(ne repond pas)???
Résolu
latchatchapaty
Messages postés
541
Date d'inscription
Statut
Membre
Dernière intervention
-
latchatchapaty Messages postés 541 Date d'inscription Statut Membre Dernière intervention -
latchatchapaty Messages postés 541 Date d'inscription Statut Membre Dernière intervention -
Bonjour, a toutes et tous
y aurait il quelqu'un qui saurais me dire ce que le pc a
il est de + en + lent et il m'affiche aussi ne repons pa dans la barre du dessus et pour le refaire fonctionner il faut que je clic tous le temps sur la barre du dessus
et apres il se remet a peu pres
j'ai demande cet apres midi uen verification de la ligne d'internet et elle etait bonne
je suis avec un windows xp
je fais des nettoyage avec ccleaner tres regulierement
pourriez vous m'aider
merci d'avance
y aurait il quelqu'un qui saurais me dire ce que le pc a
il est de + en + lent et il m'affiche aussi ne repons pa dans la barre du dessus et pour le refaire fonctionner il faut que je clic tous le temps sur la barre du dessus
et apres il se remet a peu pres
j'ai demande cet apres midi uen verification de la ligne d'internet et elle etait bonne
je suis avec un windows xp
je fais des nettoyage avec ccleaner tres regulierement
pourriez vous m'aider
merci d'avance
A voir également:
- (ne repond pas)???
- Mon écran se fige et plus rien ne répond - Guide
- Comment fermer un programme qui ne répond pas - Guide
- Clé usb ne répond plus - Guide
- Votre compte ne repond pas aux exigences steam ✓ - Forum jeux en ligne
- Frame host ne répond pas - Forum Windows 10
55 réponses
Re
Tu reprends cela est ensuite on passe à l'autre session
https://forums.commentcamarche.net/forum/affich-27067983-ne-repond-pas?page=2#38
Dis moi dès que prêt
@+
Tu reprends cela est ensuite on passe à l'autre session
https://forums.commentcamarche.net/forum/affich-27067983-ne-repond-pas?page=2#38
Dis moi dès que prêt
@+
Re
Tu reprends sur l'autre session avec:
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé,
Double-clique sur l'icône pour lancer le programme. Sous Vista ; Seven ou Windows 8 clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien:
http://pjjoint.malekal.com/
Si problème utilise un des suivants
https://forums-fec.be/upload
https://www.cjoint.com/
Regarde sur le bureau
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.com/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
@+
Tu reprends sur l'autre session avec:
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé,
Double-clique sur l'icône pour lancer le programme. Sous Vista ; Seven ou Windows 8 clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien:
http://pjjoint.malekal.com/
Si problème utilise un des suivants
https://forums-fec.be/upload
https://www.cjoint.com/
Regarde sur le bureau
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.com/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
@+
Re
Tu reprends avec ceci:
Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven ou Windows 8 fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"
* Assure toi d'avoir fermé toutes les applications en cours de fonctionnement.
* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.
* Copies et colles le contenu de cette citation dans la partie inférieure d'OTL "Personnalisation"
---------------------------------------------------------------------
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
consrv.dll
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
cdrom.sys
disk.sys
ndis.sys
mountmgr.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
Winlogon.exe
Explorer.exe
Firefox.exe
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
-------------------------------------------------------------------------
* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
@+
Tu reprends avec ceci:
Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven ou Windows 8 fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"
* Assure toi d'avoir fermé toutes les applications en cours de fonctionnement.
* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.
* Copies et colles le contenu de cette citation dans la partie inférieure d'OTL "Personnalisation"
---------------------------------------------------------------------
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
consrv.dll
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
cdrom.sys
disk.sys
ndis.sys
mountmgr.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
Winlogon.exe
Explorer.exe
Firefox.exe
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
-------------------------------------------------------------------------
* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
@+
re voila c'est fait et 2 rapport
OTL logfile created on: 10/02/2013 18:27:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\client\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,23 Mb Total Physical Memory | 178,80 Mb Available Physical Memory | 34,97% Memory free
1,30 Gb Paging File | 0,76 Gb Available in Paging File | 58,14% Paging File free
Paging file location(s): C:\pagefile.sys 800 1200 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 152,66 Gb Total Space | 37,99 Gb Free Space | 24,89% Space Free | Partition Type: NTFS
Computer Name: LAFAMILLE | User Name: client | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2013/02/10 18:17:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\client\Bureau\OTL.exe
PRC - [2011/10/31 07:07:55 | 000,048,128 | ---- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\ScsiCommandService2.exe
PRC - [2011/04/17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
PRC - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/05/29 11:18:32 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Belgacom\bin\sprtsvc.exe
PRC - [2008/05/29 11:18:04 | 000,202,016 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files\Belgacom\bin\sprtcmd.exe
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/06/23 19:33:00 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
PRC - [2004/01/26 10:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
[color=#E56717]========== Modules (No Company Name) ==========/color
MOD - [2012/12/18 15:28:24 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2008/04/14 03:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2004/08/25 06:27:00 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.dll
[color=#E56717]========== Services (SafeList) ==========/color
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/02/08 07:44:07 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/08 12:55:20 | 000,161,536 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/31 07:07:55 | 000,048,128 | ---- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\ScsiCommandService2.exe -- (ScsiCommandService2)
SRV - [2011/04/17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
SRV - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/05/29 11:18:32 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Belgacom\bin\sprtsvc.exe -- (sprtsvc_belgacom)
SRV - [2008/05/29 11:17:12 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\snpstd.sys -- (snpstd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\klim5.sys -- (klim5)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilDrvI11.sys -- (EraserUtilDrvI11)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\CoachVc.sys -- (CoachVc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/01/17 15:32:35 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130209.009\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/01/17 15:32:35 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130209.009\NAVENG.SYS -- (NAVENG)
DRV - [2013/01/16 03:51:12 | 000,997,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130116.013\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/09/01 01:19:53 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20130208.004\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012/08/09 09:15:09 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/09 09:15:09 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/09/16 07:24:26 | 000,070,400 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis)
DRV - [2011/09/06 00:55:12 | 000,023,040 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag)
DRV - [2011/09/06 00:55:10 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem)
DRV - [2011/08/26 18:29:33 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/21 02:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\symtdi.sys -- (SYMTDI)
DRV - [2011/03/31 04:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\srtsp.sys -- (SRTSP)
DRV - [2011/03/31 04:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\srtspx.sys -- (SRTSPX)
DRV - [2011/03/15 03:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\symefa.sys -- (SymEFA)
DRV - [2011/01/27 07:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\symds.sys -- (SymDS)
DRV - [2011/01/27 06:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\ironx86.sys -- (SymIRON)
DRV - [2010/12/13 14:37:46 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/05/12 11:14:58 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/05/12 11:14:58 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2010/05/12 11:14:56 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/05/12 11:14:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010/05/12 11:14:54 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/04/27 03:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 03:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010/04/27 03:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010/04/27 03:25:14 | 000,132,608 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2010/04/27 03:25:14 | 000,104,448 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus)
DRV - [2010/04/27 03:25:14 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2010/02/06 16:30:33 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/08/14 17:08:50 | 000,105,984 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcusbser.sys -- (qcusbser)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/01/18 15:16:28 | 000,100,648 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016obex.sys -- (a016obex)
DRV - [2008/01/18 15:16:26 | 000,110,504 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mdm.sys -- (a016mdm)
DRV - [2008/01/18 15:16:26 | 000,104,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mgmt.sys -- (a016mgmt)
DRV - [2008/01/18 15:16:24 | 000,015,016 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mdfl.sys -- (a016mdfl)
DRV - [2008/01/18 15:16:22 | 000,083,880 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016bus.sys -- (a016bus)
DRV - [2008/01/09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/08/25 06:28:46 | 000,787,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/12/08 10:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn)
DRV - [2003/12/08 10:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003/07/02 03:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.proximus.be/pickx [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.proximus.be/pickx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E3 AE A4 00 1E 78 18 4B 80 F1 7C 0C 62 B1 62 35 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {A44012E2-F907-4C6D-911B-45D609A8B2CF}
IE - HKCU\..\SearchScopes\{A44012E2-F907-4C6D-911B-45D609A8B2CF}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========/color
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/webhp?lr=&ie=UTF-8&oe=UTF-8&gws_rd=ssl"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://start.mozilla.org/en-us/"
FF - prefs.js..extensions.enabledAddons: %7B28bfdd4b-7045-4520-b01a-651e0aee5ac8%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B997b6590-90b7-4757-99cc-613caff5fa7d%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Bb36fa08a-43e3-4c14-9cf3-cbca82c6d2f7%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Bc490dc17-6b81-4e9f-956e-476885c1b158%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Bde14998f-0a60-4467-bfe8-fde74bdbd3b5%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Bf0fa7ce6-040d-4576-ae3a-dd068660532b%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.1.1.5%20-%202
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Video Downloader\Plugin_FireFox [2009/05/30 23:05:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2012/02/13 13:53:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_13_2 [2013/02/10 10:18:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ocr@babylon.com: C:\Program Files\Babylon\Babylon-Pro\Utils\ocr@babylon.com
[2013/02/07 14:09:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\client\Application Data\Mozilla\Extensions
[2013/01/26 16:43:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions
[2011/04/09 09:01:57 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{28bfdd4b-7045-4520-b01a-651e0aee5ac8}
[2006/12/09 16:38:18 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/04/06 15:13:24 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{997b6590-90b7-4757-99cc-613caff5fa7d}
[2011/04/13 18:14:52 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{b36fa08a-43e3-4c14-9cf3-cbca82c6d2f7}
[2010/01/07 12:48:19 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{c490dc17-6b81-4e9f-956e-476885c1b158}
[2011/04/15 16:12:02 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{de14998f-0a60-4467-bfe8-fde74bdbd3b5}
[2011/04/15 16:41:55 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{f0fa7ce6-040d-4576-ae3a-dd068660532b}
[2013/02/07 20:47:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006/12/09 16:13:22 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/02/13 13:53:19 | 000,000,000 | ---D | M] (Symantec Intrusion Prevention) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPLGN
[2009/09/04 14:32:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2006/12/15 13:39:48 | 000,229,376 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\nphardwaredetection.dll
O1 HOSTS File: ([2013/01/27 23:38:26 | 000,445,397 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15297 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - !{99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {12CBCAE3-C47F-4343-A54C-E80EF9B4A0C5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {196C3A46-4758-433D-A600-802C804AF39C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Belgacom] C:\Program Files\Belgacom\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://support.norton.com/sp/en/us/home/current/info (Symantec Script Runner Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1355425042531 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1353077338421 (MUWebControl Class)
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www.virustraq.com/img/scan_virus/webscan.cab (WScanCtl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03B15834-30C2-4586-9232-95A341A98822}: DhcpNameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{81C30A64-FC14-4167-A173-B8BA841A8478}: DhcpNameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDBEFDAA-FD01-45B0-A41C-E79D5868C2B2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\client\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\client\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2dc0cb26-b66f-11d9-8b53-00138f19d007}\Shell\AutoRun\command - "" = F:\PortableRoboForm.exe
O33 - MountPoints2\{5e13e51e-021f-11e0-9376-00138f19d007}\Shell - "" = AutoRun
O33 - MountPoints2\{5e13e51e-021f-11e0-9376-00138f19d007}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{609dd9e8-94e1-11e0-94e0-00138f19d007}\Shell - "" = AutoRun
O33 - MountPoints2\{609dd9e8-94e1-11e0-94e0-00138f19d007}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL upgrade.htm
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: SupportSoft RemoteAssist - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6C298884-91FD-408C-9D90-5A59D2C29FD1} - Microsoft .NET Framework 1.1 Security Update (KB2742597)
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {72AD53CC-CCC0-3757-8480-9EE176866A7C} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\windows\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2013/02/10 18:17:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\client\Bureau\OTL.exe
[2013/02/10 17:00:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
[2013/02/10 17:00:47 | 000,000,000 | ---D | C] -- C:\ZHP
[2013/02/10 17:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2013/02/10 16:56:45 | 003,728,487 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\client\Mes documents\ZHPDiag2.exe
[2013/02/09 13:45:42 | 000,000,000 | RHSD | C] -- C:\sys
[2013/02/08 08:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[2013/02/08 08:48:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/02/07 22:02:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\client\IECompatCache
[2013/02/07 22:01:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\client\PrivacIE
[2013/02/07 21:58:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\client\Recent
[2013/02/07 21:55:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\client\Mes documents\Ma musique
[2013/02/07 21:55:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\client\IETldCache
[2013/02/07 21:14:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/02/07 14:30:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\client\Mes documents\Téléchargements
[2013/02/06 22:25:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2013/02/06 18:46:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/02/06 18:14:34 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/02/06 18:13:02 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/02/05 09:23:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Revo Uninstaller Pro
[2013/02/05 09:23:05 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2013/02/05 09:22:48 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/02/01 05:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2013/02/01 05:56:11 | 000,018,800 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/02/01 05:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/31 15:55:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
[2013/01/25 15:11:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2013/01/25 14:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2013/01/13 18:57:33 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2013/01/13 18:54:36 | 000,048,128 | ---- | C] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\System32\ScsiCommandService2.exe
[2013/01/13 18:54:36 | 000,024,576 | R--- | C] (LG Electronics) -- C:\WINDOWS\System32\SendScsiCmd.dll
[2013/01/13 17:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype
[2013/01/13 17:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Skype
[2013/01/13 17:05:17 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\client\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\client\Local Settings\Application Data\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2013/02/10 19:00:00 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3DAB9E5B-C1D8-4D5C-AED5-998F78E07B82}.job
[2013/02/10 18:42:01 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/10 18:17:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\client\Bureau\OTL.exe
[2013/02/10 17:01:00 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk
[2013/02/10 17:00:59 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
[2013/02/10 17:00:58 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
[2013/02/10 16:56:55 | 003,728,487 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\client\Mes documents\ZHPDiag2.exe
[2013/02/10 16:24:26 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/10 10:17:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/10 10:17:43 | 536,137,728 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/08 08:53:28 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2013/02/08 07:43:29 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/02/08 07:43:27 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/02/07 21:55:28 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\client\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2013/02/05 09:23:14 | 000,000,943 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Revo Uninstaller Pro.lnk
[2013/02/03 19:27:35 | 000,006,114 | ---- | M] () -- C:\WINDOWS\System32\EPPICResdb0000
[2013/02/03 19:27:35 | 000,000,117 | ---- | M] () -- C:\WINDOWS\System32\EPPICResdb
[2013/02/02 19:17:31 | 000,517,154 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/02/02 19:17:31 | 000,445,036 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/02 19:17:31 | 000,088,338 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/02/02 19:17:31 | 000,073,540 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/02 19:17:24 | 000,436,084 | ---- | M] () -- C:\WINDOWS\System32\perfh040.dat
[2013/02/02 19:17:24 | 000,059,430 | ---- | M] () -- C:\WINDOWS\System32\perfc040.dat
[2013/02/01 05:59:52 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2013/01/31 14:16:11 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2013/01/27 23:38:26 | 000,445,397 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/01/15 16:56:10 | 000,477,616 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\npdeployJava1.dll
[2013/01/15 16:56:07 | 000,473,520 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2013/01/13 17:04:08 | 030,742,120 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\client\Mes documents\SkypeSetupFull.exe
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\client\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\client\Local Settings\Application Data\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========/color
[2013/02/10 17:00:59 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk
[2013/02/10 17:00:58 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
[2013/02/10 17:00:57 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
[2013/02/08 08:48:57 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2013/02/06 19:38:47 | 536,137,728 | -HS- | C] () -- C:\hiberfil.sys
[2013/02/06 19:30:59 | 000,000,450 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3DAB9E5B-C1D8-4D5C-AED5-998F78E07B82}.job
[2013/02/05 09:23:14 | 000,000,943 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Revo Uninstaller Pro.lnk
[2013/02/01 05:59:52 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2013/01/26 16:45:38 | 000,069,440 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/01/13 17:05:22 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2012/10/22 07:03:52 | 000,000,011 | ---- | C] () -- C:\WINDOWS\permis.ini
[2012/10/16 18:34:17 | 000,000,138 | ---- | C] () -- C:\WINDOWS\MAGGAMES.INI
[2012/08/07 13:35:49 | 000,040,960 | ---- | C] () -- C:\WINDOWS\DelPiv.exe
[2012/04/08 22:01:02 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/17 21:46:45 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/14 12:46:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011/08/26 11:56:26 | 000,002,404 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2011/07/22 12:48:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2006/12/27 20:08:05 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\client\Local Settings\Application Data\fusioncache.dat
[2006/12/07 16:05:51 | 000,054,784 | ---- | C] () -- C:\Documents and Settings\client\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[color=#E56717]========== ZeroAccess Check ==========/color
[2006/12/27 14:47:25 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 03:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 03:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== Custom Scans ==========/color
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >/color
[2012/02/24 15:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acer
[2013/01/08 17:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012/11/09 20:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2012/11/24 22:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/11/23 17:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2009/09/12 08:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2012/11/03 19:04:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/01/13 07:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2011/09/29 16:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2009/12/20 09:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Estsoft
[2012/08/01 09:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2007/12/07 09:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2013/01/25 11:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2009/01/02 15:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/04/23 14:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/12/20 09:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2013/01/04 16:27:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2013/02/06 22:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2011/10/14 13:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2012/01/30 20:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2011/08/26 11:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/03/05 12:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/02/24 08:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011/08/26 17:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2008/07/01 11:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2008/07/01 12:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
[2009/09/12 09:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2011/03/01 17:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2008/06/07 14:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiComponents
[2013/01/24 20:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/08/23 17:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2013/01/31 16:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
[2013/01/28 15:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2012/03/12 17:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2005/04/27 21:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Support.com
[2006/12/07 20:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/01/05 19:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/11/03 19:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2007/05/16 10:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2008/07/01 11:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoSpin
[2006/12/10 12:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2006/12/07 19:25:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2009/02/28 19:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2006/12/09 18:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2012/11/03 19:27:27 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/11/09 20:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/04 14:58:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{79E12D99-B429-40C9-BA08-BABF52C4A398}
[2012/11/03 19:27:27 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >/color
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24862\AcrobatUpdater.exe
[2012/01/03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24862\AdobeARM.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24862\AdobeARMHelper.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24862\ReaderUpdater.exe
[2012/12/03 08:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\18212\AcrobatUpdater.exe
[2012/12/03 08:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\18212\AdobeARM.exe
[2012/12/03 08:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\18212\AdobeARMHelper.exe
[2012/12/03 08:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\18212\ReaderUpdater.exe
[2011/09/05 22:51:05 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1036-7B44-AA1000000001}\setup.exe
[2009/06/07 21:27:48 | 025,320,048 | ---- | M] (ArcSoft ) -- C:\Documents and Settings\All Users\Application Data\ArcSoft\Global Deploy\CheckUpdate\MediaConverter_2.5.0.70_2.5.0.209.exe
[2011/12/06 18:48:48 | 000,526,512 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe
[2013/02/01 05:58:32 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
[2011/09/06 16:57:31 | 000,025,960 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\OCS\Download\.CLT2011.exe
[2011/09/06 16:57:48 | 000,045,936 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.
OTL logfile created on: 10/02/2013 18:27:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\client\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,23 Mb Total Physical Memory | 178,80 Mb Available Physical Memory | 34,97% Memory free
1,30 Gb Paging File | 0,76 Gb Available in Paging File | 58,14% Paging File free
Paging file location(s): C:\pagefile.sys 800 1200 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 152,66 Gb Total Space | 37,99 Gb Free Space | 24,89% Space Free | Partition Type: NTFS
Computer Name: LAFAMILLE | User Name: client | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========/color
PRC - [2013/02/10 18:17:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\client\Bureau\OTL.exe
PRC - [2011/10/31 07:07:55 | 000,048,128 | ---- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\ScsiCommandService2.exe
PRC - [2011/04/17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
PRC - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/05/29 11:18:32 | 000,202,016 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Belgacom\bin\sprtsvc.exe
PRC - [2008/05/29 11:18:04 | 000,202,016 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files\Belgacom\bin\sprtcmd.exe
PRC - [2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/06/23 19:33:00 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
PRC - [2004/01/26 10:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
[color=#E56717]========== Modules (No Company Name) ==========/color
MOD - [2012/12/18 15:28:24 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2008/04/14 03:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2004/08/25 06:27:00 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.dll
[color=#E56717]========== Services (SafeList) ==========/color
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/02/08 07:44:07 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/08 12:55:20 | 000,161,536 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/31 07:07:55 | 000,048,128 | ---- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\ScsiCommandService2.exe -- (ScsiCommandService2)
SRV - [2011/04/17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
SRV - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/05/29 11:18:32 | 000,202,016 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Belgacom\bin\sprtsvc.exe -- (sprtsvc_belgacom)
SRV - [2008/05/29 11:17:12 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
[color=#E56717]========== Driver Services (SafeList) ==========/color
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\snpstd.sys -- (snpstd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\klim5.sys -- (klim5)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilDrvI11.sys -- (EraserUtilDrvI11)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\CoachVc.sys -- (CoachVc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/01/17 15:32:35 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130209.009\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/01/17 15:32:35 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130209.009\NAVENG.SYS -- (NAVENG)
DRV - [2013/01/16 03:51:12 | 000,997,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130116.013\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/09/01 01:19:53 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20130208.004\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012/08/09 09:15:09 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/09 09:15:09 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/09/16 07:24:26 | 000,070,400 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis)
DRV - [2011/09/06 00:55:12 | 000,023,040 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag)
DRV - [2011/09/06 00:55:10 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem)
DRV - [2011/08/26 18:29:33 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/21 02:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\symtdi.sys -- (SYMTDI)
DRV - [2011/03/31 04:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\srtsp.sys -- (SRTSP)
DRV - [2011/03/31 04:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\srtspx.sys -- (SRTSPX)
DRV - [2011/03/15 03:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\symefa.sys -- (SymEFA)
DRV - [2011/01/27 07:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\symds.sys -- (SymDS)
DRV - [2011/01/27 06:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1207020.003\ironx86.sys -- (SymIRON)
DRV - [2010/12/13 14:37:46 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/05/12 11:14:58 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/05/12 11:14:58 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2010/05/12 11:14:56 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/05/12 11:14:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010/05/12 11:14:54 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/04/27 03:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 03:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010/04/27 03:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010/04/27 03:25:14 | 000,132,608 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2010/04/27 03:25:14 | 000,104,448 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus)
DRV - [2010/04/27 03:25:14 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2010/02/06 16:30:33 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/08/14 17:08:50 | 000,105,984 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcusbser.sys -- (qcusbser)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/01/18 15:16:28 | 000,100,648 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016obex.sys -- (a016obex)
DRV - [2008/01/18 15:16:26 | 000,110,504 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mdm.sys -- (a016mdm)
DRV - [2008/01/18 15:16:26 | 000,104,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mgmt.sys -- (a016mgmt)
DRV - [2008/01/18 15:16:24 | 000,015,016 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mdfl.sys -- (a016mdfl)
DRV - [2008/01/18 15:16:22 | 000,083,880 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016bus.sys -- (a016bus)
DRV - [2008/01/09 12:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/08/25 06:28:46 | 000,787,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/12/08 10:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn)
DRV - [2003/12/08 10:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003/07/02 03:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
[color=#E56717]========== Standard Registry (SafeList) ==========/color
[color=#E56717]========== Internet Explorer ==========/color
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.proximus.be/pickx [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.proximus.be/pickx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = E3 AE A4 00 1E 78 18 4B 80 F1 7C 0C 62 B1 62 35 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {A44012E2-F907-4C6D-911B-45D609A8B2CF}
IE - HKCU\..\SearchScopes\{A44012E2-F907-4C6D-911B-45D609A8B2CF}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========/color
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/webhp?lr=&ie=UTF-8&oe=UTF-8&gws_rd=ssl"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://start.mozilla.org/en-us/"
FF - prefs.js..extensions.enabledAddons: %7B28bfdd4b-7045-4520-b01a-651e0aee5ac8%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B997b6590-90b7-4757-99cc-613caff5fa7d%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Bb36fa08a-43e3-4c14-9cf3-cbca82c6d2f7%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Bc490dc17-6b81-4e9f-956e-476885c1b158%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Bde14998f-0a60-4467-bfe8-fde74bdbd3b5%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Bf0fa7ce6-040d-4576-ae3a-dd068660532b%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.1.1.5%20-%202
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Video Downloader\Plugin_FireFox [2009/05/30 23:05:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2012/02/13 13:53:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_13_2 [2013/02/10 10:18:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ocr@babylon.com: C:\Program Files\Babylon\Babylon-Pro\Utils\ocr@babylon.com
[2013/02/07 14:09:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\client\Application Data\Mozilla\Extensions
[2013/01/26 16:43:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions
[2011/04/09 09:01:57 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{28bfdd4b-7045-4520-b01a-651e0aee5ac8}
[2006/12/09 16:38:18 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/04/06 15:13:24 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{997b6590-90b7-4757-99cc-613caff5fa7d}
[2011/04/13 18:14:52 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{b36fa08a-43e3-4c14-9cf3-cbca82c6d2f7}
[2010/01/07 12:48:19 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{c490dc17-6b81-4e9f-956e-476885c1b158}
[2011/04/15 16:12:02 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{de14998f-0a60-4467-bfe8-fde74bdbd3b5}
[2011/04/15 16:41:55 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\client\Application Data\Mozilla\Firefox\Profiles\vzdm94av.default\extensions\{f0fa7ce6-040d-4576-ae3a-dd068660532b}
[2013/02/07 20:47:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2006/12/09 16:13:22 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/02/13 13:53:19 | 000,000,000 | ---D | M] (Symantec Intrusion Prevention) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPLGN
[2009/09/04 14:32:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2006/12/15 13:39:48 | 000,229,376 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\nphardwaredetection.dll
O1 HOSTS File: ([2013/01/27 23:38:26 | 000,445,397 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15297 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - !{99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {12CBCAE3-C47F-4343-A54C-E80EF9B4A0C5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {196C3A46-4758-433D-A600-802C804AF39C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Belgacom] C:\Program Files\Belgacom\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} https://support.norton.com/sp/en/us/home/current/info (Symantec Script Runner Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1355425042531 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1353077338421 (MUWebControl Class)
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} http://www.virustraq.com/img/scan_virus/webscan.cab (WScanCtl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03B15834-30C2-4586-9232-95A341A98822}: DhcpNameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{81C30A64-FC14-4167-A173-B8BA841A8478}: DhcpNameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDBEFDAA-FD01-45B0-A41C-E79D5868C2B2}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\client\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\client\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2dc0cb26-b66f-11d9-8b53-00138f19d007}\Shell\AutoRun\command - "" = F:\PortableRoboForm.exe
O33 - MountPoints2\{5e13e51e-021f-11e0-9376-00138f19d007}\Shell - "" = AutoRun
O33 - MountPoints2\{5e13e51e-021f-11e0-9376-00138f19d007}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{609dd9e8-94e1-11e0-94e0-00138f19d007}\Shell - "" = AutoRun
O33 - MountPoints2\{609dd9e8-94e1-11e0-94e0-00138f19d007}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL upgrade.htm
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: SupportSoft RemoteAssist - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6C298884-91FD-408C-9D90-5A59D2C29FD1} - Microsoft .NET Framework 1.1 Security Update (KB2742597)
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {72AD53CC-CCC0-3757-8480-9EE176866A7C} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\windows\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
[2013/02/10 18:17:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\client\Bureau\OTL.exe
[2013/02/10 17:00:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
[2013/02/10 17:00:47 | 000,000,000 | ---D | C] -- C:\ZHP
[2013/02/10 17:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2013/02/10 16:56:45 | 003,728,487 | ---- | C] (Nicolas Coolman ) -- C:\Documents and Settings\client\Mes documents\ZHPDiag2.exe
[2013/02/09 13:45:42 | 000,000,000 | RHSD | C] -- C:\sys
[2013/02/08 08:48:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[2013/02/08 08:48:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/02/07 22:02:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\client\IECompatCache
[2013/02/07 22:01:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\client\PrivacIE
[2013/02/07 21:58:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\client\Recent
[2013/02/07 21:55:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\client\Mes documents\Ma musique
[2013/02/07 21:55:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\client\IETldCache
[2013/02/07 21:14:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/02/07 14:30:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\client\Mes documents\Téléchargements
[2013/02/06 22:25:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2013/02/06 18:46:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/02/06 18:14:34 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/02/06 18:13:02 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/02/05 09:23:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Revo Uninstaller Pro
[2013/02/05 09:23:05 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2013/02/05 09:22:48 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/02/01 05:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes' Anti-Malware
[2013/02/01 05:56:11 | 000,018,800 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/02/01 05:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/31 15:55:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
[2013/01/25 15:11:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2013/01/25 14:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2013/01/13 18:57:33 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2013/01/13 18:54:36 | 000,048,128 | ---- | C] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\System32\ScsiCommandService2.exe
[2013/01/13 18:54:36 | 000,024,576 | R--- | C] (LG Electronics) -- C:\WINDOWS\System32\SendScsiCmd.dll
[2013/01/13 17:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype
[2013/01/13 17:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Skype
[2013/01/13 17:05:17 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\client\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\client\Local Settings\Application Data\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
[2013/02/10 19:00:00 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3DAB9E5B-C1D8-4D5C-AED5-998F78E07B82}.job
[2013/02/10 18:42:01 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/10 18:17:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\client\Bureau\OTL.exe
[2013/02/10 17:01:00 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk
[2013/02/10 17:00:59 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
[2013/02/10 17:00:58 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
[2013/02/10 16:56:55 | 003,728,487 | ---- | M] (Nicolas Coolman ) -- C:\Documents and Settings\client\Mes documents\ZHPDiag2.exe
[2013/02/10 16:24:26 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/10 10:17:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/10 10:17:43 | 536,137,728 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/08 08:53:28 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2013/02/08 07:43:29 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/02/08 07:43:27 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/02/07 21:55:28 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\client\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2013/02/05 09:23:14 | 000,000,943 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Revo Uninstaller Pro.lnk
[2013/02/03 19:27:35 | 000,006,114 | ---- | M] () -- C:\WINDOWS\System32\EPPICResdb0000
[2013/02/03 19:27:35 | 000,000,117 | ---- | M] () -- C:\WINDOWS\System32\EPPICResdb
[2013/02/02 19:17:31 | 000,517,154 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/02/02 19:17:31 | 000,445,036 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/02 19:17:31 | 000,088,338 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/02/02 19:17:31 | 000,073,540 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/02 19:17:24 | 000,436,084 | ---- | M] () -- C:\WINDOWS\System32\perfh040.dat
[2013/02/02 19:17:24 | 000,059,430 | ---- | M] () -- C:\WINDOWS\System32\perfc040.dat
[2013/02/01 05:59:52 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2013/01/31 14:16:11 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2013/01/27 23:38:26 | 000,445,397 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/01/15 16:56:10 | 000,477,616 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\npdeployJava1.dll
[2013/01/15 16:56:07 | 000,473,520 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2013/01/13 17:04:08 | 030,742,120 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\client\Mes documents\SkypeSetupFull.exe
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\client\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\client\Local Settings\Application Data\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========/color
[2013/02/10 17:00:59 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk
[2013/02/10 17:00:58 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
[2013/02/10 17:00:57 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
[2013/02/08 08:48:57 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2013/02/06 19:38:47 | 536,137,728 | -HS- | C] () -- C:\hiberfil.sys
[2013/02/06 19:30:59 | 000,000,450 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3DAB9E5B-C1D8-4D5C-AED5-998F78E07B82}.job
[2013/02/05 09:23:14 | 000,000,943 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Revo Uninstaller Pro.lnk
[2013/02/01 05:59:52 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2013/01/26 16:45:38 | 000,069,440 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/01/13 17:05:22 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2012/10/22 07:03:52 | 000,000,011 | ---- | C] () -- C:\WINDOWS\permis.ini
[2012/10/16 18:34:17 | 000,000,138 | ---- | C] () -- C:\WINDOWS\MAGGAMES.INI
[2012/08/07 13:35:49 | 000,040,960 | ---- | C] () -- C:\WINDOWS\DelPiv.exe
[2012/04/08 22:01:02 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/17 21:46:45 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/14 12:46:19 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011/08/26 11:56:26 | 000,002,404 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2011/07/22 12:48:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2006/12/27 20:08:05 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\client\Local Settings\Application Data\fusioncache.dat
[2006/12/07 16:05:51 | 000,054,784 | ---- | C] () -- C:\Documents and Settings\client\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[color=#E56717]========== ZeroAccess Check ==========/color
[2006/12/27 14:47:25 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 03:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 03:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== Custom Scans ==========/color
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >/color
[2012/02/24 15:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acer
[2013/01/08 17:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012/11/09 20:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2012/11/24 22:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/11/23 17:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2009/09/12 08:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2012/11/03 19:04:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/01/13 07:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2011/09/29 16:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2009/12/20 09:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Estsoft
[2012/08/01 09:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2007/12/07 09:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2013/01/25 11:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2009/01/02 15:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/04/23 14:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/12/20 09:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2013/01/04 16:27:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2013/02/06 22:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2011/10/14 13:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2012/01/30 20:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2011/08/26 11:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/03/05 12:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/02/24 08:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011/08/26 17:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2008/07/01 11:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2008/07/01 12:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle VideoSpin
[2009/09/12 09:24:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Real
[2011/03/01 17:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2008/06/07 14:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SiComponents
[2013/01/24 20:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2009/08/23 17:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
[2013/01/31 16:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedMaxPc
[2013/01/28 15:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2012/03/12 17:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2005/04/27 21:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Support.com
[2006/12/07 20:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/01/05 19:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/11/03 19:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2007/05/16 10:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2008/07/01 11:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoSpin
[2006/12/10 12:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2006/12/07 19:25:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2009/02/28 19:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2006/12/09 18:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2012/11/03 19:27:27 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/11/09 20:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/04 14:58:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{79E12D99-B429-40C9-BA08-BABF52C4A398}
[2012/11/03 19:27:27 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >/color
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24862\AcrobatUpdater.exe
[2012/01/03 08:37:53 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24862\AdobeARM.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24862\AdobeARMHelper.exe
[2012/01/03 08:37:53 | 000,320,456 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.1\24862\ReaderUpdater.exe
[2012/12/03 08:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\18212\AcrobatUpdater.exe
[2012/12/03 08:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\18212\AdobeARM.exe
[2012/12/03 08:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\18212\AdobeARMHelper.exe
[2012/12/03 08:35:28 | 000,352,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\ARM\Reader_10.1.4\18212\ReaderUpdater.exe
[2011/09/05 22:51:05 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1036-7B44-AA1000000001}\setup.exe
[2009/06/07 21:27:48 | 025,320,048 | ---- | M] (ArcSoft ) -- C:\Documents and Settings\All Users\Application Data\ArcSoft\Global Deploy\CheckUpdate\MediaConverter_2.5.0.70_2.5.0.209.exe
[2011/12/06 18:48:48 | 000,526,512 | ---- | M] (Google Inc.) -- C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe
[2013/02/01 05:58:32 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
[2011/09/06 16:57:31 | 000,025,960 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\OCS\Download\.CLT2011.exe
[2011/09/06 16:57:48 | 000,045,936 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.
suite
5.0.125\OCS\Download\.psloglist.exe
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2013/02/01 21:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Adobe
[2007/08/27 20:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\AdobeUM
[2007/01/12 20:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Ahead
[2012/11/23 20:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Apple Computer
[2010/12/11 21:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\ArcSoft
[2006/12/26 22:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\CyberLink
[2006/12/13 14:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\EPSON
[2006/12/09 21:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Google
[2006/12/27 14:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Help
[2005/04/26 17:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Identities
[2007/03/31 13:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Leadertech
[2009/06/21 13:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Macromedia
[2010/01/30 15:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Malwarebytes
[2013/02/01 21:44:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\client\Application Data\Microsoft
[2013/02/07 14:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Mozilla
[2009/10/25 21:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\PC Suite
[2008/05/30 12:23:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Shareaza
[2013/02/10 18:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Skype
[2008/06/21 02:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Sun
[2011/08/29 15:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Systweak
[2011/11/04 16:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Tific
[2011/04/06 07:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\WinRAR
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2007/08/27 20:10:30 | 023,489,040 | ---- | M] ( ) -- C:\Documents and Settings\client\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe
[2006/12/29 07:27:32 | 000,007,918 | R--- | M] () -- C:\Documents and Settings\client\Application Data\Microsoft\Installer\{BBB1528C-2F8C-4526-9C8E-699F17AF21CA}\ARPPRODUCTICON.exe
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2011/02/08 02:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[color=#A23BEC]< MD5 for: FIREFOX.EXE >[/color]
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\firefox.exe
[color=#A23BEC]< MD5 for: MOUNTMGR.SYS >[/color]
[2008/04/13 19:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\ServicePackFiles\i386\mountmgr.sys
[2008/04/13 19:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\system32\drivers\mountmgr.sys
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< MD5 for: VIAMRAID.SYS >[/color]
[2004/07/06 15:45:42 | 000,060,672 | R--- | M] (VIA Technologies inc,.ltd) MD5=44056E9FEE477F512EE58BCFEE949621 -- C:\WINDOWS\system32\drivers\viamraid.sys
[color=#A23BEC]< MD5 for: WIN32K.SYS >[/color]
[2012/07/03 19:23:48 | 001,875,200 | ---- | M] (Microsoft Corporation) MD5=013A83C2EC0F5309094E8954FBE57501 -- C:\WINDOWS\$hf_mig$\KB2731847\SP3QFE\win32k.sys
[2008/04/14 02:58:06 | 001,845,760 | ---- | M] (Microsoft Corporation) MD5=0E65F97FF5B39068D1D2186B3D7600C7 -- C:\WINDOWS\ServicePackFiles\i386\win32k.sys
[2010/05/02 09:02:25 | 001,860,480 | ---- | M] (Microsoft Corporation) MD5=117089D35359DD8FE8054DA17AC6EE19 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys
[2012/04/11 14:50:47 | 001,871,488 | ---- | M] (Microsoft Corporation) MD5=1A21AF886EC31258E012921D5E5E2398 -- C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\win32k.sys
[2012/06/13 14:55:56 | 001,875,200 | ---- | M] (Microsoft Corporation) MD5=2FD5F789BEB85369A8ED6C15C3F84C40 -- C:\WINDOWS\$hf_mig$\KB2718523\SP3QFE\win32k.sys
[2011/06/06 12:36:19 | 001,868,032 | ---- | M] (Microsoft Corporation) MD5=31C9FCD53634B437F36B0417DA48066A -- C:\WINDOWS\$hf_mig$\KB2555917\SP3QFE\win32k.sys
[2009/08/14 16:58:52 | 001,859,840 | ---- | M] (Microsoft Corporation) MD5=479DD2D56488951B4842B6ECBB770239 -- C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys
[2012/05/15 14:55:20 | 001,872,256 | ---- | M] (Microsoft Corporation) MD5=4D28260F4C2D4BFBCA4C3B4DAFDFF580 -- C:\WINDOWS\$hf_mig$\KB2709162\SP3QFE\win32k.sys
[2011/09/06 15:08:29 | 001,868,032 | ---- | M] (Microsoft Corporation) MD5=501628FE99EE77D59BFD29B6DC6803DA -- C:\WINDOWS\$hf_mig$\KB2567053\SP3QFE\win32k.sys
[2011/11/23 15:39:14 | 001,868,672 | ---- | M] (Microsoft Corporation) MD5=6B88EAB930D6D14019A627C1A9DFC4DD -- C:\WINDOWS\$hf_mig$\KB2639417\SP3QFE\win32k.sys
[2012/11/13 12:56:57 | 001,875,584 | ---- | M] (Microsoft Corporation) MD5=81A955EF9C0790DE7749F11D5525E2B4 -- C:\WINDOWS\$hf_mig$\KB2779030\SP3QFE\win32k.sys
[2012/01/12 18:21:12 | 001,869,184 | ---- | M] (Microsoft Corporation) MD5=A274CBA14BE87AE4D6FF0DA6DEAA7618 -- C:\WINDOWS\$hf_mig$\KB2660465\SP3QFE\win32k.sys
[2009/04/19 20:42:34 | 001,847,936 | ---- | M] (Microsoft Corporation) MD5=A4CB910DA61C2AB50D1D4E15CDA48D32 -- C:\WINDOWS\$hf_mig$\KB968537\SP3QFE\win32k.sys
[2012/11/13 12:55:44 | 001,866,496 | ---- | M] (Microsoft Corporation) MD5=ABB951BAED569368E4EC585135EF706F -- C:\WINDOWS\system32\dllcache\win32k.sys
[2012/11/13 12:55:44 | 001,866,496 | ---- | M] (Microsoft Corporation) MD5=ABB951BAED569368E4EC585135EF706F -- C:\WINDOWS\system32\win32k.sys
[2012/02/03 10:56:28 | 001,869,312 | ---- | M] (Microsoft Corporation) MD5=CF530A5F9D22E93230A15F4C2E5AF228 -- C:\WINDOWS\$hf_mig$\KB2641653\SP3QFE\win32k.sys
[2012/10/22 20:56:44 | 001,875,456 | ---- | M] (Microsoft Corporation) MD5=DCADEADB39A9ACD3511375CE0D8643B9 -- C:\WINDOWS\$hf_mig$\KB2761226\SP3QFE\win32k.sys
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2005/04/26 18:30:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
< End of report >
5.0.125\OCS\Download\.psloglist.exe
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2013/02/01 21:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Adobe
[2007/08/27 20:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\AdobeUM
[2007/01/12 20:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Ahead
[2012/11/23 20:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Apple Computer
[2010/12/11 21:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\ArcSoft
[2006/12/26 22:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\CyberLink
[2006/12/13 14:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\EPSON
[2006/12/09 21:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Google
[2006/12/27 14:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Help
[2005/04/26 17:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Identities
[2007/03/31 13:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Leadertech
[2009/06/21 13:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Macromedia
[2010/01/30 15:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Malwarebytes
[2013/02/01 21:44:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\client\Application Data\Microsoft
[2013/02/07 14:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Mozilla
[2009/10/25 21:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\PC Suite
[2008/05/30 12:23:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Shareaza
[2013/02/10 18:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Skype
[2008/06/21 02:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Sun
[2011/08/29 15:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Systweak
[2011/11/04 16:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\Tific
[2011/04/06 07:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\client\Application Data\WinRAR
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2007/08/27 20:10:30 | 023,489,040 | ---- | M] ( ) -- C:\Documents and Settings\client\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe
[2006/12/29 07:27:32 | 000,007,918 | R--- | M] () -- C:\Documents and Settings\client\Application Data\Microsoft\Installer\{BBB1528C-2F8C-4526-9C8E-699F17AF21CA}\ARPPRODUCTICON.exe
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2011/02/08 02:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/10/12 22:27:06 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[color=#A23BEC]< MD5 for: FIREFOX.EXE >[/color]
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\firefox.exe
[color=#A23BEC]< MD5 for: MOUNTMGR.SYS >[/color]
[2008/04/13 19:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\ServicePackFiles\i386\mountmgr.sys
[2008/04/13 19:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=A80B9A0BAD1B73637DBCBBA7DF72D3FD -- C:\WINDOWS\system32\drivers\mountmgr.sys
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\system32\scecli.dll
[color=#A23BEC]< MD5 for: VIAMRAID.SYS >[/color]
[2004/07/06 15:45:42 | 000,060,672 | R--- | M] (VIA Technologies inc,.ltd) MD5=44056E9FEE477F512EE58BCFEE949621 -- C:\WINDOWS\system32\drivers\viamraid.sys
[color=#A23BEC]< MD5 for: WIN32K.SYS >[/color]
[2012/07/03 19:23:48 | 001,875,200 | ---- | M] (Microsoft Corporation) MD5=013A83C2EC0F5309094E8954FBE57501 -- C:\WINDOWS\$hf_mig$\KB2731847\SP3QFE\win32k.sys
[2008/04/14 02:58:06 | 001,845,760 | ---- | M] (Microsoft Corporation) MD5=0E65F97FF5B39068D1D2186B3D7600C7 -- C:\WINDOWS\ServicePackFiles\i386\win32k.sys
[2010/05/02 09:02:25 | 001,860,480 | ---- | M] (Microsoft Corporation) MD5=117089D35359DD8FE8054DA17AC6EE19 -- C:\WINDOWS\$hf_mig$\KB979559\SP3QFE\win32k.sys
[2012/04/11 14:50:47 | 001,871,488 | ---- | M] (Microsoft Corporation) MD5=1A21AF886EC31258E012921D5E5E2398 -- C:\WINDOWS\$hf_mig$\KB2676562\SP3QFE\win32k.sys
[2012/06/13 14:55:56 | 001,875,200 | ---- | M] (Microsoft Corporation) MD5=2FD5F789BEB85369A8ED6C15C3F84C40 -- C:\WINDOWS\$hf_mig$\KB2718523\SP3QFE\win32k.sys
[2011/06/06 12:36:19 | 001,868,032 | ---- | M] (Microsoft Corporation) MD5=31C9FCD53634B437F36B0417DA48066A -- C:\WINDOWS\$hf_mig$\KB2555917\SP3QFE\win32k.sys
[2009/08/14 16:58:52 | 001,859,840 | ---- | M] (Microsoft Corporation) MD5=479DD2D56488951B4842B6ECBB770239 -- C:\WINDOWS\$hf_mig$\KB969947\SP3QFE\win32k.sys
[2012/05/15 14:55:20 | 001,872,256 | ---- | M] (Microsoft Corporation) MD5=4D28260F4C2D4BFBCA4C3B4DAFDFF580 -- C:\WINDOWS\$hf_mig$\KB2709162\SP3QFE\win32k.sys
[2011/09/06 15:08:29 | 001,868,032 | ---- | M] (Microsoft Corporation) MD5=501628FE99EE77D59BFD29B6DC6803DA -- C:\WINDOWS\$hf_mig$\KB2567053\SP3QFE\win32k.sys
[2011/11/23 15:39:14 | 001,868,672 | ---- | M] (Microsoft Corporation) MD5=6B88EAB930D6D14019A627C1A9DFC4DD -- C:\WINDOWS\$hf_mig$\KB2639417\SP3QFE\win32k.sys
[2012/11/13 12:56:57 | 001,875,584 | ---- | M] (Microsoft Corporation) MD5=81A955EF9C0790DE7749F11D5525E2B4 -- C:\WINDOWS\$hf_mig$\KB2779030\SP3QFE\win32k.sys
[2012/01/12 18:21:12 | 001,869,184 | ---- | M] (Microsoft Corporation) MD5=A274CBA14BE87AE4D6FF0DA6DEAA7618 -- C:\WINDOWS\$hf_mig$\KB2660465\SP3QFE\win32k.sys
[2009/04/19 20:42:34 | 001,847,936 | ---- | M] (Microsoft Corporation) MD5=A4CB910DA61C2AB50D1D4E15CDA48D32 -- C:\WINDOWS\$hf_mig$\KB968537\SP3QFE\win32k.sys
[2012/11/13 12:55:44 | 001,866,496 | ---- | M] (Microsoft Corporation) MD5=ABB951BAED569368E4EC585135EF706F -- C:\WINDOWS\system32\dllcache\win32k.sys
[2012/11/13 12:55:44 | 001,866,496 | ---- | M] (Microsoft Corporation) MD5=ABB951BAED569368E4EC585135EF706F -- C:\WINDOWS\system32\win32k.sys
[2012/02/03 10:56:28 | 001,869,312 | ---- | M] (Microsoft Corporation) MD5=CF530A5F9D22E93230A15F4C2E5AF228 -- C:\WINDOWS\$hf_mig$\KB2641653\SP3QFE\win32k.sys
[2012/10/22 20:56:44 | 001,875,456 | ---- | M] (Microsoft Corporation) MD5=DCADEADB39A9ACD3511375CE0D8643B9 -- C:\WINDOWS\$hf_mig$\KB2761226\SP3QFE\win32k.sys
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2005/04/26 18:30:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
< End of report >
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Hello,
il faut les héberger sur CJoint.com car ils sont trop long pour le forum.
Guillaume, faudra éditer ton canned ^^ !
il faut les héberger sur CJoint.com car ils sont trop long pour le forum.
Guillaume, faudra éditer ton canned ^^ !
+ le rapport Extras .Txt
OTL Extras logfile created on: 10/02/2013 18:27:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\client\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,23 Mb Total Physical Memory | 178,80 Mb Available Physical Memory | 34,97% Memory free
1,30 Gb Paging File | 0,76 Gb Available in Paging File | 58,14% Paging File free
Paging file location(s): C:\pagefile.sys 800 1200 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 152,66 Gb Total Space | 37,99 Gb Free Space | 24,89% Space Free | Partition Type: NTFS
Computer Name: LAFAMILLE | User Name: client | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[color=#E56717]========== System Restore Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Gestion à distance de Windows
"80:TCP" = 80:TCP:*:Disabled:Gestion à distance de Windows - Mode de compatibilité (HTTP-Entrée)
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour -- (Apple Inc.)
"C:\WINDOWS\system32\ARFC\wrtc.exe" = C:\WINDOWS\system32\ARFC\wrtc.exe:*:Enabled:wrtc -- ()
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0BE37B03-93EF-4B46-A4F3-30ED22569D1A}" = Microsoft SQL Server Compact 3.5 SP1 ????
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25E98ECB-5727-408E-B30A-2CAF86F5B310}" = OGA Notifier 1.7.0105.35.0
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HydraVision
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Edition Découverte 3.0
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype(TM) 6.1
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}" = EPSON Easy Photo Print
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.9
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar
"{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Français
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}" = LG United Mobile Drivers
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FDE9FC7A-BF6D-4347-850D-05A16E6FEE17}" = Belgacom Genius
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AbiWord2" = AbiWord 2.8.6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"C-Media Audio" = C-Media 3D Audio
"Digital Camera Driver" = Digital Camera Driver
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"EPSON Scanner" = EPSON Scan
"ESDX3800 Guide d'utilisation" = ESDX3800 Guide d'utilisation
"EZface ActiveX" = EZface ActiveX 208
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSNINST" = MSN
"NIS" = Norton Internet Security
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinLiveSuite_Wave3" = Installation Windows Live
"ZHPDiag_is1" = ZHPDiag 1.3.5
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 15/12/2012 16:22:00 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 11925
Description = Produit : Skype(TM) 6.0 -- Erreur 1925. Vous ne disposez pas des privilèges
suffisants pour exécuter cette installation pour tous les utilisateurs de cet ordinateur.
Ouvrez une session en tant qu'administrateur, puis réexécutez le programme d'installation.
Error - 15/12/2012 16:58:10 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 11609
Description =
Error - 16/12/2012 13:45:26 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 10005
Description = Produit : Windows Live Mail -- Windows Installer a rencontré une erreur
inattendue lors de l'installation de ce package. Il s'agit peut-être d'un problème
lié au package. Le code d'erreur est 2762. Les arguments sont : , ,
Error - 16/12/2012 13:45:33 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 10005
Description = Produit : Windows Live Communications Platform -- Windows Installer
a rencontré une erreur inattendue lors de l'installation de ce package. Il s'agit
peut-être d'un problème lié au package. Le code d'erreur est 2762. Les arguments
sont : , ,
Error - 16/12/2012 13:45:33 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 10005
Description = Produit : Windows Live Communications Platform -- Windows Installer
a rencontré une erreur inattendue lors de l'installation de ce package. Il s'agit
peut-être d'un problème lié au package. Le code d'erreur est 2762. Les arguments
sont : , ,
Error - 27/12/2012 16:23:27 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 11609
Description =
Error - 02/01/2013 14:40:26 | Computer Name = LAFAMILLE | Source = MsgPlusService | ID = 0
Description =
Error - 02/01/2013 14:40:26 | Computer Name = LAFAMILLE | Source = MsgPlusService | ID = 0
Description =
Error - 02/01/2013 14:45:24 | Computer Name = LAFAMILLE | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu
Error - 02/01/2013 14:57:35 | Computer Name = LAFAMILLE | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu
[ System Events ]
Error - 09/02/2013 17:38:26 | Computer Name = LAFAMILLE | Source = atapi | ID = 262149
Description = Une erreur de parité a été détectée sur \Device\Ide\IdePort0.
Error - 09/02/2013 17:38:26 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 08:22:38 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 08:26:23 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 08:33:29 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 08:33:29 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 08:57:07 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 09:01:13 | Computer Name = LAFAMILLE | Source = atapi | ID = 262149
Description = Une erreur de parité a été détectée sur \Device\Ide\IdePort0.
Error - 10/02/2013 09:01:13 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 11:18:43 | Computer Name = LAFAMILLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.
< End of report >
OTL Extras logfile created on: 10/02/2013 18:27:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\client\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,23 Mb Total Physical Memory | 178,80 Mb Available Physical Memory | 34,97% Memory free
1,30 Gb Paging File | 0,76 Gb Available in Paging File | 58,14% Paging File free
Paging file location(s): C:\pagefile.sys 800 1200 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 152,66 Gb Total Space | 37,99 Gb Free Space | 24,89% Space Free | Partition Type: NTFS
Computer Name: LAFAMILLE | User Name: client | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[color=#E56717]========== System Restore Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Gestion à distance de Windows
"80:TCP" = 80:TCP:*:Disabled:Gestion à distance de Windows - Mode de compatibilité (HTTP-Entrée)
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour -- (Apple Inc.)
"C:\WINDOWS\system32\ARFC\wrtc.exe" = C:\WINDOWS\system32\ARFC\wrtc.exe:*:Enabled:wrtc -- ()
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0BE37B03-93EF-4B46-A4F3-30ED22569D1A}" = Microsoft SQL Server Compact 3.5 SP1 ????
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25E98ECB-5727-408E-B30A-2CAF86F5B310}" = OGA Notifier 1.7.0105.35.0
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A2AF807-9F9F-43C9-A24A-17B617238B74}" = OpenOffice.org Installer 1.0
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HydraVision
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Edition Découverte 3.0
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype(TM) 6.1
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}" = EPSON Easy Photo Print
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.9
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar
"{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Français
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2944BE7-9BFF-4EF0-A362-CB3281B7C50D}" = LG United Mobile Drivers
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}" = Samsung PC Studio 3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FDE9FC7A-BF6D-4347-850D-05A16E6FEE17}" = Belgacom Genius
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AbiWord2" = AbiWord 2.8.6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"All ATI Software" = ATI - Utilitaire de désinstallation du logiciel
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"C-Media Audio" = C-Media 3D Audio
"Digital Camera Driver" = Digital Camera Driver
"EPSON Printer and Utilities" = EPSON Logiciel imprimante
"EPSON Scanner" = EPSON Scan
"ESDX3800 Guide d'utilisation" = ESDX3800 Guide d'utilisation
"EZface ActiveX" = EZface ActiveX 208
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSNINST" = MSN
"NIS" = Norton Internet Security
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinLiveSuite_Wave3" = Installation Windows Live
"ZHPDiag_is1" = ZHPDiag 1.3.5
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 15/12/2012 16:22:00 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 11925
Description = Produit : Skype(TM) 6.0 -- Erreur 1925. Vous ne disposez pas des privilèges
suffisants pour exécuter cette installation pour tous les utilisateurs de cet ordinateur.
Ouvrez une session en tant qu'administrateur, puis réexécutez le programme d'installation.
Error - 15/12/2012 16:58:10 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 11609
Description =
Error - 16/12/2012 13:45:26 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 10005
Description = Produit : Windows Live Mail -- Windows Installer a rencontré une erreur
inattendue lors de l'installation de ce package. Il s'agit peut-être d'un problème
lié au package. Le code d'erreur est 2762. Les arguments sont : , ,
Error - 16/12/2012 13:45:33 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 10005
Description = Produit : Windows Live Communications Platform -- Windows Installer
a rencontré une erreur inattendue lors de l'installation de ce package. Il s'agit
peut-être d'un problème lié au package. Le code d'erreur est 2762. Les arguments
sont : , ,
Error - 16/12/2012 13:45:33 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 10005
Description = Produit : Windows Live Communications Platform -- Windows Installer
a rencontré une erreur inattendue lors de l'installation de ce package. Il s'agit
peut-être d'un problème lié au package. Le code d'erreur est 2762. Les arguments
sont : , ,
Error - 27/12/2012 16:23:27 | Computer Name = LAFAMILLE | Source = MsiInstaller | ID = 11609
Description =
Error - 02/01/2013 14:40:26 | Computer Name = LAFAMILLE | Source = MsgPlusService | ID = 0
Description =
Error - 02/01/2013 14:40:26 | Computer Name = LAFAMILLE | Source = MsgPlusService | ID = 0
Description =
Error - 02/01/2013 14:45:24 | Computer Name = LAFAMILLE | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu
Error - 02/01/2013 14:57:35 | Computer Name = LAFAMILLE | Source = EventSystem | ID = 4609
Description = Le système d'événements de COM+ a détecté un code de renvoi erroné
lors de son traitement interne. Le HRESULT est 8007043C à partir de la ligne 44
de d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Contactez les services
du Support Technique Microsoft pour signaler cette erreu
[ System Events ]
Error - 09/02/2013 17:38:26 | Computer Name = LAFAMILLE | Source = atapi | ID = 262149
Description = Une erreur de parité a été détectée sur \Device\Ide\IdePort0.
Error - 09/02/2013 17:38:26 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 08:22:38 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 08:26:23 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 08:33:29 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 08:33:29 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 08:57:07 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 09:01:13 | Computer Name = LAFAMILLE | Source = atapi | ID = 262149
Description = Une erreur de parité a été détectée sur \Device\Ide\IdePort0.
Error - 10/02/2013 09:01:13 | Computer Name = LAFAMILLE | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk0\D.
Error - 10/02/2013 11:18:43 | Computer Name = LAFAMILLE | Source = Service Control Manager | ID = 7011
Description = Délai (30000 millisecondes) d'attente pour une réponse du service
Dnscache à une transaction.
< End of report >
Re
Pour transmettre ces rapports clique sur ce lien:
http://pjjoint.malekal.com/
Si problème utilise celui-ci
https://forums-fec.be/upload
@+
Pour transmettre ces rapports clique sur ce lien:
http://pjjoint.malekal.com/
Si problème utilise celui-ci
https://forums-fec.be/upload
@+
Re
1) Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=
2)Télécharge Malwaresbytes anti malware ici
https://fr.malwarebytes.com/mwb-download/
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista ;Seven ou Windows 8 (clic droit de la souris « exécuter en tant que administrateur »)
*Procèdes à une mise à jour
*Fais un examen dit "Complet"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
@+
1) Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=
2)Télécharge Malwaresbytes anti malware ici
https://fr.malwarebytes.com/mwb-download/
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista ;Seven ou Windows 8 (clic droit de la souris « exécuter en tant que administrateur »)
*Procèdes à une mise à jour
*Fais un examen dit "Complet"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
@+
bonjour
voici le repport de malwares
https://pjjoint.malekal.com/files.php?id=20130211_z8c11o5p13o11
c'est celui qui c'est ouvert et je ne sais pas si c'est le bon
je n"en ai pas eu apres et pas du non plus redemarrer le pc
merci d'avance
a++
voici le repport de malwares
https://pjjoint.malekal.com/files.php?id=20130211_z8c11o5p13o11
c'est celui qui c'est ouvert et je ne sais pas si c'est le bon
je n"en ai pas eu apres et pas du non plus redemarrer le pc
merci d'avance
a++
Re
Rien de particulier sur cette session
1) Télécharge DelFix de Xplode
* Lance le.
* A l'invite, [Suppression]
* Un rapport va s'ouvrir à la fin, colle le dans la réponse
2)Tu disposes de Ccleaner;met le à jour et lance le avec ces réglages
.double-cliques ou clic droit sous Vista ;Seven et Windows 8 sur l'icône de Ccleaner pour l'ouvrir
.une fois ouvert tu cliques sur option et puis avancé
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures
.cliques sur nettoyeur
.cliques sur windows et dans la colonne avancé
. coches la première case vieilles données du perfetch ce qui te donnes la case vielles données du perfetch
.cliques sur analyse une fois l'analyse terminé
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vérifies en appuyant de nouveau sur analyse pour être sur qu'il n'y est plus rien
.clique maintenant sur registre et puis sur rechercher les erreurs
.laisse tout coché et clique sur réparer les erreurs sélectionnées
.il te demande de sauvegarder OUI
.tu lui donnes un nom pour pouvoir la retrouver et enregistre
.clique sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
.il supprime et une fois fermé tu vérifies en relançant rechercher les erreurs
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
.tu peux fermer Ccleaner.
@+
Rien de particulier sur cette session
1) Télécharge DelFix de Xplode
* Lance le.
* A l'invite, [Suppression]
* Un rapport va s'ouvrir à la fin, colle le dans la réponse
2)Tu disposes de Ccleaner;met le à jour et lance le avec ces réglages
.double-cliques ou clic droit sous Vista ;Seven et Windows 8 sur l'icône de Ccleaner pour l'ouvrir
.une fois ouvert tu cliques sur option et puis avancé
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures
.cliques sur nettoyeur
.cliques sur windows et dans la colonne avancé
. coches la première case vieilles données du perfetch ce qui te donnes la case vielles données du perfetch
.cliques sur analyse une fois l'analyse terminé
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vérifies en appuyant de nouveau sur analyse pour être sur qu'il n'y est plus rien
.clique maintenant sur registre et puis sur rechercher les erreurs
.laisse tout coché et clique sur réparer les erreurs sélectionnées
.il te demande de sauvegarder OUI
.tu lui donnes un nom pour pouvoir la retrouver et enregistre
.clique sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
.il supprime et une fois fermé tu vérifies en relançant rechercher les erreurs
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
.tu peux fermer Ccleaner.
@+
re
voila je ciens de faire les manipulations demandée pour la session de mon mari et tout va bien
maintenant de temps en temps la mienne reste avec le carré du milieu
juste un peu en attente mais rien de grave
autre chose depuis que j'ai changé l'internet windows 8 c'est ma tablette qui as perdu c'est images
je ne sais pas si tu t'y connais c'est uen petitez tablette mpman 1027
elle va très bien mais depuis le changement
comment dois je faire pour recupere cela
un grand merci a toi et toute l'aquipe de COMMENT CA MARCHE
vous etes geniaux
merci d'avance
a++
voila je ciens de faire les manipulations demandée pour la session de mon mari et tout va bien
maintenant de temps en temps la mienne reste avec le carré du milieu
juste un peu en attente mais rien de grave
autre chose depuis que j'ai changé l'internet windows 8 c'est ma tablette qui as perdu c'est images
je ne sais pas si tu t'y connais c'est uen petitez tablette mpman 1027
elle va très bien mais depuis le changement
comment dois je faire pour recupere cela
un grand merci a toi et toute l'aquipe de COMMENT CA MARCHE
vous etes geniaux
merci d'avance
a++
voila
je suis prete mais je dois refaire une nouvelle inscription pour cette session ou pas
merci d'avance a++