... message suivant : "Target is not windows 2000 or later"
Donc suis bloqué là.....
A+
Donc ca c'est fait. Démarrer sur CD? J'ai fini par y arriver.
Sur le bureau avec les outils Pre-scan.
Utiliser une souris a fil !!! ma souris sans fil ne marche pas dans ces conditions.
Démarrage, Pre-Scan..... j'ai 2 disques locaux qui apparaissent.....
J'en sélectionne un, je fais ok..... message suivant : "Target is not windows 2000 or later"
Donc suis bloqué là.....
A+
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
7 oct. 2012 à 10:15
7 oct. 2012 à 10:15
Il faut choisir le dossier Windows :)
afideg
Messages postés
10517
Date d'inscription
lundi 10 octobre 2005
Statut
Contributeur sécurité
Dernière intervention
12 avril 2022
602
7 oct. 2012 à 12:24
7 oct. 2012 à 12:24
Salut Marcusmarcus
Pourquoi ne pas t'insrire gratuitement sur CCM ?
Tu pourrais plus rapidement gérer les messages.
Pour poster tes messages, pourrais-tu passer par ce bouton au bas de la page
https://www.luanagames.com/index.fr.html
Merci pour les lecteurs.
Hello Juju, ;)
Pourquoi ne pas t'insrire gratuitement sur CCM ?
Tu pourrais plus rapidement gérer les messages.
Pour poster tes messages, pourrais-tu passer par ce bouton au bas de la page
https://www.luanagames.com/index.fr.html
Merci pour les lecteurs.
Hello Juju, ;)
comment faire pour t'envoyer le rapport de Pre-scan ? Je n'ai pas d'accés internet a priori a partir du bureau affiché par le CD Pre-Scan.... et si je reboot sur Window, il bloque :-((
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
8 oct. 2012 à 11:42
8 oct. 2012 à 11:42
Il bloque toujours ?? Etonnant ça.
Fais le transiter via clé USB.
Fais le transiter via clé USB.
marcusmarcus
Messages postés
87
Date d'inscription
mardi 5 juin 2012
Statut
Membre
Dernière intervention
12 octobre 2012
8 oct. 2012 à 11:46
8 oct. 2012 à 11:46
voici le rapport via gravure CD
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan_PE | 2.0928 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤
~ Update on 28/09/2012 | 23.25 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk & Saachaa for their help for the evolution of the tool
~ Ordinateur : MININT-N8O0SUE
~ Système d'exploitation : Windows 7 Home Premium : HomePremium
~ Nbre de Validations : 6
~ Type d'installation : Client
~ Enregistré sous : user
~ Processeur : Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
~ Identification : x86 Family 6 Model 42 Stepping 7
Internet Explorer : 9.0.8112.16421
c:\ -> [Fixed]|[[Réservé au système]|[Total] : 100 Mo | Free : 70 Mo -> NTFS
C:\ -> [Fixed]|[[]|[Total] : 253770 Mo | Free : 172530 Mo -> NTFS
e:\ -> [Fixed]|[[]|[Total] : 700000 Mo | Free : 699000 Mo -> NTFS
f:\ -> [CDROM]|[[Win7PE_x86]|[Total] : 330 Mo | Free : 0 Mo -> CDFS
x:\ -> [Fixed]|[[Boot]|[Total] : 260 Mo | Free : 250 Mo -> NTFS
¤¤¤¤¤¤¤¤¤¤ | Boot's scripts
¤¤¤¤¤¤¤¤¤¤ | Frameworks
[14/07/2009 04:20:10] - C:\Windows\Microsoft.net\Framework\v1.0.3705
[14/07/2009 04:20:10] - C:\Windows\Microsoft.net\Framework\v1.1.4322
[14/07/2009 04:20:10] - C:\Windows\Microsoft.net\Framework\v2.0.50727
[14/07/2009 06:32:38] - C:\Windows\Microsoft.net\Framework\v3.0
[14/07/2009 06:32:38] - C:\Windows\Microsoft.net\Framework\v3.5
[08/06/2011 06:26:06] - C:\Windows\Microsoft.net\Framework\v4.0.30319
¤¤¤¤¤¤¤¤¤¤ | Windows Updates
Last(s) détection(s) : 2012-10-04 06:01:04
Last(s) download(s) : 2012-10-01 20:51:16
Last(s) installation(s) : 2012-10-01 21:32:22
Next search : 2012-10-05 02:55:21
¤¤¤¤¤¤¤¤¤¤ | Contrôle MD5
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Explorateur Windows.) - [2804.5 Ko] - (6.1.7601.17567) - C:\Windows\explorer.exe
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [27/06/2012 07:51:09] - (.© Microsoft Corporation. - Windows Explorer.) - [2804.5 Ko] - (6.1.7601.17567) - C:\Windows\erdnt\cache86\explorer.exe
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - [14/07/2009 00:56:52] - (.© Microsoft Corporation. - Windows Explorer.) - [2801 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[MD5.0862495E0C825893DB75EF44FAEA8E93] - [07/06/2011 17:33:22] - (.© Microsoft Corporation. - Windows Explorer.) - [2803 Ko] - (6.1.7600.16768) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[MD5.E38899074D4951D31B4040E994DD7C8D] - [07/06/2011 17:33:22] - (.© Microsoft Corporation. - Windows Explorer.) - [2803.5 Ko] - (6.1.7600.20910) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[MD5.AC4C51EB24AA95B77F705AB159189E24] - [20/03/2011 16:28:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2805 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2804.5 Ko] - (6.1.7601.17567) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[MD5.3B69712041F3D63605529BD66DC00C48] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2804.5 Ko] - (6.1.7601.21669) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[MD5.15BC38A7492BEFE831966ADB477CF76F] - [14/07/2009 00:41:14] - (.© Microsoft Corporation. - Windows Explorer.) - [2552 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2553.5 Ko] - (6.1.7600.16768) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[MD5.255CF508D7CFB10E0794D6AC93280BD8] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2553.5 Ko] - (6.1.7600.20910) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[MD5.40D777B7A95E00593EB1568C68514493] - [20/03/2011 16:28:55] - (.© Microsoft Corporation. - Windows Explorer.) - [2555 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2555 Ko] - (6.1.7601.17567) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[MD5.0FB9C74046656D1579A64660AD67B746] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2555 Ko] - (6.1.7601.21669) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 00:19:49] - (.© Microsoft Corporation. - Processus d'exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) - C:\Windows\System32\csrss.exe
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 00:19:49] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [7.5 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe
[MD5.1911A3356FA3F77CCC825CCBAC038C2A] - [14/07/2009 00:19:50] - (.© Microsoft Corporation. - Gestionnaire de sessions Windows.) - [110 Ko] - (6.1.7600.16385) - C:\Windows\System32\smss.exe
[MD5.1911A3356FA3F77CCC825CCBAC038C2A] - [14/07/2009 00:19:50] - (.© Microsoft Corporation. - Windows Session Manager.) - [110 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [20/03/2011 16:29:13] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) - C:\Windows\System32\userinit.exe
[MD5.61AC3EFDFACFDD3F0F11DD4FD4044223] - [20/03/2011 16:27:18] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [26 Ko] - (6.1.7601.17514) - C:\Windows\SysWOW64\userinit.exe
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [27/06/2012 07:51:08] - (.© Microsoft Corporation. - Userinit Logon Application.) - [30 Ko] - (6.1.7601.17514) - C:\Windows\erdnt\cache64\userinit.exe
[MD5.61AC3EFDFACFDD3F0F11DD4FD4044223] - [27/06/2012 07:51:09] - (.© Microsoft Corporation. - Userinit Logon Application.) - [26 Ko] - (6.1.7601.17514) - C:\Windows\erdnt\cache86\userinit.exe
[MD5.6F8F1376A13114CC10C0E69274F5A4DE] - [14/07/2009 00:50:33] - (.© Microsoft Corporation. - Userinit Logon Application.) - [29.5 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [20/03/2011 16:29:13] - (.© Microsoft Corporation. - Userinit Logon Application.) - [30 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[MD5.6DE80F60D7DE9CE6B8C2DDFDF79EF175] - [14/07/2009 00:34:20] - (.© Microsoft Corporation. - Userinit Logon Application.) - [25.5 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[MD5.61AC3EFDFACFDD3F0F11DD4FD4044223] - [20/03/2011 16:27:18] - (.© Microsoft Corporation. - Userinit Logon Application.) - [26 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 00:52:37] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) - C:\Windows\System32\wininit.exe
[MD5.B5C5DCAD3899512020D135600129D665] - [14/07/2009 00:36:49] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94 Ko] - (6.1.7600.16385) - C:\Windows\SysWOW64\wininit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [27/06/2012 07:51:08] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [126 Ko] - (6.1.7600.16385) - C:\Windows\erdnt\cache64\wininit.exe
[MD5.B5C5DCAD3899512020D135600129D665] - [27/06/2012 07:51:09] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [94 Ko] - (6.1.7600.16385) - C:\Windows\erdnt\cache86\wininit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 00:52:37] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [126 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[MD5.B5C5DCAD3899512020D135600129D665] - [14/07/2009 00:36:49] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [94 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [20/03/2011 16:29:13] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [381.5 Ko] - (6.1.7601.17514) - C:\Windows\System32\winlogon.exe
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [27/06/2012 07:51:08] - (.© Microsoft Corporation. - Windows Logon Application.) - [381.5 Ko] - (6.1.7601.17514) - C:\Windows\erdnt\cache64\winlogon.exe
[MD5.132328DF455B0028F13BF0ABEE51A63A] - [14/07/2009 00:52:48] - (.© Microsoft Corporation. - Windows Logon Application.) - [380 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [20/03/2011 16:29:13] - (.© Microsoft Corporation. - Windows Logon Application.) - [381.5 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - [15/02/2012 07:49:03] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487 Ko] - (6.1.7601.17752) - C:\Windows\System32\drivers\afd.sys
[MD5.B9384E03479D2506BC924C16A3DB87BC] - [14/07/2009 00:21:44] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [488.5 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[MD5.6EF20DDF3172E97D69F596FB90602F29] - [17/06/2011 00:08:39] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [488 Ko] - (6.1.7600.16802) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - [15/02/2012 07:49:03] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487.5 Ko] - (6.1.7600.16937) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16937_none_34154fcd77f3bbda\afd.sys
[MD5.FBFF8B7C9D116229E9208A0D1CAEB49B] - [17/06/2011 00:08:39] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [488 Ko] - (6.1.7600.20951) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys
[MD5.CCA39961E76B491DDF44B1E90FC8971D] - [15/02/2012 07:49:04] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487.5 Ko] - (6.1.7600.21115) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.21115_none_34b263fe91032456\afd.sys
[MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - [20/03/2011 16:28:06] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [488 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[MD5.D5B031C308A409A0A576BFF4CF083D30] - [17/06/2011 00:08:39] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487.5 Ko] - (6.1.7601.17603) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - [15/02/2012 07:49:03] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487 Ko] - (6.1.7601.17752) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[MD5.F4AD06143EAC303F55D0E86C40802976] - [17/06/2011 00:08:39] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487.5 Ko] - (6.1.7601.21712) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys
[MD5.36A14FD1A23F57046361733B792CA8DB] - [15/02/2012 07:49:04] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [486.5 Ko] - (6.1.7601.21887) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [27/06/2012 07:51:08] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) - C:\Windows\erdnt\cache64\atapi.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 00:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) - C:\Windows\System32\drivers\atapi.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 00:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 00:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[MD5.F036CE71586E93D94DAB220D7BDF4416] - [20/03/2011 16:26:48] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) - C:\Windows\System32\drivers\cdrom.sys
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - [14/07/2009 00:19:54] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[MD5.F036CE71586E93D94DAB220D7BDF4416] - [20/03/2011 16:26:48] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
[MD5.09594D1089C523423B32A4229263F068] - [20/03/2011 16:27:02] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) - C:\Windows\System32\drivers\netbt.sys
[MD5.9162B273A44AB9DCE5B44362731D062A] - [14/07/2009 00:21:29] - (.© Microsoft Corporation. - MBT Transport driver.) - [253 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_bc59ba0910f52e0c\netbt.sys
[MD5.09594D1089C523423B32A4229263F068] - [20/03/2011 16:27:02] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [27/06/2012 07:51:08] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) - C:\Windows\erdnt\cache64\tdx.sys
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [20/03/2011 16:29:20] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) - C:\Windows\System32\drivers\tdx.sys
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - [14/07/2009 00:21:15] - (.© Microsoft Corporation. - TDI Translation Driver.) - [97.5 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [20/03/2011 16:29:20] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - [20/03/2011 16:26:48] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) - C:\Windows\System32\drivers\volsnap.sys
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - [14/07/2009 00:20:09] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [288.08 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - [20/03/2011 16:26:48] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [288.88 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys
10:57:30
¤¤¤¤¤¤¤¤¤¤ | HKCR\Applications
[HKCR\Applications\Acrobat.exe\Shell\open\command] : "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe" "%1"
[HKCR\Applications\dreamweaver.exe\Shell\open\command] : "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe", "%1"
[HKCR\Applications\ehshell.exe\Shell\open\command] : "C:\Windows\eHome\ehshell.exe" "%1"
[HKCR\Applications\iexplore.exe\Shell\open\command] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKCR\Applications\iTunes.exe\Shell\open\command] : "C:\Program Files (x86)\iTunes\iTunes.exe" /open "%L"
[HKCR\Applications\notepad.exe\Shell\open\command] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKCR\Applications\Photoshop.exe\Shell\open\command] : "C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe" "%1"
[HKCR\Applications\photoviewer.dll\Shell\open\command] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKCR\Applications\vlc.exe\Shell\open\command] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKCR\Applications\wmplayer.exe\Shell\open\command] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKCR\Applications\wordpad.exe\Shell\open\command] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
¤¤¤¤¤¤¤¤¤¤ | Windows
[HKLM | Session Manager\SubSystems]|[Windows] : winsrv : %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
¤¤¤¤¤¤¤¤¤¤ | Svchost - Netsvc
Audiov
Tapiv
Term
¤¤¤¤¤¤¤¤¤¤ | Winlogon
¤
[HKLM | Winlogon]|[Shell] : explorer.exe
[HKLM | Winlogon]|[userinit] : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon]|[PowerDownAfterShutdown] : 1
[HKLM | Winlogon]|[System] :
¤¤¤¤¤¤¤¤¤¤ | Associations
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\explorer.exe
¤
¤
[Firefox | Command] : "C:\Program Files\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] : "C:\Program Files\Mozilla Firefox\Firefox.exe" -safe-mode
[IE | Command] : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Assoc | Applications] : http://shell.windows.com/fileassoc/%04x/xml/redir.aspExt=%s
¤¤¤¤¤¤¤¤¤¤ | Corrections diverses
[HKU\user_ON_D | HideDesktopIcons\ClassicStartMenu]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 0
[HKU\S-1-5-18 | HideDesktopIcons\ClassicStartMenu]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 0
[HKU\user_ON_D | HideDesktopIcons\ClassicStartMenu]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 0
[HKU\S-1-5-18 | HideDesktopIcons\ClassicStartMenu]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 0
[HKLM | HideDesktopIcons\ClassicStartMenu]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 0
[HKLM | Advanced\Folder\Hidden\SHOWALL]|[CheckedValue] : 1
[HKU\user_ON_D | Explorer\Advanced]|[Start_PowerButtonAction] : 2
[HKU\user_ON_D | Explorer\Advanced]|[Start_ShowUser] : 1
[HKU\S-1-5-18 | Explorer\Advanced]|[Start_ShowUser] : 1
[HKU\S-1-5-18 | Explorer\Advanced]|[Start_ShowHelp] : 0 -> 1
[HKU\S-1-5-18 | Explorer\Advanced]|[Start_EnableDragDrop] : 1
[HKU\LocalService_ON_D | Policies\Explorer]|[NoDesktop] : 0
[HKU\NetworkService_ON_D | Policies\Explorer]|[NoDesktop] : 0
[HKU\LocalService_ON_D | Explorer\Advanced]|[Hidden] : 0
[HKU\NetworkService_ON_D | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-19 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-20 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\systemprofile_ON_D | Explorer\Advanced]|[Hidden] : -> 0
[HKU\user_ON_D | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-18 | Explorer\Advanced]|[Hidden] : 1 -> 0
[HKU\user_ON_D | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKU\S-1-5-18 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKLM | policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKU\user_ON_D | Windows\System]|[DisableCMD] : 0
[HKU\user_ON_D | Policies\System]|[DisableRegistryTools] : 0
[HKLM | Policies\System]|[DisableRegistryTools] : 0
[HKLM | Control\SafeBoot]|[AlternateShell] : cmd.exe
10:57:31
¤¤¤¤¤¤¤¤¤¤ | Security Center
[HKLM | Security Center]|[AntiVirusDisableNotify] : 0
[HKLM | Security Center]|[FirewallDisableNotify] : 0
[HKLM | Security Center]|[UpdatesDisableNotify] : 0
[HKLM | Security Center\Svc]|[AntispywareOverride] : 0
[HKLM | Security Center\Svc]|[AntiVirusOverride] : 0
[HKLM | Security Center\Svc]|[FirewallOverride] : 0
[HKLM | FirewallPolicy\DomainProfile]|[DisableNotifications] : 0
[HKLM | FirewallPolicy\StandardProfile]|[DisableNotifications] : 0
¤¤¤¤¤¤¤¤¤¤ | Services
[RPCSS] : 2
[Cmbatt] : 3
[Compbatt] : 0
[Ndisuio] : 3
[Power] : 2
[Profsvc] : 2
[PlugPlay] : 2
[PEAUTH] : 2
[nsi] : 2
[NLASvc] : 2
[MPSsvc] : 2
[MMCSS] : 2
[luafv] : 2
[lltdio] : 2
[Iphlpsvc] : 2
[IKEEXT] : 2
[gpsvc] : 2
[lmhosts] : 2
[LanmanWorkstation] : 2
[LanmanServer] : 2
[agp440] : 2
[AudioEndpointBuilder] : 2
[Audiosrv] : 2
[BFE] : 2
[Bits] : 2
[CryptSvc] : 2
[EapHost] : 2
[Wlansvc] : 2
[SharedAccess] : 2
[windefend] : 3 -> 2
[wuauserv] : 2
[WerSvc] : 2
[wscsvc] : 2
10:57:31
¤¤¤¤¤¤¤¤¤¤ | Internet Explorer
[HKU\user_ON_D | Main]|[Start Page] : https://www.google.fr/ -> https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-18 | Main]|[Start Page] : https://www.google.com/?gws_rd=ssl
[HKU\user_ON_D | Main]|[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\system32\blank.htm
[HKU\S-1-5-18 | Main]|[Local Page] : X:\windows\system32\blank.htm -> C:\Windows\system32\blank.htm
[HKU\user_ON_D | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dllprd=ie&ar=iesearch
[HKU\S-1-5-18 | Main]|[Search Page] : http://go.microsoft.com/fwlink/LinkId=54896 -> http://www.microsoft.com/isapi/redir.dllprd=ie&ar=iesearch
[HKU\user_ON_D | Main]|[Use Custom Search URL] : 0
[HKLM | Search]|[SearchAssistant] : http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main]|[Start Page] : http://go.microsoft.com/fwlink/LinkId=69157
[HKLM | Main]|[Local Page] : C:\Windows\System32\blank.htm
[HKLM | Main]|[Default_Search_URL] : http://go.microsoft.com/fwlink/LinkId=54896
[HKLM | Main]|[Default_Page_URL] : http://go.microsoft.com/fwlink/LinkId=69157
[HKLM | Main]|[Search Page] : http://go.microsoft.com/fwlink/LinkId=54896
[HKLM | AboutURLs]|[Tabs] : res://ieframe.dll/tabswelcome.htm
¤
[HKU\user_ON_D | PhishingFilter]|[Enabled] : 2
[HKU\user_ON_D | PhishingFilter]|[EnabledV8] : 1
[HKU\S-1-5-18 | PhishingFilter]|[EnabledV8] : 1
[HKU\user_ON_D | Internet settings]|[ProxyOverride] : *.local
[HKU\LocalService_ON_D | Internet settings]|[EnableHttp1_1] : 1
[HKU\NetworkService_ON_D | Internet settings]|[EnableHttp1_1] : 1
[HKU\user_ON_D | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-18 | Internet settings]|[EnableHttp1_1] : 1
[HKU\user_ON_D | Internet settings]|[MigrateProxy] : 1
[HKU\user_ON_D | Internet settings]|[WarnonBadCertRecving] : 1
[HKU\user_ON_D | Internet settings]|[WarnOnHTTPSToHTTPRedirect] : 1
[HKU\user_ON_D | Internet settings]|[WarnonZoneCrossing] : 0 -> 1
[HKU\S-1-5-18 | Internet settings]|[WarnonZoneCrossing] : 0 -> 1
[HKU\LocalService_ON_D | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\NetworkService_ON_D | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\user_ON_D | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-18 | Internet settings]|[AutoConfigProxy] : wininet.dll
¤¤¤¤¤¤¤¤¤¤ | DNS
[HKLM\SYSTEM\CCS | Tcpip\Parameters]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet001 | Interfaces\{E1F3534C-14EA-47D6-9700-6855075DAC02}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet002 | Interfaces\{E1F3534C-14EA-47D6-9700-6855075DAC02}]|[DhcpNameServer] : 192.168.1.1
10:57:31
¤¤¤¤¤¤¤¤¤¤ | Traitement Files | Folders | Registre
Key deleted : [HKU\user_ON_D | Run]|[zigguoamqpnagel] : C:\Windows\zigguoam.exe
Deleted : C:\Windows\zigguoam.exe
11:00:31
11:01:15
¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair
[HKLM | Safeboot] -> OK
[HKLM | Safeboot\Minimal] -> OK
[HKLM | Safeboot\Network] -> OK
¤
[HKLM | Minimal\AppMgmt] : Service -> OK
[HKLM | Minimal\Base] : Driver Group -> OK
[HKLM | Minimal\Boot Bus Extender] : Driver Group -> OK
[HKLM | Minimal\Boot file system] : Driver Group -> OK
[HKLM | Minimal\CryptSvc] : Service -> OK
[HKLM | Minimal\DcomLaunch] : Service -> OK
[HKLM | Minimal\dmadmin] : Service -> OK
[HKLM | Minimal\dmboot.sys] : Driver -> OK
[HKLM | Minimal\dmio.sys] : Driver -> OK
[HKLM | Minimal\dmload.sys] : Driver -> OK
[HKLM | Minimal\dmserver] : Service -> OK
[HKLM | Minimal\EventLog]: Service -> OK
[HKLM | Minimal\File system] : Driver Group -> OK
[HKLM | Minimal\Filter] : Driver Group -> OK
[HKLM | Minimal\HelpSvc] : Service -> OK
[HKLM | Minimal\Netlogon] : Service -> OK
[HKLM | Minimal\PCI Configuration] : Driver Group -> OK
[HKLM | Minimal\PlugPlay] : Service -> OK
[HKLM | Minimal\PNP Filter] : Driver Group -> OK
[HKLM | Minimal\Primary disk] : Driver Group -> OK
[HKLM | Minimal\RpcSs] : Service -> OK
[HKLM | Minimal\SCSI Class] : Driver Group -> OK
[HKLM | Minimal\sermouse.sys] : Driver -> OK
[HKLM | Minimal\sr.sys] : FSFilter System Recovery -> OK
[HKLM | Minimal\SRService] : Service -> OK
[HKLM | Minimal\System Bus Extender] : Driver Group -> OK
[HKLM | Minimal\vds] : Service -> OK
[HKLM | Minimal\vga.sys] : Driver -> OK
[HKLM | Minimal\vgasave.sys] : Driver -> OK
[HKLM | Minimal\WinMgmt] : Service -> OK
[HKLM | Minimal\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : Volume shadow copy -> OK
[HKLM | Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK
¤
[HKLM | Network\AFD] : Service -> OK
[HKLM | Network\AppMgmt] : Service -> OK
[HKLM | Network\Base] : Driver Group -> OK
[HKLM | Network\Boot Bus Extender] : Driver Group -> OK
[HKLM | Network\Boot file system] : Driver Group -> OK
[HKLM | Network\Browser] : Service -> OK
[HKLM | Network\CryptSvc] : Service -> OK
[HKLM | Network\DcomLaunch] : Service -> OK
[HKLM | Network\Dhcp] : Service -> OK
[HKLM | Network\dmadmin] : Service -> OK
[HKLM | Network\dmboot.sys] : Driver -> OK
[HKLM | Network\dmio.sys] : Driver -> OK
[HKLM | Network\dmload.sys] : Driver -> OK
[HKLM | Network\dmserver] : Service -> OK
[HKLM | Network\DnsCache] : Service -> OK
[HKLM | Network\EventLog] : Service -> OK
[HKLM | Network\File system] : Driver Group -> OK
[HKLM | Network\Filter] : Driver Group -> OK
[HKLM | Network\HelpSvc] : Service -> OK
[HKLM | Network\ip6fw.sys] : Driver -> OK
[HKLM | Network\ipnat.sys] : Driver -> OK
[HKLM | Network\LanmanServer] : Service -> OK
[HKLM | Network\LanmanWorkstation] : Service -> OK
[HKLM | Network\LmHosts] : Service -> OK
[HKLM | Network\Messenger] : Service -> OK
[HKLM | Network\NDIS] : Driver Group -> OK
[HKLM | Network\NDIS Wrapper] : Driver Group -> OK
[HKLM | Network\Ndisuio] : Service -> OK
[HKLM | Network\NetBIOS] : Service -> OK
[HKLM | Network\NetBIOSGroup] : Driver Group -> OK
[HKLM | Network\NetBT] : Service -> OK
[HKLM | Network\NetDDEGroup] : Driver Group -> OK
[HKLM | Network\Netlogon] : Service -> OK
[HKLM | Network\NetMan] : Service -> OK
[HKLM | Network\Network] : Driver Group -> OK
[HKLM | Network\NetworkProvider] : Driver Group -> OK
[HKLM | Network\NtLmSsp] : Service -> OK
[HKLM | Network\PCI Configuration] : Driver Group -> OK
[HKLM | Network\PlugPlay] : Service -> OK
[HKLM | Network\PNP Filter] : Driver Group -> OK
[HKLM | Network\PNP_TDI] : Driver Group -> OK
[HKLM | Network\Primary disk] : Driver Group -> OK
[HKLM | Network\rdpcdd.sys] : Driver -> OK
[HKLM | Network\rdpdd.sys] : Driver -> OK
[HKLM | Network\rdpwd.sys] : Driver -> OK
[HKLM | Network\rdsessmgr] : Service -> OK
[HKLM | Network\RpcSs] : Service -> OK
[HKLM | Network\SCSI Class] : Driver Group -> OK
[HKLM | Network\sermouse.sys] : Driver -> OK
[HKLM | Network\sharedaccess] : Service -> OK
[HKLM | Network\sr.sys] : FSFilter System Recovery -> OK
[HKLM | Network\SRService] : Service -> OK
[HKLM | Network\Streams Drivers] : Driver Group -> OK
[HKLM | Network\SYMTDI] : Service -> OK
[HKLM | Network\System Bus Extender] : Driver Group -> OK
[HKLM | Network\Tcpip] : Service -> OK
[HKLM | Network\TDI] : Driver Group -> OK
[HKLM | Network\tdpipe.sys] : Driver -> OK
[HKLM | Network\tdtcp.sys] : Driver -> OK
[HKLM | Network\termservice] : Service -> OK
[HKLM | Network\UploadMgr] : Service -> OK
[HKLM | Network\vga.sys] : Driver -> OK
[HKLM | Network\vgasave.sys] : Driver -> OK
[HKLM | Network\WinMgmt] : Service -> OK
[HKLM | Network\Wlansvc] : Service -> OK
[HKLM | Network\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] : Net -> OK
[HKLM | Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] : NetClient -> OK
[HKLM | Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] : NetService -> OK
[HKLM | Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] : NetTrans -> OK
[HKLM | Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK
¤¤¤¤¤¤¤¤¤¤ | IFEO
¤¤¤¤¤¤¤¤¤¤ | Mountpoints2
¤¤¤¤¤¤¤¤¤¤ | Run
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[RtHDVCpl] : C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[MSC] : "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
[HKU\user_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Access Password Recovery] : C:\Program Files (x86)\Intelore\Access Password Recovery\AccessPasswordRecovery.exe /hide
[HKU\user_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[AutoStartNPSAgent] : C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
[HKU\user_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Google Update] : "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
[HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[HotSwap! Applet] : "X:\Windows\system32\HotSwap!.EXE"
¤¤¤¤¤¤¤¤¤¤ | Others
[HKLM\System\CurrentControlSet\Control\SafeBoot]|[AlternateShell] : cmd.exe
[HKLM\System\CurrentControlSet\Control\SecurityProviders]|[SecurityProviders] : credssp.dll
[HKLM\System\CurrentControlSet\Control\Terminal Server]|[AllowRemoteRPC] : 0
[HKLM\System\CurrentControlSet\Control\Session Manager]|[BootExecute] : autocheck autochk *
[HKLM\System\ControlSet001\Control\Session Manager]|[SetupExecute] :
[HKLM\System\ControlSet001\Control]|[FirmwareBootDevice] : multi(0)disk(0)rdisk(0)partition(1)
[HKLM\System\ControlSet001\Control]|[SystemBootDevice] : multi(0)disk(0)rdisk(0)partition(2)
[HKLM\system\currentcontrolset\control\lsa]|[SecureBoot] : 1
[HKLM\system\currentcontrolset\control\lsa]|[restrictanonymoussam] : 1
[HKLM | Winlogon]|[VMApplet] : SystemPropertiesPerformance.exe /pagefile
[HKLM | Winlogon]|[SFCDisable] : 0
[HKLM | Winlogon]|[WinStationsDisabled] : 0
¤¤¤¤¤¤¤¤¤¤ | Winlogon\Notify
11:01:15
¤¤¤¤¤¤¤¤¤¤ | Derniers créés/modifiés
[08/10/2012 09:03:26] -- |D| -- C:\Windows\Pre_Scan
[08/10/2012 10:56:36] -- |A| -- C:\Windows\Pre_Scan.txt
¤¤¤¤¤¤¤¤¤¤ | Drives
[19/01/2012 12:53:31] -- |RASHD| -- c:\Autorun.inf
[19/01/2012 17:35:50] -- |RAD| -- C:\Autorun.inf
[19/01/2012 17:35:50] -- |RAD| -- e:\Autorun.inf
[20/11/2010 16:05:17] -- |A| -- x:\setup.exe
¤¤¤¤¤¤¤¤¤¤ | Homedrive
[27/06/2012 08:21:04] -- |SHD| -- C:\$RECYCLE.BIN
[21/01/2012 15:26:05] -- |D| -- C:\AdobeTemp
[27/06/2012 16:43:13] -- |A| -- C:\AdwCleaner[R1].txt
[27/06/2012 16:43:42] -- |A| -- C:\AdwCleaner[S1].txt
[06/06/2011 15:09:37] -- |D| -- C:\ATI
[19/01/2012 17:35:50] -- |RAD| -- C:\Autorun.inf
[04/10/2012 17:04:36] -- |SD| -- C:\combocombo
[27/06/2012 08:09:37] -- |A| -- C:\ComboFix.txt
[13/06/2012 06:35:44] -- |D| -- C:\Config.Msi
[14/07/2009 06:08:56] -- |SHD| -- C:\Documents and Settings
[06/06/2011 20:41:21] -- |ASH| -- C:\hiberfil.sys
[06/06/2011 15:06:03] -- |D| -- C:\Intel
[02/10/2011 12:39:25] -- |D| -- C:\Nathan
[06/06/2011 20:41:21] -- |ASH| -- C:\pagefile.sys
[14/07/2009 04:20:08] -- |D| -- C:\PerfLogs
[26/06/2012 15:49:10] -- |A| -- C:\plan0000.psd
[26/06/2012 15:58:25] -- |A| -- C:\plan0002.psd
[13/04/2012 12:19:21] -- |D| -- C:\Pre_Scan
[14/07/2009 04:20:08] -- |D| -- C:\Program Files
[14/07/2009 04:20:08] -- |D| -- C:\Program Files (x86)
[14/07/2009 04:20:08] -- |D| -- C:\ProgramData
[27/06/2012 07:42:31] -- |AD| -- C:\Qoobox
[06/06/2011 14:48:24] -- |D| -- C:\Recovery
[26/06/2012 20:12:34] -- |A| -- C:\SeafLog.txt
[06/06/2011 20:41:21] -- |SHD| -- C:\System Volume Information
[19/01/2012 11:17:26] -- |D| -- C:\UsbFix
[19/01/2012 11:17:31] -- |A| -- C:\UsbFix.txt
[19/01/2012 17:35:50] -- |A| -- C:\UsbFix_Upload_Me_USER-PC.zip
[02/05/2012 13:42:34] -- |A| -- C:\user.js
[14/07/2009 04:20:08] -- |D| -- C:\Users
[14/07/2009 04:20:08] -- |D| -- C:\Windows
¤¤¤¤¤¤¤¤¤¤ | Systemroot
[14/07/2009 06:32:38] -- |D| -- C:\Windows\addins
[14/07/2009 04:20:08] -- |D| -- C:\Windows\AppCompat
[14/07/2009 04:20:08] -- |D| -- C:\Windows\AppPatch
[06/06/2011 15:06:21] -- |A| -- C:\Windows\Ascd_log.ini
[06/06/2011 15:05:28] -- |A| -- C:\Windows\Ascd_tmp.ini
[14/07/2009 04:20:08] -- |RSD| -- C:\Windows\assembly
[06/04/2011 00:46:14] -- |A| -- C:\Windows\atiogl.xml
[06/06/2011 15:11:27] -- |A| -- C:\Windows\ativpsrm.bin
[20/03/2011 16:28:51] -- |A| -- C:\Windows\bfsvc.exe
[14/07/2009 04:20:09] -- |D| -- C:\Windows\Boot
[14/07/2009 06:38:36] -- |AS| -- C:\Windows\bootstat.dat
[14/07/2009 04:20:09] -- |D| -- C:\Windows\Branding
[07/06/2011 21:52:58] -- |D| -- C:\Windows\CheckSur
[14/07/2009 04:20:09] -- |D| -- C:\Windows\Cursors
[14/07/2009 05:45:54] -- |D| -- C:\Windows\debug
[14/07/2009 06:32:38] -- |D| -- C:\Windows\diagnostics
[14/07/2009 06:37:46] -- |D| -- C:\Windows\DigitalLocker
[09/05/2012 14:05:11] -- |D| -- C:\Windows\Downloaded Installations
[14/07/2009 06:32:38] -- |D| -- C:\Windows\Downloaded Program Files
[13/04/2012 14:06:36] -- |A| -- C:\Windows\EEventManager.INI
[14/07/2009 16:35:13] -- |D| -- C:\Windows\ehome
[14/07/2009 06:37:46] -- |D| -- C:\Windows\en-US
[08/06/2011 04:56:29] -- |A| -- C:\Windows\epplauncher.mif
[27/06/2012 07:42:27] -- |D| -- C:\Windows\erdnt
[07/06/2011 17:33:21] -- |A| -- C:\Windows\explorer.exe
[14/07/2009 04:20:09] -- |RSD| -- C:\Windows\Fonts
[14/07/2009 16:24:08] -- |D| -- C:\Windows\fr-FR
[14/07/2009 00:22:13] -- |A| -- C:\Windows\fveupdate.exe
[14/07/2009 04:20:09] -- |D| -- C:\Windows\Globalization
[27/06/2012 07:42:48] -- |A| -- C:\Windows\grep.exe
[14/07/2009 04:20:09] -- |D| -- C:\Windows\Help
[14/07/2009 01:29:53] -- |A| -- C:\Windows\HelpPane.exe
[14/07/2009 01:29:03] -- |A| -- C:\Windows\hh.exe
[14/07/2009 16:35:58] -- |A| -- C:\Windows\HomePremium.xml
[14/07/2009 04:20:09] -- |D| -- C:\Windows\IME
[14/07/2009 04:20:10] -- |D| -- C:\Windows\inf
[06/06/2011 14:57:02] -- |SHD| -- C:\Windows\Installer
[14/07/2009 04:20:10] -- |D| -- C:\Windows\L2Schemas
[06/06/2011 15:05:32] -- |A| -- C:\Windows\Language_trs.ini
[14/07/2009 04:20:10] -- |D| -- C:\Windows\LiveKernelReports
[14/07/2009 04:20:10] -- |D| -- C:\Windows\Logs
[27/06/2012 07:42:48] -- |A| -- C:\Windows\MBR.exe
[14/07/2009 04:20:10] -- |RSD| -- C:\Windows\Media
[03/07/2012 15:59:48] -- |A| -- C:\Windows\MEMORY.DMP
[14/07/2009 01:10:29] -- |A| -- C:\Windows\mib.bin
[14/07/2009 04:20:10] -- |D| -- C:\Windows\Microsoft.NET
[10/05/2012 14:58:21] -- |D| -- C:\Windows\Minidump
[14/07/2009 04:20:10] -- |D| -- C:\Windows\ModemLogs
[14/07/2009 03:35:42] -- |A| -- C:\Windows\msdfmap.ini
[27/06/2012 07:42:48] -- |A| -- C:\Windows\NIRCMD.exe
[14/07/2009 00:56:36] -- |A| -- C:\Windows\notepad.exe
[27/06/2012 00:03:57] -- |A| -- C:\Windows\ntbtlog.txt
[14/07/2009 06:32:38] -- |D| -- C:\Windows\Offline Web Pages
[06/06/2011 21:40:33] -- |D| -- C:\Windows\Panther
[06/06/2011 14:57:58] -- |D| -- C:\Windows\PCHEALTH
[14/07/2009 06:32:38] -- |D| -- C:\Windows\Performance
[27/06/2012 07:42:48] -- |A| -- C:\Windows\PEV.exe
[26/06/2012 20:29:49] -- |A| -- C:\Windows\PFRO.log
[14/07/2009 04:20:10] -- |D| -- C:\Windows\PLA
[14/07/2009 04:20:10] -- |D| -- C:\Windows\PolicyDefinitions
[06/06/2011 20:41:45] -- |D| -- C:\Windows\Prefetch
[08/10/2012 09:03:26] -- |D| -- C:\Windows\Pre_Scan
[08/10/2012 10:56:36] -- |A| -- C:\Windows\Pre_Scan.txt
[14/07/2009 00:27:10] -- |A| -- C:\Windows\regedit.exe
[14/07/2009 04:20:10] -- |D| -- C:\Windows\registration
[14/07/2009 04:20:10] -- |D| -- C:\Windows\rescache
[14/07/2009 04:20:10] -- |D| -- C:\Windows\Resources
[14/07/2009 04:20:10] -- |D| -- C:\Windows\SchCache
[14/07/2009 04:20:10] -- |D| -- C:\Windows\schemas
[14/07/2009 04:20:10] -- |D| -- C:\Windows\security
[27/06/2012 07:42:48] -- |A| -- C:\Windows\sed.exe
[14/07/2009 05:45:47] -- |D| -- C:\Windows\ServiceProfiles
[14/07/2009 04:20:10] -- |D| -- C:\Windows\servicing
[14/07/2009 05:45:50] -- |D| -- C:\Windows\Setup
[26/06/2012 20:29:55] -- |A| -- C:\Windows\setupact.log
[26/06/2012 20:29:55] -- |A| -- C:\Windows\setuperr.log
[14/07/2009 16:35:13] -- |D| -- C:\Windows\ShellNew
[06/06/2011 20:45:09] -- |D| -- C:\Windows\SoftwareDistribution
[14/07/2009 04:20:10] -- |D| -- C:\Windows\Speech
[24/08/2012 19:02:30] -- |A| -- C:\Windows\splwow64.exe
[14/07/2009 06:28:38] -- |A| -- C:\Windows\Starter.xml
[13/04/2012 17:50:50] -- |D| -- C:\Windows\Sun
[27/06/2012 07:42:48] -- |A| -- C:\Windows\SWREG.exe
[27/06/2012 07:42:48] -- |A| -- C:\Windows\SWSC.exe
[31/08/2000 01:00:00] -- |A| -- C:\Windows\SWXCACLS.exe
[14/07/2009 04:20:10] -- |D| -- C:\Windows\system
[14/07/2009 03:34:57] -- |A| -- C:\Windows\system.ini
[14/07/2009 04:20:10] -- |D| -- C:\Windows\System32
[14/07/2009 04:20:14] -- |D| -- C:\Windows\SysWOW64
[14/07/2009 04:20:14] -- |D| -- C:\Windows\TAPI
[14/07/2009 04:20:14] -- |D| -- C:\Windows\Tasks
[27/06/2012 08:09:38] -- |D| -- C:\Windows\temp
[14/07/2009 04:20:14] -- |D| -- C:\Windows\tracing
[10/06/2009 22:41:17] -- |A| -- C:\Windows\twain.dll
[14/07/2009 06:32:38] -- |D| -- C:\Windows\twain_32
[20/03/2011 16:31:16] -- |A| -- C:\Windows\twain_32.dll
[13/07/2009 23:47:26] -- |A| -- C:\Windows\twunk_16.exe
[14/07/2009 01:14:40] -- |A| -- C:\Windows\twunk_32.exe
[08/06/2011 17:07:37] -- |A| -- C:\Windows\unvise32.exe
[14/07/2009 04:20:14] -- |D| -- C:\Windows\Vss
[14/07/2009 04:20:14] -- |D| -- C:\Windows\Web
[14/07/2009 03:34:57] -- |A| -- C:\Windows\win.ini
[14/07/2009 05:54:24] -- |RA| -- C:\Windows\WindowsShell.Manifest
[06/06/2011 20:45:06] -- |A| -- C:\Windows\WindowsUpdate.log
[24/03/2011 21:43:35] -- |A| -- C:\Windows\winhlp32.exe
[14/07/2009 04:20:14] -- |D| -- C:\Windows\winsxs
[10/06/2009 21:52:44] -- |A| -- C:\Windows\WMSysPr9.prx
[14/07/2009 00:56:28] -- |A| -- C:\Windows\write.exe
[27/06/2012 07:42:48] -- |A| -- C:\Windows\zip.exe
¤¤¤¤¤¤¤¤¤¤ | signature des Files à la racine du Folder Windows
[MD5.317CD1CE327B6520BF4EE007BCD39E61] -- [20/03/2011 16:28:51] -- (.© Microsoft Corporation. - Utilitaire de service de fichier de démarrage.) -- [69.5 Ko] -- C:\Windows\bfsvc.exe -> (6.1.7601.17514)
[MD5.332FEAB1435662FC6C672E25BEB37BE3] -- [07/06/2011 17:33:21] -- (.© Microsoft Corporation. - Explorateur Windows.) -- [2804.5 Ko] -- C:\Windows\explorer.exe -> (6.1.7601.17567)
[MD5.92BB2E9AA28542C685C59EFCBAC2490B] -- [14/07/2009 00:22:13] -- (.© Microsoft Corporation. - Utilitaire de service de chiffrement de lecteur BitLocker.) -- [15 Ko] -- C:\Windows\fveupdate.exe -> (6.1.7600.16385)
[MD5.9E05A9C264C8A908A8E79450FCBFF047] -- [27/06/2012 07:42:48] -- (. - .) -- [78.53 Ko] -- C:\Windows\grep.exe -> (0.0.0.0)
[MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] -- [14/07/2009 01:29:53] -- (.© Microsoft Corporation. - Aide et support Microsoft.) -- [716.5 Ko] -- C:\Windows\HelpPane.exe -> (6.1.7600.16385)
[MD5.3D0B9EA79BF1F828324447D84AA9DCE2] -- [14/07/2009 01:29:03] -- (.© Microsoft Corporation. - Exécutable de l'aide HTML Microsoft®.) -- [16.5 Ko] -- C:\Windows\hh.exe -> (6.1.7600.16385)
[MD5.0277C027A26428DB64EF4F64F52BB4FD] -- [27/06/2012 07:42:48] -- (. - .) -- [204 Ko] -- C:\Windows\MBR.exe -> (0.0.0.0)
[MD5.753BC16326FEE4A421ACB636CCD602F4] -- [27/06/2012 07:42:48] -- (.Copyright © 2003 - 2009 Nir Sofer - NirCmd.) -- [59 Ko] -- C:\Windows\NIRCMD.exe -> (2.3.5.189)
[MD5.F2C7BB8ACC97F92E987A2D4087D021B1] -- [14/07/2009 00:56:36] -- (.© Microsoft Corporation. - Bloc-notes.) -- [189 Ko] -- C:\Windows\notepad.exe -> (6.1.7600.16385)
[MD5.F042EE4C8D66248D9B86DCF52ABAE416] -- [27/06/2012 07:42:48] -- (. - .) -- [250 Ko] -- C:\Windows\PEV.exe -> (0.0.0.0)
[MD5.2E2C937846A0B8789E5E91739284D17A] -- [14/07/2009 00:27:10] -- (.© Microsoft Corporation. - Éditeur du Registre.) -- [417 Ko] -- C:\Windows\regedit.exe -> (6.1.7600.16385)
[MD5.2B657A67AEBB84AEA5632C53E61E23BF] -- [27/06/2012 07:42:48] -- (. - .) -- [96.5 Ko] -- C:\Windows\sed.exe -> (0.0.0.0)
[MD5.127AA81343A7C6F665C22CB1293B0A90] -- [24/08/2012 19:02:30] -- (.© Microsoft Corporation. - Print driver host for 32bit applications.) -- [65.5 Ko] -- C:\Windows\splwow64.exe -> (6.1.7601.17777)
[MD5.A46842C9B0C567A5A9584E83A163560C] -- [27/06/2012 07:42:48] -- (.Copyright © Frank Staal 1999-2008 - Freeware implementation of REG.EXE.) -- [506 Ko] -- C:\Windows\SWREG.exe -> (3.0.0.0)
[MD5.0297C72529807322B152F517FDB0A9FC] -- [27/06/2012 07:42:48] -- (.Copyright © Frank Staal 1999-2006 - Freeware implementation of SC.EXE.) -- [397 Ko] -- C:\Windows\SWSC.exe -> (2.0.0.5)
[MD5.B1A9CF0B6F80611D31987C247EC630B4] -- [31/08/2000 01:00:00] -- (.Copyright © Frank Staal 1999-2006 - Freeware implementation of XCACLS.) -- [207.5 Ko] -- C:\Windows\SWXCACLS.exe -> (1.0.1.1)
[MD5.F36A271706EDD23C94956AFB56981184] -- [13/07/2009 23:47:26] -- (. - Twain_32.dll Client's 16-Bit Thunking Server.) -- [48.52 Ko] -- C:\Windows\twunk_16.exe -> (1.7.0.0)
[MD5.0BD6E68F3EA0DD62CD86283D86895381] -- [14/07/2009 01:14:40] -- (. - Twain.dll Client's 32-Bit Thunking Server.) -- [30.5 Ko] -- C:\Windows\twunk_32.exe -> (1.7.1.0)
[MD5.8CE5266F0BBB73C95886CB72B0063CB8] -- [08/06/2011 17:07:37] -- (.Copyright © MindVision Software 1995-2004 - Uninstall application file.) -- [88 Ko] -- C:\Windows\unvise32.exe -> (3.6.1.0)
[MD5.22F9BB27BA0737B106EC579A6F23B550] -- [24/03/2011 21:43:35] -- (.© Microsoft Corporation. - Aide Microsoft®.) -- [290 Ko] -- C:\Windows\winhlp32.exe -> (50.1.7600.16386)
[MD5.F8ED3B4B209E2CB49028E36CF06CA851] -- [14/07/2009 00:56:28] -- (.© Microsoft Corporation. - Windows Write.) -- [10 Ko] -- C:\Windows\write.exe -> (6.1.7600.16385)
[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] -- [27/06/2012 07:42:48] -- (. - .) -- [66.5 Ko] -- C:\Windows\zip.exe -> (0.0.0.0)
¤¤¤¤¤¤¤¤¤¤ | Systemroot\System
¤¤¤¤¤¤¤¤¤¤ | Systemroot\Installer
[21/01/2012 16:57:23] - C:\Windows\Installer\{03CEFC42-378E-4467-9909-DCBAFD38CA9F}\soffice.ico
[21/01/2012 16:57:27] - C:\Windows\Installer\{03CEFC42-378E-4467-9909-DCBAFD38CA9F}\trans_fr.mst
[13/06/2011 10:39:54] - C:\Windows\Installer\{098A2A49-7CF3-4F08-A38D-FB879117152A}\fr_FR.mst
[13/06/2011 10:39:49] - C:\Windows\Installer\{0D6013AB-A0C7-41DC-973C-E93129C9A29F}\fr_FR.mst
[22/06/2012 06:43:17] - C:\Windows\Installer\{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}\fssicon.ico
[13/06/2011 10:39:44] - C:\Windows\Installer\{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}\fr_FR.mst
[13/06/2011 10:45:22] - C:\Windows\Installer\{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}\fr_FR.mst
[06/06/2011 15:10:27] - C:\Windows\Installer\{19A492A0-888F-44A0-9B21-D91700763F62}\ARPPRODUCTICON.exe
[06/06/2011 15:10:28] - C:\Windows\Installer\{1ABF311C-6AA8-B234-196A-6DEE5A43E34A}\ARPPRODUCTICON.exe
[13/06/2011 11:40:39] - C:\Windows\Installer\{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}\fr_FR.mst
[07/10/2011 14:00:26] - C:\Windows\Installer\{26A24AE4-039D-4CA4-87B4-2F86416027FF}\jre1036.MST
[13/06/2011 10:40:51] - C:\Windows\Installer\{2BAF2B96-7560-48B4-87D4-10178DDBE217}\fr_FR.mst
[13/06/2011 10:50:24] - C:\Windows\Installer\{30C8AA56-4088-426F-91D1-0EDFD3A25678}\fr_FR.mst
[12/01/2012 23:49:49] - C:\Windows\Installer\{343666E2-A059-48AC-AD67-230BF74E2DB2}\WinInstall.ico
[13/06/2011 10:42:54] - C:\Windows\Installer\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}\fr_FR.mst
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\1036.mst
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\ARPPRODUCTICON.exe
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\NewShortcut2_3B1A0823966A48909E77539C330FBF6E.exe
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\NewShortcut3_3B1A0823966A48909E77539C330FBF6E.exe
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\NewShortcut4_3B1A0823966A48909E77539C330FBF6E.exe
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\NewShortcut5_3B1A0823966A48909E77539C330FBF6E.exe
[06/06/2011 15:10:17] - C:\Windows\Installer\{418D5410-7A7B-315F-0CF9-A76BC6C131DC}\ARPPRODUCTICON.exe
[13/06/2011 11:02:21] - C:\Windows\Installer\{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}\Adobe_ID0E35AG
[13/06/2011 11:02:21] - C:\Windows\Installer\{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}\Adobe_ID0EO3AG
[13/06/2011 11:02:21] - C:\Windows\Installer\{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}\fr_FR.mst
[13/06/2011 10:45:49] - C:\Windows\Installer\{43509E18-076E-40FE-AF38-CA5ED400A5A9}\Adobe_ID0EKLAC
[13/06/2011 10:45:49] - C:\Windows\Installer\{43509E18-076E-40FE-AF38-CA5ED400A5A9}\Adobe_ID0EKMAC
[13/06/2011 10:45:49] - C:\Windows\Installer\{43509E18-076E-40FE-AF38-CA5ED400A5A9}\Adobe_ID0ERKAC_icon
[13/06/2011 10:40:46] - C:\Windows\Installer\{48F9998C-3BA0-42D3-82E6-5882441EB8CE}\fr_FR.mst
[06/06/2011 15:10:31] - C:\Windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe
[21/03/2012 10:36:16] - C:\Windows\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}\wlmail.exe
[06/06/2011 15:10:29] - C:\Windows\Installer\{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}\ARPPRODUCTICON.exe
[06/06/2011 15:10:27] - C:\Windows\Installer\{6201BACA-81B5-8AB0-3B93-0F76BB6F4389}\ARPPRODUCTICON.exe
[13/06/2011 10:42:30] - C:\Windows\Installer\{67F0E67A-8E93-4C2C-B29D-47C48262738A}\Adobe_ID0EFNAC
[13/06/2011 10:42:30] - C:\Windows\Installer\{67F0E67A-8E93-4C2C-B29D-47C48262738A}\Adobe_ID0EJMAC
[13/06/2011 10:42:30] - C:\Windows\Installer\{67F0E67A-8E93-4C2C-B29D-47C48262738A}\Adobe_ID0ENLAC
[13/06/2011 10:42:30] - C:\Windows\Installer\{67F0E67A-8E93-4C2C-B29D-47C48262738A}\Adobe_ID0ERKAC
[13/06/2011 10:42:30] - C:\Windows\Installer\{67F0E67A-8E93-4C2C-B29D-47C48262738A}\Adobe_ID0EVJAC
[12/01/2012 23:49:57] - C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
[12/01/2012 23:49:57] - C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\RichText.ico
[22/06/2012 06:44:36] - C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon
[06/06/2011 15:10:27] - C:\Windows\Installer\{720E93BE-744E-225B-786F-227C2677352F}\ARPPRODUCTICON.exe
[12/01/2012 23:50:16] - C:\Windows\Installer\{75104836-CAC7-444E-A39E-3F54151942F5}\Installer.ico
[12/01/2012 23:50:27] - C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
[12/01/2012 23:50:27] - C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
[20/01/2012 09:18:29] - C:\Windows\Installer\{7C4CC7D5-5F53-49DF-8B19-8EEF90E17BDB}\soffice.ico
[20/01/2012 09:18:29] - C:\Windows\Installer\{7C4CC7D5-5F53-49DF-8B19-8EEF90E17BDB}\trans_fr.mst
[09/03/2012 16:09:11] - C:\Windows\Installer\{7E84FAC8-C518-40F9-9807-7455301D6D25}\ARPPRODUCTICON.exe
[20/01/2012 19:13:30] - C:\Windows\Installer\{812489B5-A2A9-474B-9BE7-55410E0E1DB4}\maconfico
[20/01/2012 19:13:31] - C:\Windows\Installer\{812489B5-A2A9-474B-9BE7-55410E0E1DB4}\mcsetupfr.mst
[11/03/2012 03:01:23] - C:\Windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
[13/06/2011 11:14:35] - C:\Windows\Installer\{87532CAB-7932-4F84-8937-823337622807}\fr_FR.mst
[05/06/2012 21:24:44] - C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
[05/06/2012 21:24:44] - C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDll
[05/06/2012 21:24:44] - C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDLL_64
[01/05/2012 21:16:50] - C:\Windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\EPP.exe
[01/05/2012 21:16:50] - C:\Windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\FEP.exe
[01/05/2012 21:16:50] - C:\Windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\INTUNE.exe
[05/06/2012 06:36:44] - C:\Windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\MSE.exe
[01/05/2012 21:16:50] - C:\Windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\SCEP.exe
[13/06/2011 10:49:15] - C:\Windows\Installer\{A2881E09-38DB-4F79-9135-00FDA01768A7}\fr_FR.mst
[09/03/2012 16:09:01] - C:\Windows\Installer\{AC599724-5755-48C1-ABE7-ABB857652930}\ARPPRODUCTICON.exe
[13/06/2011 10:48:53] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\fr_FR.mst
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
[13/06/2011 10:48:53] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\suite.mst
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_03C542E0_AC6D_46AE_A8C9_32C0CCC5E23B
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_37A0D036_9547_48DC_84A1_19CE2F8C1F00
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_709E9E16_6FB8_47BD_9731_F4F9B318C9CB
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_APIFile.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_BatchPDFIndex.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_FormsDocument.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_PDFFile.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_PDFIndex.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_PostScript.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_RightsManagementFile.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat.exe
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_3D.exe
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_Standard.exe
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Distiller.exe
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_ELEMENTS_DT.exe
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SecStoreFile.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SequenceFile.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_XDPFileType.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_XFDFileType.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_XMLFormsDocument.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\APIFile_8.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\FDFFile_8.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\PDFFile_8.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\PDXFile_8.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SecStoreFile.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\XDPFile_8.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\XFDFFile_8.ico
[08/06/2011 08:10:21] - C:\Windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\1036.mst
[08/06/2011 08:10:21] - C:\Windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\ARPPRODUCTICON.exe
[08/06/2011 08:10:21] - C:\Windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\_SHCT_Sprint.exe.exe
[13/06/2011 10:40:22] - C:\Windows\Installer\{BD423B54-8668-44B6-8610-D24514445E88}\fr_FR.mst
[13/06/2011 10:41:38] - C:\Windows\Installer\{C52E3EC1-048C-45E1-8D53-10B0C6509683}\fr_FR.mst
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\EPP.exe
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\FEP.exe
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\INTUNE.exe
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\MSE.exe
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\MSEPrerelease.exe
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\SCEP.exe
[12/01/2012 23:51:47] - C:\Windows\Installer\{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}\Installer.ico
[12/01/2012 23:51:47] - C:\Windows\Installer\{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}\iTunesIco.exe
[12/01/2012 23:51:47] - C:\Windows\Installer\{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}\RichText.ico <
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan_PE | 2.0928 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤
~ Update on 28/09/2012 | 23.25 by g3n-h@ckm@n
~ Informations | Evolution : https://gen-hackman.kanak.fr/
~ Informations for the switches Pre_Script : https://gen-hackman.kanak.fr/
~ Feedback Pre_scan : https://gen-hackman.kanak.fr/#505
~ Thx to C_XX , Slyk & Saachaa for their help for the evolution of the tool
~ Ordinateur : MININT-N8O0SUE
~ Système d'exploitation : Windows 7 Home Premium : HomePremium
~ Nbre de Validations : 6
~ Type d'installation : Client
~ Enregistré sous : user
~ Processeur : Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
~ Identification : x86 Family 6 Model 42 Stepping 7
Internet Explorer : 9.0.8112.16421
c:\ -> [Fixed]|[[Réservé au système]|[Total] : 100 Mo | Free : 70 Mo -> NTFS
C:\ -> [Fixed]|[[]|[Total] : 253770 Mo | Free : 172530 Mo -> NTFS
e:\ -> [Fixed]|[[]|[Total] : 700000 Mo | Free : 699000 Mo -> NTFS
f:\ -> [CDROM]|[[Win7PE_x86]|[Total] : 330 Mo | Free : 0 Mo -> CDFS
x:\ -> [Fixed]|[[Boot]|[Total] : 260 Mo | Free : 250 Mo -> NTFS
¤¤¤¤¤¤¤¤¤¤ | Boot's scripts
¤¤¤¤¤¤¤¤¤¤ | Frameworks
[14/07/2009 04:20:10] - C:\Windows\Microsoft.net\Framework\v1.0.3705
[14/07/2009 04:20:10] - C:\Windows\Microsoft.net\Framework\v1.1.4322
[14/07/2009 04:20:10] - C:\Windows\Microsoft.net\Framework\v2.0.50727
[14/07/2009 06:32:38] - C:\Windows\Microsoft.net\Framework\v3.0
[14/07/2009 06:32:38] - C:\Windows\Microsoft.net\Framework\v3.5
[08/06/2011 06:26:06] - C:\Windows\Microsoft.net\Framework\v4.0.30319
¤¤¤¤¤¤¤¤¤¤ | Windows Updates
Last(s) détection(s) : 2012-10-04 06:01:04
Last(s) download(s) : 2012-10-01 20:51:16
Last(s) installation(s) : 2012-10-01 21:32:22
Next search : 2012-10-05 02:55:21
¤¤¤¤¤¤¤¤¤¤ | Contrôle MD5
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Explorateur Windows.) - [2804.5 Ko] - (6.1.7601.17567) - C:\Windows\explorer.exe
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [27/06/2012 07:51:09] - (.© Microsoft Corporation. - Windows Explorer.) - [2804.5 Ko] - (6.1.7601.17567) - C:\Windows\erdnt\cache86\explorer.exe
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - [14/07/2009 00:56:52] - (.© Microsoft Corporation. - Windows Explorer.) - [2801 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[MD5.0862495E0C825893DB75EF44FAEA8E93] - [07/06/2011 17:33:22] - (.© Microsoft Corporation. - Windows Explorer.) - [2803 Ko] - (6.1.7600.16768) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[MD5.E38899074D4951D31B4040E994DD7C8D] - [07/06/2011 17:33:22] - (.© Microsoft Corporation. - Windows Explorer.) - [2803.5 Ko] - (6.1.7600.20910) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[MD5.AC4C51EB24AA95B77F705AB159189E24] - [20/03/2011 16:28:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2805 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2804.5 Ko] - (6.1.7601.17567) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[MD5.3B69712041F3D63605529BD66DC00C48] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2804.5 Ko] - (6.1.7601.21669) - C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[MD5.15BC38A7492BEFE831966ADB477CF76F] - [14/07/2009 00:41:14] - (.© Microsoft Corporation. - Windows Explorer.) - [2552 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2553.5 Ko] - (6.1.7600.16768) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[MD5.255CF508D7CFB10E0794D6AC93280BD8] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2553.5 Ko] - (6.1.7600.20910) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[MD5.40D777B7A95E00593EB1568C68514493] - [20/03/2011 16:28:55] - (.© Microsoft Corporation. - Windows Explorer.) - [2555 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2555 Ko] - (6.1.7601.17567) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[MD5.0FB9C74046656D1579A64660AD67B746] - [07/06/2011 17:33:21] - (.© Microsoft Corporation. - Windows Explorer.) - [2555 Ko] - (6.1.7601.21669) - C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 00:19:49] - (.© Microsoft Corporation. - Processus d'exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) - C:\Windows\System32\csrss.exe
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 00:19:49] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [7.5 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe
[MD5.1911A3356FA3F77CCC825CCBAC038C2A] - [14/07/2009 00:19:50] - (.© Microsoft Corporation. - Gestionnaire de sessions Windows.) - [110 Ko] - (6.1.7600.16385) - C:\Windows\System32\smss.exe
[MD5.1911A3356FA3F77CCC825CCBAC038C2A] - [14/07/2009 00:19:50] - (.© Microsoft Corporation. - Windows Session Manager.) - [110 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [20/03/2011 16:29:13] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) - C:\Windows\System32\userinit.exe
[MD5.61AC3EFDFACFDD3F0F11DD4FD4044223] - [20/03/2011 16:27:18] - (.© Microsoft Corporation. - Application d'ouverture de session Userinit.) - [26 Ko] - (6.1.7601.17514) - C:\Windows\SysWOW64\userinit.exe
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [27/06/2012 07:51:08] - (.© Microsoft Corporation. - Userinit Logon Application.) - [30 Ko] - (6.1.7601.17514) - C:\Windows\erdnt\cache64\userinit.exe
[MD5.61AC3EFDFACFDD3F0F11DD4FD4044223] - [27/06/2012 07:51:09] - (.© Microsoft Corporation. - Userinit Logon Application.) - [26 Ko] - (6.1.7601.17514) - C:\Windows\erdnt\cache86\userinit.exe
[MD5.6F8F1376A13114CC10C0E69274F5A4DE] - [14/07/2009 00:50:33] - (.© Microsoft Corporation. - Userinit Logon Application.) - [29.5 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [20/03/2011 16:29:13] - (.© Microsoft Corporation. - Userinit Logon Application.) - [30 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[MD5.6DE80F60D7DE9CE6B8C2DDFDF79EF175] - [14/07/2009 00:34:20] - (.© Microsoft Corporation. - Userinit Logon Application.) - [25.5 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[MD5.61AC3EFDFACFDD3F0F11DD4FD4044223] - [20/03/2011 16:27:18] - (.© Microsoft Corporation. - Userinit Logon Application.) - [26 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 00:52:37] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) - C:\Windows\System32\wininit.exe
[MD5.B5C5DCAD3899512020D135600129D665] - [14/07/2009 00:36:49] - (.© Microsoft Corporation. - Application de démarrage de Windows.) - [94 Ko] - (6.1.7600.16385) - C:\Windows\SysWOW64\wininit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [27/06/2012 07:51:08] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [126 Ko] - (6.1.7600.16385) - C:\Windows\erdnt\cache64\wininit.exe
[MD5.B5C5DCAD3899512020D135600129D665] - [27/06/2012 07:51:09] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [94 Ko] - (6.1.7600.16385) - C:\Windows\erdnt\cache86\wininit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 00:52:37] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [126 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[MD5.B5C5DCAD3899512020D135600129D665] - [14/07/2009 00:36:49] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [94 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [20/03/2011 16:29:13] - (.© Microsoft Corporation. - Application d'ouverture de session Windows.) - [381.5 Ko] - (6.1.7601.17514) - C:\Windows\System32\winlogon.exe
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [27/06/2012 07:51:08] - (.© Microsoft Corporation. - Windows Logon Application.) - [381.5 Ko] - (6.1.7601.17514) - C:\Windows\erdnt\cache64\winlogon.exe
[MD5.132328DF455B0028F13BF0ABEE51A63A] - [14/07/2009 00:52:48] - (.© Microsoft Corporation. - Windows Logon Application.) - [380 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [20/03/2011 16:29:13] - (.© Microsoft Corporation. - Windows Logon Application.) - [381.5 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - [15/02/2012 07:49:03] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487 Ko] - (6.1.7601.17752) - C:\Windows\System32\drivers\afd.sys
[MD5.B9384E03479D2506BC924C16A3DB87BC] - [14/07/2009 00:21:44] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [488.5 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[MD5.6EF20DDF3172E97D69F596FB90602F29] - [17/06/2011 00:08:39] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [488 Ko] - (6.1.7600.16802) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - [15/02/2012 07:49:03] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487.5 Ko] - (6.1.7600.16937) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16937_none_34154fcd77f3bbda\afd.sys
[MD5.FBFF8B7C9D116229E9208A0D1CAEB49B] - [17/06/2011 00:08:39] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [488 Ko] - (6.1.7600.20951) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys
[MD5.CCA39961E76B491DDF44B1E90FC8971D] - [15/02/2012 07:49:04] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487.5 Ko] - (6.1.7600.21115) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.21115_none_34b263fe91032456\afd.sys
[MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - [20/03/2011 16:28:06] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [488 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[MD5.D5B031C308A409A0A576BFF4CF083D30] - [17/06/2011 00:08:39] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487.5 Ko] - (6.1.7601.17603) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - [15/02/2012 07:49:03] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487 Ko] - (6.1.7601.17752) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[MD5.F4AD06143EAC303F55D0E86C40802976] - [17/06/2011 00:08:39] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487.5 Ko] - (6.1.7601.21712) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys
[MD5.36A14FD1A23F57046361733B792CA8DB] - [15/02/2012 07:49:04] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [486.5 Ko] - (6.1.7601.21887) - C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [27/06/2012 07:51:08] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) - C:\Windows\erdnt\cache64\atapi.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 00:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) - C:\Windows\System32\drivers\atapi.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 00:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 00:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[MD5.F036CE71586E93D94DAB220D7BDF4416] - [20/03/2011 16:26:48] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) - C:\Windows\System32\drivers\cdrom.sys
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - [14/07/2009 00:19:54] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[MD5.F036CE71586E93D94DAB220D7BDF4416] - [20/03/2011 16:26:48] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
[MD5.09594D1089C523423B32A4229263F068] - [20/03/2011 16:27:02] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) - C:\Windows\System32\drivers\netbt.sys
[MD5.9162B273A44AB9DCE5B44362731D062A] - [14/07/2009 00:21:29] - (.© Microsoft Corporation. - MBT Transport driver.) - [253 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_bc59ba0910f52e0c\netbt.sys
[MD5.09594D1089C523423B32A4229263F068] - [20/03/2011 16:27:02] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [27/06/2012 07:51:08] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) - C:\Windows\erdnt\cache64\tdx.sys
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [20/03/2011 16:29:20] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) - C:\Windows\System32\drivers\tdx.sys
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - [14/07/2009 00:21:15] - (.© Microsoft Corporation. - TDI Translation Driver.) - [97.5 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [20/03/2011 16:29:20] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - [20/03/2011 16:26:48] - (.© Microsoft Corporation. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) - C:\Windows\System32\drivers\volsnap.sys
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - [14/07/2009 00:20:09] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [288.08 Ko] - (6.1.7600.16385) - C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - [20/03/2011 16:26:48] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [288.88 Ko] - (6.1.7601.17514) - C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys
10:57:30
¤¤¤¤¤¤¤¤¤¤ | HKCR\Applications
[HKCR\Applications\Acrobat.exe\Shell\open\command] : "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe" "%1"
[HKCR\Applications\dreamweaver.exe\Shell\open\command] : "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe", "%1"
[HKCR\Applications\ehshell.exe\Shell\open\command] : "C:\Windows\eHome\ehshell.exe" "%1"
[HKCR\Applications\iexplore.exe\Shell\open\command] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKCR\Applications\iTunes.exe\Shell\open\command] : "C:\Program Files (x86)\iTunes\iTunes.exe" /open "%L"
[HKCR\Applications\notepad.exe\Shell\open\command] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKCR\Applications\Photoshop.exe\Shell\open\command] : "C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe" "%1"
[HKCR\Applications\photoviewer.dll\Shell\open\command] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKCR\Applications\vlc.exe\Shell\open\command] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKCR\Applications\wmplayer.exe\Shell\open\command] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKCR\Applications\wordpad.exe\Shell\open\command] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
¤¤¤¤¤¤¤¤¤¤ | Windows
[HKLM | Session Manager\SubSystems]|[Windows] : winsrv : %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
¤¤¤¤¤¤¤¤¤¤ | Svchost - Netsvc
Audiov
Tapiv
Term
¤¤¤¤¤¤¤¤¤¤ | Winlogon
¤
[HKLM | Winlogon]|[Shell] : explorer.exe
[HKLM | Winlogon]|[userinit] : C:\Windows\system32\userinit.exe,
[HKLM | Winlogon]|[PowerDownAfterShutdown] : 1
[HKLM | Winlogon]|[System] :
¤¤¤¤¤¤¤¤¤¤ | Associations
[.exe] : exefile
[exefile | command] : "%1" %*
[.com] : comfile
[comfile | command] : "%1" %*
[.reg] : regfile
[regfile | command] : regedit.exe "%1"
[.scr] : scrfile
[scrfile | command] : "%1" /S
[.bat] : batfile
[batfile | command] : "%1" %*
[.cmd] : cmdfile
[cmdfile | command] : "%1" %*
[.pif] : piffile
[piffile | command] : "%1" %*
[.url] : InternetShortcut
[InternetShortcut | command] : "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l
[Application.Manifest | command] : rundll32.exe dfshim.dll,ShOpenVerbApplication %1
[Application.Reference | command] : rundll32.exe dfshim.dll,ShOpenVerbShortcut %1|%2
[Folder | command] : C:\Windows\explorer.exe
¤
¤
[Firefox | Command] : "C:\Program Files\Mozilla Firefox\Firefox.exe"
[Firefox - Safemode | Command] : "C:\Program Files\Mozilla Firefox\Firefox.exe" -safe-mode
[IE | Command] : "C:\Program Files\Internet Explorer\iexplore.exe"
[Applications | IE | Command] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[Assoc | Applications] : http://shell.windows.com/fileassoc/%04x/xml/redir.aspExt=%s
¤¤¤¤¤¤¤¤¤¤ | Corrections diverses
[HKU\user_ON_D | HideDesktopIcons\ClassicStartMenu]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 0
[HKU\S-1-5-18 | HideDesktopIcons\ClassicStartMenu]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 0
[HKU\user_ON_D | HideDesktopIcons\ClassicStartMenu]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 0
[HKU\S-1-5-18 | HideDesktopIcons\ClassicStartMenu]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 0
[HKLM | HideDesktopIcons\ClassicStartMenu]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{20D04FE0-3AEA-1069-A2D8-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{208D2C60-3AEA-1069-A2D7-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{871C5380-42A0-1069-A2EA-08002B30309D}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{59031a47-3f72-44a7-89c5-5595fe6b30ee}] : 0
[HKLM | HideDesktopIcons\NewStartPanel]|[{9343812e-1c37-4a49-a12e-4b2d810d956b}] : 0
[HKLM | Advanced\Folder\Hidden\SHOWALL]|[CheckedValue] : 1
[HKU\user_ON_D | Explorer\Advanced]|[Start_PowerButtonAction] : 2
[HKU\user_ON_D | Explorer\Advanced]|[Start_ShowUser] : 1
[HKU\S-1-5-18 | Explorer\Advanced]|[Start_ShowUser] : 1
[HKU\S-1-5-18 | Explorer\Advanced]|[Start_ShowHelp] : 0 -> 1
[HKU\S-1-5-18 | Explorer\Advanced]|[Start_EnableDragDrop] : 1
[HKU\LocalService_ON_D | Policies\Explorer]|[NoDesktop] : 0
[HKU\NetworkService_ON_D | Policies\Explorer]|[NoDesktop] : 0
[HKU\LocalService_ON_D | Explorer\Advanced]|[Hidden] : 0
[HKU\NetworkService_ON_D | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-19 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\S-1-5-20 | Explorer\Advanced]|[Hidden] : -> 0
[HKU\systemprofile_ON_D | Explorer\Advanced]|[Hidden] : -> 0
[HKU\user_ON_D | Explorer\Advanced]|[Hidden] : 0
[HKU\S-1-5-18 | Explorer\Advanced]|[Hidden] : 1 -> 0
[HKU\user_ON_D | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKU\S-1-5-18 | Policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKLM | policies\Explorer]|[NoDriveTypeAutoRun] : 145
[HKU\user_ON_D | Windows\System]|[DisableCMD] : 0
[HKU\user_ON_D | Policies\System]|[DisableRegistryTools] : 0
[HKLM | Policies\System]|[DisableRegistryTools] : 0
[HKLM | Control\SafeBoot]|[AlternateShell] : cmd.exe
10:57:31
¤¤¤¤¤¤¤¤¤¤ | Security Center
[HKLM | Security Center]|[AntiVirusDisableNotify] : 0
[HKLM | Security Center]|[FirewallDisableNotify] : 0
[HKLM | Security Center]|[UpdatesDisableNotify] : 0
[HKLM | Security Center\Svc]|[AntispywareOverride] : 0
[HKLM | Security Center\Svc]|[AntiVirusOverride] : 0
[HKLM | Security Center\Svc]|[FirewallOverride] : 0
[HKLM | FirewallPolicy\DomainProfile]|[DisableNotifications] : 0
[HKLM | FirewallPolicy\StandardProfile]|[DisableNotifications] : 0
¤¤¤¤¤¤¤¤¤¤ | Services
[RPCSS] : 2
[Cmbatt] : 3
[Compbatt] : 0
[Ndisuio] : 3
[Power] : 2
[Profsvc] : 2
[PlugPlay] : 2
[PEAUTH] : 2
[nsi] : 2
[NLASvc] : 2
[MPSsvc] : 2
[MMCSS] : 2
[luafv] : 2
[lltdio] : 2
[Iphlpsvc] : 2
[IKEEXT] : 2
[gpsvc] : 2
[lmhosts] : 2
[LanmanWorkstation] : 2
[LanmanServer] : 2
[agp440] : 2
[AudioEndpointBuilder] : 2
[Audiosrv] : 2
[BFE] : 2
[Bits] : 2
[CryptSvc] : 2
[EapHost] : 2
[Wlansvc] : 2
[SharedAccess] : 2
[windefend] : 3 -> 2
[wuauserv] : 2
[WerSvc] : 2
[wscsvc] : 2
10:57:31
¤¤¤¤¤¤¤¤¤¤ | Internet Explorer
[HKU\user_ON_D | Main]|[Start Page] : https://www.google.fr/ -> https://www.google.com/?gws_rd=ssl
[HKU\S-1-5-18 | Main]|[Start Page] : https://www.google.com/?gws_rd=ssl
[HKU\user_ON_D | Main]|[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\system32\blank.htm
[HKU\S-1-5-18 | Main]|[Local Page] : X:\windows\system32\blank.htm -> C:\Windows\system32\blank.htm
[HKU\user_ON_D | Main]|[Search Page] : http://www.microsoft.com/isapi/redir.dllprd=ie&ar=iesearch
[HKU\S-1-5-18 | Main]|[Search Page] : http://go.microsoft.com/fwlink/LinkId=54896 -> http://www.microsoft.com/isapi/redir.dllprd=ie&ar=iesearch
[HKU\user_ON_D | Main]|[Use Custom Search URL] : 0
[HKLM | Search]|[SearchAssistant] : http://www.google.com/toolbar/ie8/sidebar.html
[HKLM | Main]|[Start Page] : http://go.microsoft.com/fwlink/LinkId=69157
[HKLM | Main]|[Local Page] : C:\Windows\System32\blank.htm
[HKLM | Main]|[Default_Search_URL] : http://go.microsoft.com/fwlink/LinkId=54896
[HKLM | Main]|[Default_Page_URL] : http://go.microsoft.com/fwlink/LinkId=69157
[HKLM | Main]|[Search Page] : http://go.microsoft.com/fwlink/LinkId=54896
[HKLM | AboutURLs]|[Tabs] : res://ieframe.dll/tabswelcome.htm
¤
[HKU\user_ON_D | PhishingFilter]|[Enabled] : 2
[HKU\user_ON_D | PhishingFilter]|[EnabledV8] : 1
[HKU\S-1-5-18 | PhishingFilter]|[EnabledV8] : 1
[HKU\user_ON_D | Internet settings]|[ProxyOverride] : *.local
[HKU\LocalService_ON_D | Internet settings]|[EnableHttp1_1] : 1
[HKU\NetworkService_ON_D | Internet settings]|[EnableHttp1_1] : 1
[HKU\user_ON_D | Internet settings]|[EnableHttp1_1] : 1
[HKU\S-1-5-18 | Internet settings]|[EnableHttp1_1] : 1
[HKU\user_ON_D | Internet settings]|[MigrateProxy] : 1
[HKU\user_ON_D | Internet settings]|[WarnonBadCertRecving] : 1
[HKU\user_ON_D | Internet settings]|[WarnOnHTTPSToHTTPRedirect] : 1
[HKU\user_ON_D | Internet settings]|[WarnonZoneCrossing] : 0 -> 1
[HKU\S-1-5-18 | Internet settings]|[WarnonZoneCrossing] : 0 -> 1
[HKU\LocalService_ON_D | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\NetworkService_ON_D | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\user_ON_D | Internet settings]|[AutoConfigProxy] : wininet.dll
[HKU\S-1-5-18 | Internet settings]|[AutoConfigProxy] : wininet.dll
¤¤¤¤¤¤¤¤¤¤ | DNS
[HKLM\SYSTEM\CCS | Tcpip\Parameters]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet001 | Interfaces\{E1F3534C-14EA-47D6-9700-6855075DAC02}]|[DhcpNameServer] : 192.168.1.1
[HKLM\SYSTEM\ControlSet002 | Interfaces\{E1F3534C-14EA-47D6-9700-6855075DAC02}]|[DhcpNameServer] : 192.168.1.1
10:57:31
¤¤¤¤¤¤¤¤¤¤ | Traitement Files | Folders | Registre
Key deleted : [HKU\user_ON_D | Run]|[zigguoamqpnagel] : C:\Windows\zigguoam.exe
Deleted : C:\Windows\zigguoam.exe
11:00:31
11:01:15
¤¤¤¤¤¤¤¤¤¤ | SafeBoot | Control | Repair
[HKLM | Safeboot] -> OK
[HKLM | Safeboot\Minimal] -> OK
[HKLM | Safeboot\Network] -> OK
¤
[HKLM | Minimal\AppMgmt] : Service -> OK
[HKLM | Minimal\Base] : Driver Group -> OK
[HKLM | Minimal\Boot Bus Extender] : Driver Group -> OK
[HKLM | Minimal\Boot file system] : Driver Group -> OK
[HKLM | Minimal\CryptSvc] : Service -> OK
[HKLM | Minimal\DcomLaunch] : Service -> OK
[HKLM | Minimal\dmadmin] : Service -> OK
[HKLM | Minimal\dmboot.sys] : Driver -> OK
[HKLM | Minimal\dmio.sys] : Driver -> OK
[HKLM | Minimal\dmload.sys] : Driver -> OK
[HKLM | Minimal\dmserver] : Service -> OK
[HKLM | Minimal\EventLog]: Service -> OK
[HKLM | Minimal\File system] : Driver Group -> OK
[HKLM | Minimal\Filter] : Driver Group -> OK
[HKLM | Minimal\HelpSvc] : Service -> OK
[HKLM | Minimal\Netlogon] : Service -> OK
[HKLM | Minimal\PCI Configuration] : Driver Group -> OK
[HKLM | Minimal\PlugPlay] : Service -> OK
[HKLM | Minimal\PNP Filter] : Driver Group -> OK
[HKLM | Minimal\Primary disk] : Driver Group -> OK
[HKLM | Minimal\RpcSs] : Service -> OK
[HKLM | Minimal\SCSI Class] : Driver Group -> OK
[HKLM | Minimal\sermouse.sys] : Driver -> OK
[HKLM | Minimal\sr.sys] : FSFilter System Recovery -> OK
[HKLM | Minimal\SRService] : Service -> OK
[HKLM | Minimal\System Bus Extender] : Driver Group -> OK
[HKLM | Minimal\vds] : Service -> OK
[HKLM | Minimal\vga.sys] : Driver -> OK
[HKLM | Minimal\vgasave.sys] : Driver -> OK
[HKLM | Minimal\WinMgmt] : Service -> OK
[HKLM | Minimal\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : Volume shadow copy -> OK
[HKLM | Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK
¤
[HKLM | Network\AFD] : Service -> OK
[HKLM | Network\AppMgmt] : Service -> OK
[HKLM | Network\Base] : Driver Group -> OK
[HKLM | Network\Boot Bus Extender] : Driver Group -> OK
[HKLM | Network\Boot file system] : Driver Group -> OK
[HKLM | Network\Browser] : Service -> OK
[HKLM | Network\CryptSvc] : Service -> OK
[HKLM | Network\DcomLaunch] : Service -> OK
[HKLM | Network\Dhcp] : Service -> OK
[HKLM | Network\dmadmin] : Service -> OK
[HKLM | Network\dmboot.sys] : Driver -> OK
[HKLM | Network\dmio.sys] : Driver -> OK
[HKLM | Network\dmload.sys] : Driver -> OK
[HKLM | Network\dmserver] : Service -> OK
[HKLM | Network\DnsCache] : Service -> OK
[HKLM | Network\EventLog] : Service -> OK
[HKLM | Network\File system] : Driver Group -> OK
[HKLM | Network\Filter] : Driver Group -> OK
[HKLM | Network\HelpSvc] : Service -> OK
[HKLM | Network\ip6fw.sys] : Driver -> OK
[HKLM | Network\ipnat.sys] : Driver -> OK
[HKLM | Network\LanmanServer] : Service -> OK
[HKLM | Network\LanmanWorkstation] : Service -> OK
[HKLM | Network\LmHosts] : Service -> OK
[HKLM | Network\Messenger] : Service -> OK
[HKLM | Network\NDIS] : Driver Group -> OK
[HKLM | Network\NDIS Wrapper] : Driver Group -> OK
[HKLM | Network\Ndisuio] : Service -> OK
[HKLM | Network\NetBIOS] : Service -> OK
[HKLM | Network\NetBIOSGroup] : Driver Group -> OK
[HKLM | Network\NetBT] : Service -> OK
[HKLM | Network\NetDDEGroup] : Driver Group -> OK
[HKLM | Network\Netlogon] : Service -> OK
[HKLM | Network\NetMan] : Service -> OK
[HKLM | Network\Network] : Driver Group -> OK
[HKLM | Network\NetworkProvider] : Driver Group -> OK
[HKLM | Network\NtLmSsp] : Service -> OK
[HKLM | Network\PCI Configuration] : Driver Group -> OK
[HKLM | Network\PlugPlay] : Service -> OK
[HKLM | Network\PNP Filter] : Driver Group -> OK
[HKLM | Network\PNP_TDI] : Driver Group -> OK
[HKLM | Network\Primary disk] : Driver Group -> OK
[HKLM | Network\rdpcdd.sys] : Driver -> OK
[HKLM | Network\rdpdd.sys] : Driver -> OK
[HKLM | Network\rdpwd.sys] : Driver -> OK
[HKLM | Network\rdsessmgr] : Service -> OK
[HKLM | Network\RpcSs] : Service -> OK
[HKLM | Network\SCSI Class] : Driver Group -> OK
[HKLM | Network\sermouse.sys] : Driver -> OK
[HKLM | Network\sharedaccess] : Service -> OK
[HKLM | Network\sr.sys] : FSFilter System Recovery -> OK
[HKLM | Network\SRService] : Service -> OK
[HKLM | Network\Streams Drivers] : Driver Group -> OK
[HKLM | Network\SYMTDI] : Service -> OK
[HKLM | Network\System Bus Extender] : Driver Group -> OK
[HKLM | Network\Tcpip] : Service -> OK
[HKLM | Network\TDI] : Driver Group -> OK
[HKLM | Network\tdpipe.sys] : Driver -> OK
[HKLM | Network\tdtcp.sys] : Driver -> OK
[HKLM | Network\termservice] : Service -> OK
[HKLM | Network\UploadMgr] : Service -> OK
[HKLM | Network\vga.sys] : Driver -> OK
[HKLM | Network\vgasave.sys] : Driver -> OK
[HKLM | Network\WinMgmt] : Service -> OK
[HKLM | Network\Wlansvc] : Service -> OK
[HKLM | Network\{36FC9E60-C465-11CF-8056-444553540000}] : Universal Serial Bus controllers -> OK
[HKLM | Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] : CD-ROM Drive -> OK
[HKLM | Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] : DiskDrive -> OK
[HKLM | Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] : Standard floppy disk controller -> OK
[HKLM | Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : Hdc -> OK
[HKLM | Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : Keyboard -> OK
[HKLM | Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : Mouse -> OK
[HKLM | Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] : Net -> OK
[HKLM | Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] : NetClient -> OK
[HKLM | Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] : NetService -> OK
[HKLM | Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] : NetTrans -> OK
[HKLM | Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] : PCMCIA Adapters -> OK
[HKLM | Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : SCSIAdapter -> OK
[HKLM | Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : System -> OK
[HKLM | Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] : Floppy disk drive -> OK
[HKLM | Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : Volume -> OK
[HKLM | Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : Human Interface Devices -> OK
¤¤¤¤¤¤¤¤¤¤ | IFEO
¤¤¤¤¤¤¤¤¤¤ | Mountpoints2
¤¤¤¤¤¤¤¤¤¤ | Run
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[RtHDVCpl] : C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[MSC] : "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
[HKU\user_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Access Password Recovery] : C:\Program Files (x86)\Intelore\Access Password Recovery\AccessPasswordRecovery.exe /hide
[HKU\user_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[AutoStartNPSAgent] : C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
[HKU\user_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Google Update] : "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
[HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[HotSwap! Applet] : "X:\Windows\system32\HotSwap!.EXE"
¤¤¤¤¤¤¤¤¤¤ | Others
[HKLM\System\CurrentControlSet\Control\SafeBoot]|[AlternateShell] : cmd.exe
[HKLM\System\CurrentControlSet\Control\SecurityProviders]|[SecurityProviders] : credssp.dll
[HKLM\System\CurrentControlSet\Control\Terminal Server]|[AllowRemoteRPC] : 0
[HKLM\System\CurrentControlSet\Control\Session Manager]|[BootExecute] : autocheck autochk *
[HKLM\System\ControlSet001\Control\Session Manager]|[SetupExecute] :
[HKLM\System\ControlSet001\Control]|[FirmwareBootDevice] : multi(0)disk(0)rdisk(0)partition(1)
[HKLM\System\ControlSet001\Control]|[SystemBootDevice] : multi(0)disk(0)rdisk(0)partition(2)
[HKLM\system\currentcontrolset\control\lsa]|[SecureBoot] : 1
[HKLM\system\currentcontrolset\control\lsa]|[restrictanonymoussam] : 1
[HKLM | Winlogon]|[VMApplet] : SystemPropertiesPerformance.exe /pagefile
[HKLM | Winlogon]|[SFCDisable] : 0
[HKLM | Winlogon]|[WinStationsDisabled] : 0
¤¤¤¤¤¤¤¤¤¤ | Winlogon\Notify
11:01:15
¤¤¤¤¤¤¤¤¤¤ | Derniers créés/modifiés
[08/10/2012 09:03:26] -- |D| -- C:\Windows\Pre_Scan
[08/10/2012 10:56:36] -- |A| -- C:\Windows\Pre_Scan.txt
¤¤¤¤¤¤¤¤¤¤ | Drives
[19/01/2012 12:53:31] -- |RASHD| -- c:\Autorun.inf
[19/01/2012 17:35:50] -- |RAD| -- C:\Autorun.inf
[19/01/2012 17:35:50] -- |RAD| -- e:\Autorun.inf
[20/11/2010 16:05:17] -- |A| -- x:\setup.exe
¤¤¤¤¤¤¤¤¤¤ | Homedrive
[27/06/2012 08:21:04] -- |SHD| -- C:\$RECYCLE.BIN
[21/01/2012 15:26:05] -- |D| -- C:\AdobeTemp
[27/06/2012 16:43:13] -- |A| -- C:\AdwCleaner[R1].txt
[27/06/2012 16:43:42] -- |A| -- C:\AdwCleaner[S1].txt
[06/06/2011 15:09:37] -- |D| -- C:\ATI
[19/01/2012 17:35:50] -- |RAD| -- C:\Autorun.inf
[04/10/2012 17:04:36] -- |SD| -- C:\combocombo
[27/06/2012 08:09:37] -- |A| -- C:\ComboFix.txt
[13/06/2012 06:35:44] -- |D| -- C:\Config.Msi
[14/07/2009 06:08:56] -- |SHD| -- C:\Documents and Settings
[06/06/2011 20:41:21] -- |ASH| -- C:\hiberfil.sys
[06/06/2011 15:06:03] -- |D| -- C:\Intel
[02/10/2011 12:39:25] -- |D| -- C:\Nathan
[06/06/2011 20:41:21] -- |ASH| -- C:\pagefile.sys
[14/07/2009 04:20:08] -- |D| -- C:\PerfLogs
[26/06/2012 15:49:10] -- |A| -- C:\plan0000.psd
[26/06/2012 15:58:25] -- |A| -- C:\plan0002.psd
[13/04/2012 12:19:21] -- |D| -- C:\Pre_Scan
[14/07/2009 04:20:08] -- |D| -- C:\Program Files
[14/07/2009 04:20:08] -- |D| -- C:\Program Files (x86)
[14/07/2009 04:20:08] -- |D| -- C:\ProgramData
[27/06/2012 07:42:31] -- |AD| -- C:\Qoobox
[06/06/2011 14:48:24] -- |D| -- C:\Recovery
[26/06/2012 20:12:34] -- |A| -- C:\SeafLog.txt
[06/06/2011 20:41:21] -- |SHD| -- C:\System Volume Information
[19/01/2012 11:17:26] -- |D| -- C:\UsbFix
[19/01/2012 11:17:31] -- |A| -- C:\UsbFix.txt
[19/01/2012 17:35:50] -- |A| -- C:\UsbFix_Upload_Me_USER-PC.zip
[02/05/2012 13:42:34] -- |A| -- C:\user.js
[14/07/2009 04:20:08] -- |D| -- C:\Users
[14/07/2009 04:20:08] -- |D| -- C:\Windows
¤¤¤¤¤¤¤¤¤¤ | Systemroot
[14/07/2009 06:32:38] -- |D| -- C:\Windows\addins
[14/07/2009 04:20:08] -- |D| -- C:\Windows\AppCompat
[14/07/2009 04:20:08] -- |D| -- C:\Windows\AppPatch
[06/06/2011 15:06:21] -- |A| -- C:\Windows\Ascd_log.ini
[06/06/2011 15:05:28] -- |A| -- C:\Windows\Ascd_tmp.ini
[14/07/2009 04:20:08] -- |RSD| -- C:\Windows\assembly
[06/04/2011 00:46:14] -- |A| -- C:\Windows\atiogl.xml
[06/06/2011 15:11:27] -- |A| -- C:\Windows\ativpsrm.bin
[20/03/2011 16:28:51] -- |A| -- C:\Windows\bfsvc.exe
[14/07/2009 04:20:09] -- |D| -- C:\Windows\Boot
[14/07/2009 06:38:36] -- |AS| -- C:\Windows\bootstat.dat
[14/07/2009 04:20:09] -- |D| -- C:\Windows\Branding
[07/06/2011 21:52:58] -- |D| -- C:\Windows\CheckSur
[14/07/2009 04:20:09] -- |D| -- C:\Windows\Cursors
[14/07/2009 05:45:54] -- |D| -- C:\Windows\debug
[14/07/2009 06:32:38] -- |D| -- C:\Windows\diagnostics
[14/07/2009 06:37:46] -- |D| -- C:\Windows\DigitalLocker
[09/05/2012 14:05:11] -- |D| -- C:\Windows\Downloaded Installations
[14/07/2009 06:32:38] -- |D| -- C:\Windows\Downloaded Program Files
[13/04/2012 14:06:36] -- |A| -- C:\Windows\EEventManager.INI
[14/07/2009 16:35:13] -- |D| -- C:\Windows\ehome
[14/07/2009 06:37:46] -- |D| -- C:\Windows\en-US
[08/06/2011 04:56:29] -- |A| -- C:\Windows\epplauncher.mif
[27/06/2012 07:42:27] -- |D| -- C:\Windows\erdnt
[07/06/2011 17:33:21] -- |A| -- C:\Windows\explorer.exe
[14/07/2009 04:20:09] -- |RSD| -- C:\Windows\Fonts
[14/07/2009 16:24:08] -- |D| -- C:\Windows\fr-FR
[14/07/2009 00:22:13] -- |A| -- C:\Windows\fveupdate.exe
[14/07/2009 04:20:09] -- |D| -- C:\Windows\Globalization
[27/06/2012 07:42:48] -- |A| -- C:\Windows\grep.exe
[14/07/2009 04:20:09] -- |D| -- C:\Windows\Help
[14/07/2009 01:29:53] -- |A| -- C:\Windows\HelpPane.exe
[14/07/2009 01:29:03] -- |A| -- C:\Windows\hh.exe
[14/07/2009 16:35:58] -- |A| -- C:\Windows\HomePremium.xml
[14/07/2009 04:20:09] -- |D| -- C:\Windows\IME
[14/07/2009 04:20:10] -- |D| -- C:\Windows\inf
[06/06/2011 14:57:02] -- |SHD| -- C:\Windows\Installer
[14/07/2009 04:20:10] -- |D| -- C:\Windows\L2Schemas
[06/06/2011 15:05:32] -- |A| -- C:\Windows\Language_trs.ini
[14/07/2009 04:20:10] -- |D| -- C:\Windows\LiveKernelReports
[14/07/2009 04:20:10] -- |D| -- C:\Windows\Logs
[27/06/2012 07:42:48] -- |A| -- C:\Windows\MBR.exe
[14/07/2009 04:20:10] -- |RSD| -- C:\Windows\Media
[03/07/2012 15:59:48] -- |A| -- C:\Windows\MEMORY.DMP
[14/07/2009 01:10:29] -- |A| -- C:\Windows\mib.bin
[14/07/2009 04:20:10] -- |D| -- C:\Windows\Microsoft.NET
[10/05/2012 14:58:21] -- |D| -- C:\Windows\Minidump
[14/07/2009 04:20:10] -- |D| -- C:\Windows\ModemLogs
[14/07/2009 03:35:42] -- |A| -- C:\Windows\msdfmap.ini
[27/06/2012 07:42:48] -- |A| -- C:\Windows\NIRCMD.exe
[14/07/2009 00:56:36] -- |A| -- C:\Windows\notepad.exe
[27/06/2012 00:03:57] -- |A| -- C:\Windows\ntbtlog.txt
[14/07/2009 06:32:38] -- |D| -- C:\Windows\Offline Web Pages
[06/06/2011 21:40:33] -- |D| -- C:\Windows\Panther
[06/06/2011 14:57:58] -- |D| -- C:\Windows\PCHEALTH
[14/07/2009 06:32:38] -- |D| -- C:\Windows\Performance
[27/06/2012 07:42:48] -- |A| -- C:\Windows\PEV.exe
[26/06/2012 20:29:49] -- |A| -- C:\Windows\PFRO.log
[14/07/2009 04:20:10] -- |D| -- C:\Windows\PLA
[14/07/2009 04:20:10] -- |D| -- C:\Windows\PolicyDefinitions
[06/06/2011 20:41:45] -- |D| -- C:\Windows\Prefetch
[08/10/2012 09:03:26] -- |D| -- C:\Windows\Pre_Scan
[08/10/2012 10:56:36] -- |A| -- C:\Windows\Pre_Scan.txt
[14/07/2009 00:27:10] -- |A| -- C:\Windows\regedit.exe
[14/07/2009 04:20:10] -- |D| -- C:\Windows\registration
[14/07/2009 04:20:10] -- |D| -- C:\Windows\rescache
[14/07/2009 04:20:10] -- |D| -- C:\Windows\Resources
[14/07/2009 04:20:10] -- |D| -- C:\Windows\SchCache
[14/07/2009 04:20:10] -- |D| -- C:\Windows\schemas
[14/07/2009 04:20:10] -- |D| -- C:\Windows\security
[27/06/2012 07:42:48] -- |A| -- C:\Windows\sed.exe
[14/07/2009 05:45:47] -- |D| -- C:\Windows\ServiceProfiles
[14/07/2009 04:20:10] -- |D| -- C:\Windows\servicing
[14/07/2009 05:45:50] -- |D| -- C:\Windows\Setup
[26/06/2012 20:29:55] -- |A| -- C:\Windows\setupact.log
[26/06/2012 20:29:55] -- |A| -- C:\Windows\setuperr.log
[14/07/2009 16:35:13] -- |D| -- C:\Windows\ShellNew
[06/06/2011 20:45:09] -- |D| -- C:\Windows\SoftwareDistribution
[14/07/2009 04:20:10] -- |D| -- C:\Windows\Speech
[24/08/2012 19:02:30] -- |A| -- C:\Windows\splwow64.exe
[14/07/2009 06:28:38] -- |A| -- C:\Windows\Starter.xml
[13/04/2012 17:50:50] -- |D| -- C:\Windows\Sun
[27/06/2012 07:42:48] -- |A| -- C:\Windows\SWREG.exe
[27/06/2012 07:42:48] -- |A| -- C:\Windows\SWSC.exe
[31/08/2000 01:00:00] -- |A| -- C:\Windows\SWXCACLS.exe
[14/07/2009 04:20:10] -- |D| -- C:\Windows\system
[14/07/2009 03:34:57] -- |A| -- C:\Windows\system.ini
[14/07/2009 04:20:10] -- |D| -- C:\Windows\System32
[14/07/2009 04:20:14] -- |D| -- C:\Windows\SysWOW64
[14/07/2009 04:20:14] -- |D| -- C:\Windows\TAPI
[14/07/2009 04:20:14] -- |D| -- C:\Windows\Tasks
[27/06/2012 08:09:38] -- |D| -- C:\Windows\temp
[14/07/2009 04:20:14] -- |D| -- C:\Windows\tracing
[10/06/2009 22:41:17] -- |A| -- C:\Windows\twain.dll
[14/07/2009 06:32:38] -- |D| -- C:\Windows\twain_32
[20/03/2011 16:31:16] -- |A| -- C:\Windows\twain_32.dll
[13/07/2009 23:47:26] -- |A| -- C:\Windows\twunk_16.exe
[14/07/2009 01:14:40] -- |A| -- C:\Windows\twunk_32.exe
[08/06/2011 17:07:37] -- |A| -- C:\Windows\unvise32.exe
[14/07/2009 04:20:14] -- |D| -- C:\Windows\Vss
[14/07/2009 04:20:14] -- |D| -- C:\Windows\Web
[14/07/2009 03:34:57] -- |A| -- C:\Windows\win.ini
[14/07/2009 05:54:24] -- |RA| -- C:\Windows\WindowsShell.Manifest
[06/06/2011 20:45:06] -- |A| -- C:\Windows\WindowsUpdate.log
[24/03/2011 21:43:35] -- |A| -- C:\Windows\winhlp32.exe
[14/07/2009 04:20:14] -- |D| -- C:\Windows\winsxs
[10/06/2009 21:52:44] -- |A| -- C:\Windows\WMSysPr9.prx
[14/07/2009 00:56:28] -- |A| -- C:\Windows\write.exe
[27/06/2012 07:42:48] -- |A| -- C:\Windows\zip.exe
¤¤¤¤¤¤¤¤¤¤ | signature des Files à la racine du Folder Windows
[MD5.317CD1CE327B6520BF4EE007BCD39E61] -- [20/03/2011 16:28:51] -- (.© Microsoft Corporation. - Utilitaire de service de fichier de démarrage.) -- [69.5 Ko] -- C:\Windows\bfsvc.exe -> (6.1.7601.17514)
[MD5.332FEAB1435662FC6C672E25BEB37BE3] -- [07/06/2011 17:33:21] -- (.© Microsoft Corporation. - Explorateur Windows.) -- [2804.5 Ko] -- C:\Windows\explorer.exe -> (6.1.7601.17567)
[MD5.92BB2E9AA28542C685C59EFCBAC2490B] -- [14/07/2009 00:22:13] -- (.© Microsoft Corporation. - Utilitaire de service de chiffrement de lecteur BitLocker.) -- [15 Ko] -- C:\Windows\fveupdate.exe -> (6.1.7600.16385)
[MD5.9E05A9C264C8A908A8E79450FCBFF047] -- [27/06/2012 07:42:48] -- (. - .) -- [78.53 Ko] -- C:\Windows\grep.exe -> (0.0.0.0)
[MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] -- [14/07/2009 01:29:53] -- (.© Microsoft Corporation. - Aide et support Microsoft.) -- [716.5 Ko] -- C:\Windows\HelpPane.exe -> (6.1.7600.16385)
[MD5.3D0B9EA79BF1F828324447D84AA9DCE2] -- [14/07/2009 01:29:03] -- (.© Microsoft Corporation. - Exécutable de l'aide HTML Microsoft®.) -- [16.5 Ko] -- C:\Windows\hh.exe -> (6.1.7600.16385)
[MD5.0277C027A26428DB64EF4F64F52BB4FD] -- [27/06/2012 07:42:48] -- (. - .) -- [204 Ko] -- C:\Windows\MBR.exe -> (0.0.0.0)
[MD5.753BC16326FEE4A421ACB636CCD602F4] -- [27/06/2012 07:42:48] -- (.Copyright © 2003 - 2009 Nir Sofer - NirCmd.) -- [59 Ko] -- C:\Windows\NIRCMD.exe -> (2.3.5.189)
[MD5.F2C7BB8ACC97F92E987A2D4087D021B1] -- [14/07/2009 00:56:36] -- (.© Microsoft Corporation. - Bloc-notes.) -- [189 Ko] -- C:\Windows\notepad.exe -> (6.1.7600.16385)
[MD5.F042EE4C8D66248D9B86DCF52ABAE416] -- [27/06/2012 07:42:48] -- (. - .) -- [250 Ko] -- C:\Windows\PEV.exe -> (0.0.0.0)
[MD5.2E2C937846A0B8789E5E91739284D17A] -- [14/07/2009 00:27:10] -- (.© Microsoft Corporation. - Éditeur du Registre.) -- [417 Ko] -- C:\Windows\regedit.exe -> (6.1.7600.16385)
[MD5.2B657A67AEBB84AEA5632C53E61E23BF] -- [27/06/2012 07:42:48] -- (. - .) -- [96.5 Ko] -- C:\Windows\sed.exe -> (0.0.0.0)
[MD5.127AA81343A7C6F665C22CB1293B0A90] -- [24/08/2012 19:02:30] -- (.© Microsoft Corporation. - Print driver host for 32bit applications.) -- [65.5 Ko] -- C:\Windows\splwow64.exe -> (6.1.7601.17777)
[MD5.A46842C9B0C567A5A9584E83A163560C] -- [27/06/2012 07:42:48] -- (.Copyright © Frank Staal 1999-2008 - Freeware implementation of REG.EXE.) -- [506 Ko] -- C:\Windows\SWREG.exe -> (3.0.0.0)
[MD5.0297C72529807322B152F517FDB0A9FC] -- [27/06/2012 07:42:48] -- (.Copyright © Frank Staal 1999-2006 - Freeware implementation of SC.EXE.) -- [397 Ko] -- C:\Windows\SWSC.exe -> (2.0.0.5)
[MD5.B1A9CF0B6F80611D31987C247EC630B4] -- [31/08/2000 01:00:00] -- (.Copyright © Frank Staal 1999-2006 - Freeware implementation of XCACLS.) -- [207.5 Ko] -- C:\Windows\SWXCACLS.exe -> (1.0.1.1)
[MD5.F36A271706EDD23C94956AFB56981184] -- [13/07/2009 23:47:26] -- (. - Twain_32.dll Client's 16-Bit Thunking Server.) -- [48.52 Ko] -- C:\Windows\twunk_16.exe -> (1.7.0.0)
[MD5.0BD6E68F3EA0DD62CD86283D86895381] -- [14/07/2009 01:14:40] -- (. - Twain.dll Client's 32-Bit Thunking Server.) -- [30.5 Ko] -- C:\Windows\twunk_32.exe -> (1.7.1.0)
[MD5.8CE5266F0BBB73C95886CB72B0063CB8] -- [08/06/2011 17:07:37] -- (.Copyright © MindVision Software 1995-2004 - Uninstall application file.) -- [88 Ko] -- C:\Windows\unvise32.exe -> (3.6.1.0)
[MD5.22F9BB27BA0737B106EC579A6F23B550] -- [24/03/2011 21:43:35] -- (.© Microsoft Corporation. - Aide Microsoft®.) -- [290 Ko] -- C:\Windows\winhlp32.exe -> (50.1.7600.16386)
[MD5.F8ED3B4B209E2CB49028E36CF06CA851] -- [14/07/2009 00:56:28] -- (.© Microsoft Corporation. - Windows Write.) -- [10 Ko] -- C:\Windows\write.exe -> (6.1.7600.16385)
[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] -- [27/06/2012 07:42:48] -- (. - .) -- [66.5 Ko] -- C:\Windows\zip.exe -> (0.0.0.0)
¤¤¤¤¤¤¤¤¤¤ | Systemroot\System
¤¤¤¤¤¤¤¤¤¤ | Systemroot\Installer
[21/01/2012 16:57:23] - C:\Windows\Installer\{03CEFC42-378E-4467-9909-DCBAFD38CA9F}\soffice.ico
[21/01/2012 16:57:27] - C:\Windows\Installer\{03CEFC42-378E-4467-9909-DCBAFD38CA9F}\trans_fr.mst
[13/06/2011 10:39:54] - C:\Windows\Installer\{098A2A49-7CF3-4F08-A38D-FB879117152A}\fr_FR.mst
[13/06/2011 10:39:49] - C:\Windows\Installer\{0D6013AB-A0C7-41DC-973C-E93129C9A29F}\fr_FR.mst
[22/06/2012 06:43:17] - C:\Windows\Installer\{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}\fssicon.ico
[13/06/2011 10:39:44] - C:\Windows\Installer\{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}\fr_FR.mst
[13/06/2011 10:45:22] - C:\Windows\Installer\{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}\fr_FR.mst
[06/06/2011 15:10:27] - C:\Windows\Installer\{19A492A0-888F-44A0-9B21-D91700763F62}\ARPPRODUCTICON.exe
[06/06/2011 15:10:28] - C:\Windows\Installer\{1ABF311C-6AA8-B234-196A-6DEE5A43E34A}\ARPPRODUCTICON.exe
[13/06/2011 11:40:39] - C:\Windows\Installer\{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}\fr_FR.mst
[07/10/2011 14:00:26] - C:\Windows\Installer\{26A24AE4-039D-4CA4-87B4-2F86416027FF}\jre1036.MST
[13/06/2011 10:40:51] - C:\Windows\Installer\{2BAF2B96-7560-48B4-87D4-10178DDBE217}\fr_FR.mst
[13/06/2011 10:50:24] - C:\Windows\Installer\{30C8AA56-4088-426F-91D1-0EDFD3A25678}\fr_FR.mst
[12/01/2012 23:49:49] - C:\Windows\Installer\{343666E2-A059-48AC-AD67-230BF74E2DB2}\WinInstall.ico
[13/06/2011 10:42:54] - C:\Windows\Installer\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}\fr_FR.mst
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\1036.mst
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\ARPPRODUCTICON.exe
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\NewShortcut2_3B1A0823966A48909E77539C330FBF6E.exe
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\NewShortcut3_3B1A0823966A48909E77539C330FBF6E.exe
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\NewShortcut4_3B1A0823966A48909E77539C330FBF6E.exe
[06/06/2011 15:10:18] - C:\Windows\Installer\{4044201A-8576-2999-1166-96C5593F3CFF}\NewShortcut5_3B1A0823966A48909E77539C330FBF6E.exe
[06/06/2011 15:10:17] - C:\Windows\Installer\{418D5410-7A7B-315F-0CF9-A76BC6C131DC}\ARPPRODUCTICON.exe
[13/06/2011 11:02:21] - C:\Windows\Installer\{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}\Adobe_ID0E35AG
[13/06/2011 11:02:21] - C:\Windows\Installer\{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}\Adobe_ID0EO3AG
[13/06/2011 11:02:21] - C:\Windows\Installer\{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}\fr_FR.mst
[13/06/2011 10:45:49] - C:\Windows\Installer\{43509E18-076E-40FE-AF38-CA5ED400A5A9}\Adobe_ID0EKLAC
[13/06/2011 10:45:49] - C:\Windows\Installer\{43509E18-076E-40FE-AF38-CA5ED400A5A9}\Adobe_ID0EKMAC
[13/06/2011 10:45:49] - C:\Windows\Installer\{43509E18-076E-40FE-AF38-CA5ED400A5A9}\Adobe_ID0ERKAC_icon
[13/06/2011 10:40:46] - C:\Windows\Installer\{48F9998C-3BA0-42D3-82E6-5882441EB8CE}\fr_FR.mst
[06/06/2011 15:10:31] - C:\Windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe
[21/03/2012 10:36:16] - C:\Windows\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}\wlmail.exe
[06/06/2011 15:10:29] - C:\Windows\Installer\{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}\ARPPRODUCTICON.exe
[06/06/2011 15:10:27] - C:\Windows\Installer\{6201BACA-81B5-8AB0-3B93-0F76BB6F4389}\ARPPRODUCTICON.exe
[13/06/2011 10:42:30] - C:\Windows\Installer\{67F0E67A-8E93-4C2C-B29D-47C48262738A}\Adobe_ID0EFNAC
[13/06/2011 10:42:30] - C:\Windows\Installer\{67F0E67A-8E93-4C2C-B29D-47C48262738A}\Adobe_ID0EJMAC
[13/06/2011 10:42:30] - C:\Windows\Installer\{67F0E67A-8E93-4C2C-B29D-47C48262738A}\Adobe_ID0ENLAC
[13/06/2011 10:42:30] - C:\Windows\Installer\{67F0E67A-8E93-4C2C-B29D-47C48262738A}\Adobe_ID0ERKAC
[13/06/2011 10:42:30] - C:\Windows\Installer\{67F0E67A-8E93-4C2C-B29D-47C48262738A}\Adobe_ID0EVJAC
[12/01/2012 23:49:57] - C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
[12/01/2012 23:49:57] - C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\RichText.ico
[22/06/2012 06:44:36] - C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon
[06/06/2011 15:10:27] - C:\Windows\Installer\{720E93BE-744E-225B-786F-227C2677352F}\ARPPRODUCTICON.exe
[12/01/2012 23:50:16] - C:\Windows\Installer\{75104836-CAC7-444E-A39E-3F54151942F5}\Installer.ico
[12/01/2012 23:50:27] - C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
[12/01/2012 23:50:27] - C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
[20/01/2012 09:18:29] - C:\Windows\Installer\{7C4CC7D5-5F53-49DF-8B19-8EEF90E17BDB}\soffice.ico
[20/01/2012 09:18:29] - C:\Windows\Installer\{7C4CC7D5-5F53-49DF-8B19-8EEF90E17BDB}\trans_fr.mst
[09/03/2012 16:09:11] - C:\Windows\Installer\{7E84FAC8-C518-40F9-9807-7455301D6D25}\ARPPRODUCTICON.exe
[20/01/2012 19:13:30] - C:\Windows\Installer\{812489B5-A2A9-474B-9BE7-55410E0E1DB4}\maconfico
[20/01/2012 19:13:31] - C:\Windows\Installer\{812489B5-A2A9-474B-9BE7-55410E0E1DB4}\mcsetupfr.mst
[11/03/2012 03:01:23] - C:\Windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
[13/06/2011 11:14:35] - C:\Windows\Installer\{87532CAB-7932-4F84-8937-823337622807}\fr_FR.mst
[05/06/2012 21:24:44] - C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
[05/06/2012 21:24:44] - C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDll
[05/06/2012 21:24:44] - C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDLL_64
[01/05/2012 21:16:50] - C:\Windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\EPP.exe
[01/05/2012 21:16:50] - C:\Windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\FEP.exe
[01/05/2012 21:16:50] - C:\Windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\INTUNE.exe
[05/06/2012 06:36:44] - C:\Windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\MSE.exe
[01/05/2012 21:16:50] - C:\Windows\Installer\{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}\SCEP.exe
[13/06/2011 10:49:15] - C:\Windows\Installer\{A2881E09-38DB-4F79-9135-00FDA01768A7}\fr_FR.mst
[09/03/2012 16:09:01] - C:\Windows\Installer\{AC599724-5755-48C1-ABE7-ABB857652930}\ARPPRODUCTICON.exe
[13/06/2011 10:48:53] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\fr_FR.mst
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
[13/06/2011 10:48:53] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\suite.mst
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_03C542E0_AC6D_46AE_A8C9_32C0CCC5E23B
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_37A0D036_9547_48DC_84A1_19CE2F8C1F00
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_709E9E16_6FB8_47BD_9731_F4F9B318C9CB
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_APIFile.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_BatchPDFIndex.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_FormsDocument.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_PDFFile.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_PDFIndex.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_PostScript.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_RightsManagementFile.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat.exe
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_3D.exe
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_Standard.exe
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Distiller.exe
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_ELEMENTS_DT.exe
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SecStoreFile.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SequenceFile.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_XDPFileType.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_XFDFileType.ico
[13/06/2011 10:48:23] - C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_XMLFormsDocument.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\APIFile_8.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\FDFFile_8.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\PDFFile_8.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\PDXFile_8.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SecStoreFile.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\XDPFile_8.ico
[23/06/2011 16:45:52] - C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\XFDFFile_8.ico
[08/06/2011 08:10:21] - C:\Windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\1036.mst
[08/06/2011 08:10:21] - C:\Windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\ARPPRODUCTICON.exe
[08/06/2011 08:10:21] - C:\Windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\_SHCT_Sprint.exe.exe
[13/06/2011 10:40:22] - C:\Windows\Installer\{BD423B54-8668-44B6-8610-D24514445E88}\fr_FR.mst
[13/06/2011 10:41:38] - C:\Windows\Installer\{C52E3EC1-048C-45E1-8D53-10B0C6509683}\fr_FR.mst
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\EPP.exe
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\FEP.exe
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\INTUNE.exe
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\MSE.exe
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\MSEPrerelease.exe
[01/10/2012 22:32:11] - C:\Windows\Installer\{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}\SCEP.exe
[12/01/2012 23:51:47] - C:\Windows\Installer\{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}\Installer.ico
[12/01/2012 23:51:47] - C:\Windows\Installer\{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}\iTunesIco.exe
[12/01/2012 23:51:47] - C:\Windows\Installer\{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}\RichText.ico <
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
8 oct. 2012 à 11:47
8 oct. 2012 à 11:47
Il est incomplet, mets-le sur FEC Upload et colle le lien obtenu en retour.
marcusmarcus
Messages postés
87
Date d'inscription
mardi 5 juin 2012
Statut
Membre
Dernière intervention
12 octobre 2012
8 oct. 2012 à 11:53
8 oct. 2012 à 11:53
https://forums-fec.be/upload/www/?a=d&i=4318941106
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
8 oct. 2012 à 12:00
8 oct. 2012 à 12:00
Relance Pre_Scan, clique sur Script
Colle ça :
File|Fold::
C:\ProgramData\c5PzeWIwzASmBC
C:\ProgramData\ivcmczomqsgtzue
C:\ProgramData\jfivnkqzuhfksrq
C:\ProgramData\pimstdvqsiqcopo
C:\ProgramData\vcmdudohewchazc
C:\Users\user\AppData\Local\Babylon
C:\User.js
Fichier => Enregistrer (et pas "Enregistrer sous") puis ferme-le
Pre_Script va bosser et le rapport s'ouvrira.
==================
Y'a l'option Diag dans Pre_Scan déjà ?
Colle ça :
File|Fold::
C:\ProgramData\c5PzeWIwzASmBC
C:\ProgramData\ivcmczomqsgtzue
C:\ProgramData\jfivnkqzuhfksrq
C:\ProgramData\pimstdvqsiqcopo
C:\ProgramData\vcmdudohewchazc
C:\Users\user\AppData\Local\Babylon
C:\User.js
Fichier => Enregistrer (et pas "Enregistrer sous") puis ferme-le
Pre_Script va bosser et le rapport s'ouvrira.
==================
Y'a l'option Diag dans Pre_Scan déjà ?
marcusmarcus
Messages postés
87
Date d'inscription
mardi 5 juin 2012
Statut
Membre
Dernière intervention
12 octobre 2012
8 oct. 2012 à 12:50
8 oct. 2012 à 12:50
reçu ?
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
8 oct. 2012 à 13:18
8 oct. 2012 à 13:18
oui, j'ai répondu, mais le robot a effacé ma réponse.
j'attends qu'un modo rétablisse mon message.
j'attends qu'un modo rétablisse mon message.
marcusmarcus
Messages postés
87
Date d'inscription
mardi 5 juin 2012
Statut
Membre
Dernière intervention
12 octobre 2012
8 oct. 2012 à 13:39
8 oct. 2012 à 13:39
je relance Pre-Scan mais dès que je clique sur Script, il fait un reading scrip et ferme.... ??
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
8 oct. 2012 à 13:41
8 oct. 2012 à 13:41
commence par copier mon texte puis relance-le et clique sur script pour voir
marcusmarcus
Messages postés
87
Date d'inscription
mardi 5 juin 2012
Statut
Membre
Dernière intervention
12 octobre 2012
8 oct. 2012 à 13:49
8 oct. 2012 à 13:49
...mais le copier ou, je n'ai accés a aucune fenêtre sur Pre-scan.... ????
juju666
Messages postés
35446
Date d'inscription
jeudi 18 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
21 avril 2024
4 796
8 oct. 2012 à 13:50
8 oct. 2012 à 13:50
?
5 oct. 2012 à 08:33