Hadopi et Vista
Résolu
davidjp33
Messages postés
40
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour à vous tous, je suis nouveau sur ce Forum.
J'essai de débloquer l'ordinateur de ma Nièce contaminé depuis hier avec le virus HADOPI.
En parcourrant les forums je n'ai pas réussi à trouver le moyen de réparer .
L'ordinateur est un emachine G620 équipé de vista classic. La version virus correspond au REVETON ( web cam active) les modes sans echec et invités de commande ne fonctionnent pas (redémarrage ordi aprés défilement lignes de démarrage windows).
J'ai donc essayé la méthode avec OTLPE que J'ai téléchargé
Une fois mon cd sur l'ordi infecté il ne s'installe pas complétement et passe en message d'erreur. Je ne pense pas faire une mauvaise manipulation mais le nouveaux virus bloque meme ce type d'accés.
Je suis à cour de solutions.
Quelqu'un aurrait il une idée.
Merci bien
J'essai de débloquer l'ordinateur de ma Nièce contaminé depuis hier avec le virus HADOPI.
En parcourrant les forums je n'ai pas réussi à trouver le moyen de réparer .
L'ordinateur est un emachine G620 équipé de vista classic. La version virus correspond au REVETON ( web cam active) les modes sans echec et invités de commande ne fonctionnent pas (redémarrage ordi aprés défilement lignes de démarrage windows).
J'ai donc essayé la méthode avec OTLPE que J'ai téléchargé
Une fois mon cd sur l'ordi infecté il ne s'installe pas complétement et passe en message d'erreur. Je ne pense pas faire une mauvaise manipulation mais le nouveaux virus bloque meme ce type d'accés.
Je suis à cour de solutions.
Quelqu'un aurrait il une idée.
Merci bien
A voir également:
- Hadopi et Vista
- Windows vista - Télécharger - Divers Utilitaires
- Clé windows vista - Guide
- Windows Vista SP1 - Télécharger - Divers Utilitaires
- Peerblock hadopi - Télécharger - Pare-feu
- Pdf vista - Télécharger - PDF
36 réponses
Re
Sur cette page:https://www.malekal.com/malekal-live-cd-reparer-depanner-pc-windows/
Rubrique Installation >>>le lien de téléchargement :CD Live Malekal
@+
Sur cette page:https://www.malekal.com/malekal-live-cd-reparer-depanner-pc-windows/
Rubrique Installation >>>le lien de téléchargement :CD Live Malekal
@+
ok, je redémarre sur cd, mais version existante marqué périmée.
en attendant voici les rapports
RogueKiller V8.8.0 [Dec 27 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Système [Droits d'admin]
Mode : Recherche [Annulé] -- Date : 12/30/2013 15:30:40
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 13 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowVideos (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0xc0000033] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
Termine : << RKreport[0]_S_12302013_153040.txt >>
RogueKiller V8.8.0 [Dec 27 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Système [Droits d'admin]
Mode : Suppression [Annulé] -- Date : 12/30/2013 15:31:02
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 13 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowVideos (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REMPLACÉ (1)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0xc0000033] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
Termine : << RKreport[0]_D_12302013_153102.txt >>
RKreport[0]_S_12302013_153040.txt
en attendant voici les rapports
RogueKiller V8.8.0 [Dec 27 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Système [Droits d'admin]
Mode : Recherche [Annulé] -- Date : 12/30/2013 15:30:40
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 13 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowVideos (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0xc0000033] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
Termine : << RKreport[0]_S_12302013_153040.txt >>
RogueKiller V8.8.0 [Dec 27 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : https://www.adlice.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Système [Droits d'admin]
Mode : Suppression [Annulé] -- Date : 12/30/2013 15:31:02
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 13 ¤¤¤
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowVideos (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REMPLACÉ (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REMPLACÉ (1)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Addons navigateur : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0xc0000033] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
Termine : << RKreport[0]_D_12302013_153102.txt >>
RKreport[0]_S_12302013_153040.txt
rapport avec Roguekiller de base:
RogueKiller V8.6.2 [Jul 5 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Système [Droits d'admin]
Mode : Recherche -- Date : 12/30/2013 15:46:41
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 13 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowVideos (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> TROUVÉ
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
-> C:\windows\system32\config\SYSTEM
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SOFTWARE
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SECURITY
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SAM
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\DEFAULT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\Users\Default\NTUSER.DAT
C:\Windows\system32
-> C:\Users\Default User\NTUSER.DAT
C:\Windows\system32
-> C:\Users\ELSA\NTUSER.DAT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\Documents and Settings\Default\NTUSER.DAT
C:\Windows\system32
-> C:\Documents and Settings\Default User\NTUSER.DAT
C:\Windows\system32
-> C:\Documents and Settings\ELSA\NTUSER.DAT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> E:\windows\system32\config\SYSTEM
x:\Windows\system32
-> E:\windows\system32\config\SOFTWARE
x:\Windows\system32
-> E:\windows\system32\config\SECURITY
x:\Windows\system32
-> E:\windows\system32\config\SAM
x:\Windows\system32
-> E:\windows\system32\config\DEFAULT
x:\Windows\system32
-> E:\Users\Default\NTUSER.DAT
x:\Windows\system32
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 824c05c35cc169899a56bd1f84c5cf00
[BSP] 73b839e74895c7d433ce9d3c3e12f35f : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 71192 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166774784 | Size: 71193 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_12302013_154641.txt >>
RogueKiller V8.6.2 [Jul 5 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Système [Droits d'admin]
Mode : Suppression -- Date : 12/30/2013 15:47:50
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 13 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowVideos (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REMPLACÉ (1)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
-> C:\windows\system32\config\SYSTEM
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SOFTWARE
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SECURITY
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SAM
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\DEFAULT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\Users\Default\NTUSER.DAT
C:\Windows\system32
-> C:\Users\Default User\NTUSER.DAT
C:\Windows\system32
-> C:\Users\ELSA\NTUSER.DAT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\Documents and Settings\Default\NTUSER.DAT
C:\Windows\system32
-> C:\Documents and Settings\Default User\NTUSER.DAT
C:\Windows\system32
-> C:\Documents and Settings\ELSA\NTUSER.DAT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> E:\windows\system32\config\SYSTEM
x:\Windows\system32
-> E:\windows\system32\config\SOFTWARE
x:\Windows\system32
-> E:\windows\system32\config\SECURITY
x:\Windows\system32
-> E:\windows\system32\config\SAM
x:\Windows\system32
-> E:\windows\system32\config\DEFAULT
x:\Windows\system32
-> E:\Users\Default\NTUSER.DAT
x:\Windows\system32
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 824c05c35cc169899a56bd1f84c5cf00
[BSP] 73b839e74895c7d433ce9d3c3e12f35f : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 71192 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166774784 | Size: 71193 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_D_12302013_154750.txt >>
RKreport[0]_S_12302013_154641.txt
RogueKiller V8.6.2 [Jul 5 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Système [Droits d'admin]
Mode : Recherche -- Date : 12/30/2013 15:46:41
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 13 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowVideos (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> TROUVÉ
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
-> C:\windows\system32\config\SYSTEM
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SOFTWARE
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SECURITY
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SAM
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\DEFAULT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\Users\Default\NTUSER.DAT
C:\Windows\system32
-> C:\Users\Default User\NTUSER.DAT
C:\Windows\system32
-> C:\Users\ELSA\NTUSER.DAT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\Documents and Settings\Default\NTUSER.DAT
C:\Windows\system32
-> C:\Documents and Settings\Default User\NTUSER.DAT
C:\Windows\system32
-> C:\Documents and Settings\ELSA\NTUSER.DAT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> E:\windows\system32\config\SYSTEM
x:\Windows\system32
-> E:\windows\system32\config\SOFTWARE
x:\Windows\system32
-> E:\windows\system32\config\SECURITY
x:\Windows\system32
-> E:\windows\system32\config\SAM
x:\Windows\system32
-> E:\windows\system32\config\DEFAULT
x:\Windows\system32
-> E:\Users\Default\NTUSER.DAT
x:\Windows\system32
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 824c05c35cc169899a56bd1f84c5cf00
[BSP] 73b839e74895c7d433ce9d3c3e12f35f : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 71192 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166774784 | Size: 71193 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_S_12302013_154641.txt >>
RogueKiller V8.6.2 [Jul 5 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur : Système [Droits d'admin]
Mode : Suppression -- Date : 12/30/2013 15:47:50
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 13 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowVideos (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REMPLACÉ (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REMPLACÉ (1)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
¤¤¤ Tâches planifiées : 0 ¤¤¤
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
-> C:\windows\system32\config\SYSTEM
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SOFTWARE
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SECURITY
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\SAM
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\windows\system32\config\DEFAULT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\Users\Default\NTUSER.DAT
C:\Windows\system32
-> C:\Users\Default User\NTUSER.DAT
C:\Windows\system32
-> C:\Users\ELSA\NTUSER.DAT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> C:\Documents and Settings\Default\NTUSER.DAT
C:\Windows\system32
-> C:\Documents and Settings\Default User\NTUSER.DAT
C:\Windows\system32
-> C:\Documents and Settings\ELSA\NTUSER.DAT
C:\Windows\system32
C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> E:\windows\system32\config\SYSTEM
x:\Windows\system32
-> E:\windows\system32\config\SOFTWARE
x:\Windows\system32
-> E:\windows\system32\config\SECURITY
x:\Windows\system32
-> E:\windows\system32\config\SAM
x:\Windows\system32
-> E:\windows\system32\config\DEFAULT
x:\Windows\system32
-> E:\Users\Default\NTUSER.DAT
x:\Windows\system32
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 824c05c35cc169899a56bd1f84c5cf00
[BSP] 73b839e74895c7d433ce9d3c3e12f35f : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 71192 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166774784 | Size: 71193 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[0]_D_12302013_154750.txt >>
RKreport[0]_S_12302013_154641.txt
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Re
Télécharge Malwaresbytes anti malware ici
https://www.malwarebytes.com/
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista ;Seven ou Windows 8 (clic droit de la souris « exécuter en tant que administrateur »)
*Procèdes à une mise à jour
*Fais un examen dit "Rapide"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
@+
Télécharge Malwaresbytes anti malware ici
https://www.malwarebytes.com/
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista ;Seven ou Windows 8 (clic droit de la souris « exécuter en tant que administrateur »)
*Procèdes à une mise à jour
*Fais un examen dit "Rapide"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
@+
voici le rapport:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.12.30.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7100.0
Système :: MININT-PEHY93 [administrateur]
2013-12-30 16:05:06
mbam-log-2013-12-30 (16-05-06).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 145358
Temps écoulé: 1 minute(s), 39 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSMHelp (PUM.Hijack.Help) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoFind (PUM.Hijack.Find) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.12.30.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7100.0
Système :: MININT-PEHY93 [administrateur]
2013-12-30 16:05:06
mbam-log-2013-12-30 (16-05-06).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 145358
Temps écoulé: 1 minute(s), 39 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSMHelp (PUM.Hijack.Help) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoFind (PUM.Hijack.Find) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Re
Tu reprends avec le CD live Malekal.
Et ensuite tu lances OTLPE
Tu me postes son rapport .merci
@+
Tu reprends avec le CD live Malekal.
Et ensuite tu lances OTLPE
Tu me postes son rapport .merci
@+
Re
* Double-clique sur l'icone OTLPE
* Une fenêtre s'ouvre: « Choose Windows Directory »
Tu choisis le lecteur qui embarque Windows (C par défaut) et ensuite tu pointes vers ce fichier Windows.
Une autre fenêtre mentionne :"Do you wish to loadremote user profile(s) for scanning ?"
Tu cliques sur Oui
Tu choisis ensuite ta session (logiquement la première ligne de cette fenêtre)
La ligne en bas du tableau est cochée (sinon le faire)
Cliquer sur Ok
Tu cliques sur OK
Ensuite
* sous custom scans /fixes
1) copie_colle le contenu du cadre ci dessous:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
cdrom.sys
disk.sys
ndis.sys
mountmgr.sys
aec.sys
rasacd.sys
mrxsmb10.sys
mrxsmb20.sys
termdd.sys
mrxsmb.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
explorer.exe
winlogon.exe
wininit.exe
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
* copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.
* 2) Clic Run Scan pour démarrer le scan.
* Une fois terminé , le fichier se trouve là C:\OTL.txt
* Copie_colle le contenu dans ta prochaine réponse.
@+
* Double-clique sur l'icone OTLPE
* Une fenêtre s'ouvre: « Choose Windows Directory »
Tu choisis le lecteur qui embarque Windows (C par défaut) et ensuite tu pointes vers ce fichier Windows.
Une autre fenêtre mentionne :"Do you wish to loadremote user profile(s) for scanning ?"
Tu cliques sur Oui
Tu choisis ensuite ta session (logiquement la première ligne de cette fenêtre)
La ligne en bas du tableau est cochée (sinon le faire)
Cliquer sur Ok
Tu cliques sur OK
Ensuite
* sous custom scans /fixes
1) copie_colle le contenu du cadre ci dessous:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
cdrom.sys
disk.sys
ndis.sys
mountmgr.sys
aec.sys
rasacd.sys
mrxsmb10.sys
mrxsmb20.sys
termdd.sys
mrxsmb.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
explorer.exe
winlogon.exe
wininit.exe
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
* copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.
* 2) Clic Run Scan pour démarrer le scan.
* Une fois terminé , le fichier se trouve là C:\OTL.txt
* Copie_colle le contenu dans ta prochaine réponse.
@+
Re
Et ce mode opératoire ici :
https://www.malekal.com/malekal-live-cd-reparer-depanner-pc-windows/
Rubrique OTL / OTLPE
ne fonctionne pas?
@+
Et ce mode opératoire ici :
https://www.malekal.com/malekal-live-cd-reparer-depanner-pc-windows/
Rubrique OTL / OTLPE
ne fonctionne pas?
@+
voici enfin le rapport scan OTL
OTL logfile created on: 2013-12-30 17:25:42 - Run
OTLPE by OldTimer - Version 3.1.29.0 Folder = Y:\Programs\OTLPE
Windows Vista (TM) Home Basic Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,52 Gb Total Space | 18,76 Gb Free Space | 26,98% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 63,85 Gb Free Space | 91,84% Space Free | Partition Type: NTFS
Drive E: | 10,00 Gb Total Space | 2,81 Gb Free Space | 28,12% Space Free | Partition Type: NTFS
Drive F: | 951,98 Mb Total Space | 951,97 Mb Free Space | 100,00% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 230,62 Mb Total Space | 228,19 Mb Free Space | 98,95% Space Free | Partition Type: NTFS
Drive Y: | 548,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MININT-PEUU73
Current User Name: Système
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet002
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2013-12-26 10:33:34 | 000,225,280 | ---- | M] (http://tortoisesvn.net) [Auto] -- C:\Windows\System32\t73jfbd.jss -- (Winmgmt)
SRV - [2013-09-05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-01-03 17:53:55 | 000,139,576 | ---- | M] (Boxore OU.) [Auto] -- C:\Program Files\Software\Update\SoftwareUpdate.exe -- (supdate) Service Software Update (supdate)
SRV - [2012-08-24 01:21:20 | 000,194,032 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2011-07-20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010-11-20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-01-29 18:58:37 | 000,135,664 | ---- | M] (Google Inc.) [On_Demand] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem) Service Google Update (gupdatem)
SRV - [2010-01-29 18:58:37 | 000,135,664 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Service Google Update (gupdate)
SRV - [2009-11-25 13:39:21 | 000,030,192 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009-08-05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009-03-26 14:31:20 | 000,132,424 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008-12-12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008-08-20 03:12:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2008-06-11 10:18:30 | 000,024,576 | ---- | M] () [Auto] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008-04-06 21:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) [Auto] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008-04-04 02:03:14 | 000,131,072 | ---- | M] () [Auto] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008-03-03 12:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007-01-17 10:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007-01-04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (DKbFltr)
DRV - [2009-08-05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009-03-19 15:32:48 | 000,023,400 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008-08-20 03:12:00 | 007,546,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008-08-06 10:11:06 | 002,164,248 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-07-22 03:21:08 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008-07-21 09:12:22 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008-06-25 09:39:42 | 000,212,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2008-06-11 10:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008-06-02 09:59:00 | 000,912,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-02-13 02:45:00 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008-01-30 10:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008-01-30 10:51:50 | 000,013,824 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2008-01-23 12:18:28 | 001,187,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008-01-21 03:33:43 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008-01-21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-04-17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 08:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006-11-02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=aed&ir=aed&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0DyByDtCzz0F0FtBtCzyyDtN0D0Tzu0CtAyCzytN1L2XzutBtFtBtFtCtFyEtDyB&cr=1602959007
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=119894&babsrc=HP_ss&mntrId=F81400234D7518FF
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer-group.com/selection.html?b=ACEW&l=040c&s=2&o=vb32&d=1008&m=emg620
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?pc=UP97&ocid=UP97DHP
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\ELSA_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\ELSA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\ELSA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.offerbox.com
FF - HKLM\software\mozilla\Firefox\Extensions\\widestream6@spointer.com: C:\Program Files\Widestream6\spointer\extensions\widestream6@spointer.com [2011-02-25 17:22:21 | 000,000,000 | ---D | M]
[2013-04-06 06:13:12 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Interest recogniser for Widestream6 (powered by Spointer)) - {1a6dc111-b030-4c3e-be65-299284128b91} - C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll (Widestream6)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search-Results Toolbar) - {6e47d688-85ec-465a-9946-ec58220f14fc} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll (Google Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {6e47d688-85ec-465a-9946-ec58220f14fc} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\ELSA_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\ELSA_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\ELSA_ON_C\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Boxore Client] C:\Program Files\Boxore\BoxoreClient\boxore.exe (Boxore OU)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE File not found
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKU\ELSA_ON_C..\Run: [Facebook Update] C:\Users\ELSA\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\ELSA_ON_C..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe (Somoto)
O4 - HKU\ELSA_ON_C..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\ELSA_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\ELSA_ON_C..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 8597 = c:\progra~2\msvuxwoux.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\ELSA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O7 - HKU\ELSA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\ELSA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecycleFiles = 0
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.01\MediaManager\grab.html ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\ELSA_ON_C\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\ELSA_ON_C\..Trusted Ranges: 1 range(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (browse~1\261125~1.80\{c16c1~1\browse~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\progra~1\google\google~1\goec62~1.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: X:\Users\Default\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.jpg
O24 - Desktop BackupWallPaper: X:\Users\Default\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{61050a1f-b616-11e2-8f20-001e68f79001}\Shell - "" = AutoRun
O33 - MountPoints2\{61050a1f-b616-11e2-8f20-001e68f79001}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O33 - MountPoints2\{7fc8ac93-9510-11dd-9c1a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7fc8ac93-9510-11dd-9c1a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{96dd450c-e873-11e1-a814-001e68f79001}\Shell - "" = AutoRun
O33 - MountPoints2\{96dd450c-e873-11e1-a814-001e68f79001}\Shell\AutoRun\command - "" = F:\iLinker.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008-01-21 03:46:39 | 000,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: winmgmt - C:\Windows\System32\t73jfbd.jss (http://tortoisesvn.net)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan.lnk - C:\PROGRA~1\MCAFEE~1\10BCA1~1.150\SSSCHE~1.EXE - (McAfee, Inc.)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]BkupTray[/b] - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
MsConfig - StartUpReg: [b]Google Desktop Search[/b] - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe File not found
MsConfig - StartUpReg: [b]LManager[/b] - hkey= - key= - C:\PROGRA~1\LAUNCH~1\QtZyEmachine.EXE File not found
MsConfig - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe File not found
MsConfig - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: [b]SynTPEnh[/b] - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: [b]WarReg_PopUp[/b] - hkey= - key= - C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe (eMachines)
MsConfig - StartUpReg: [b]Windows Defender[/b] - hkey= - key= - File not found
MsConfig - State: "startup" - 1
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: WinMgmt - C:\Windows\System32\t73jfbd.jss (http://tortoisesvn.net)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WinMgmt - C:\Windows\System32\t73jfbd.jss (http://tortoisesvn.net)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013-12-30 16:56:24 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Malwarebytes
[2013-12-30 16:55:51 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Local\Programs
[2013-12-30 16:53:06 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- X:\Users\Default\Desktop\mbam-setup-1.75.0.1300.exe
[2013-12-30 16:51:51 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Macromedia
[2013-12-30 16:51:49 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Adobe
[2013-12-30 16:51:04 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Local\Opera
[2013-12-30 16:51:03 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Opera
[2013-12-29 22:11:03 | 000,000,000 | ---D | C] -- C:\Users\ELSA\Desktop\RK_Quarantine
[2013-12-29 15:10:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-12-28 20:05:39 | 000,309,248 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\jqlwbfwj.jss
[2013-12-27 16:49:47 | 000,217,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lfflfdob.jss
[2013-12-27 16:09:02 | 000,217,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbjz8jz1e.jss
[2013-12-27 12:31:32 | 000,319,488 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\hz8nb7ot7.jss
[2013-12-26 15:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\GUM4153.tmp
[2013-12-26 15:10:01 | 000,232,960 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\3nbiqgi.jss
[2013-12-26 15:04:06 | 000,232,960 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\flvaaow.jss
[2013-12-26 10:33:27 | 000,225,280 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\t73jfbd.jss
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013-12-30 16:53:31 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- X:\Users\Default\Desktop\mbam-setup-1.75.0.1300.exe
[2013-12-30 16:37:28 | 000,001,663 | ---- | M] () -- X:\Users\Default\Desktop\PENetwork.lnk
[2013-12-30 16:37:28 | 000,001,560 | ---- | M] () -- X:\Users\Default\Desktop\Command Prompt.lnk
[2013-12-30 16:37:28 | 000,001,444 | ---- | M] () -- X:\Users\Default\Desktop\Explorer.lnk
[2013-12-30 16:37:28 | 000,000,637 | ---- | M] () -- X:\Users\Default\Desktop\HD Tune v2.55.lnk
[2013-12-30 16:37:27 | 000,000,891 | ---- | M] () -- X:\Users\Default\Desktop\OTLPE.lnk
[2013-12-30 16:37:27 | 000,000,697 | ---- | M] () -- X:\Users\Default\Desktop\RogueKiller.lnk
[2013-12-30 16:37:27 | 000,000,625 | ---- | M] () -- X:\Users\Default\Desktop\Opera12.lnk
[2013-12-30 16:37:27 | 000,000,591 | ---- | M] () -- X:\Users\Default\Desktop\FRST.lnk
[2013-12-30 16:32:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-12-30 16:32:10 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2013-12-30 16:31:53 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2013-12-30 16:31:39 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-12-30 16:31:35 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013-12-30 16:31:34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013-12-30 16:30:26 | 2951,036,928 | -HS- | M] () -- C:\hiberfil.sys
[2013-12-30 16:28:02 | 002,707,517 | -H-- | M] () -- C:\Users\ELSA\AppData\Local\IconCache.db
[2013-12-30 16:26:24 | 095,025,368 | ---- | M] () -- C:\Windows\System32\7to7bn8zh.fee
[2013-12-30 16:26:14 | 095,025,368 | ---- | M] () -- C:\Windows\System32\woaavlf.fee
[2013-12-30 16:26:05 | 095,025,368 | ---- | M] () -- C:\Windows\System32\igqibn3.fee
[2013-12-30 16:25:51 | 095,025,368 | ---- | M] () -- C:\Windows\System32\jwfbwlqj.fee
[2013-12-30 16:25:49 | 000,000,000 | ---- | M] () -- C:\Windows\System32\jwfbwlqj.odd
[2013-12-30 16:25:42 | 095,025,368 | ---- | M] () -- C:\Windows\System32\e1zj8zjbn.fee
[2013-12-30 16:25:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\e1zj8zjbn.odd
[2013-12-30 16:25:38 | 000,000,000 | ---- | M] () -- C:\Windows\System32\7to7bn8zh.odd
[2013-12-30 16:25:35 | 095,025,368 | ---- | M] () -- C:\Windows\System32\bodflffl.fee
[2013-12-30 16:25:35 | 000,000,000 | ---- | M] () -- C:\Windows\System32\woaavlf.odd
[2013-12-30 16:25:34 | 000,000,000 | ---- | M] () -- C:\Windows\System32\bodflffl.odd
[2013-12-30 16:25:30 | 095,025,368 | ---- | M] () -- C:\Windows\System32\a9bbr8.fee
[2013-12-30 16:25:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\igqibn3.odd
[2013-12-30 16:25:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\a9bbr8.odd
[2013-12-30 16:25:19 | 095,025,368 | ---- | M] () -- C:\Windows\System32\dbfj37t.fee
[2013-12-30 16:25:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\dbfj37t.odd
[2013-12-30 16:25:08 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2013-12-30 13:05:24 | 000,000,844 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a9bbr8.lnk
[2013-12-30 13:04:14 | 000,153,088 | ---- | M] () -- C:\Windows\System32\8rbb9a.jss
[2013-12-29 22:13:06 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-12-29 18:58:52 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2013-12-29 12:40:18 | 000,058,368 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2013-12-28 20:06:44 | 000,000,848 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jwfbwlqj.lnk
[2013-12-28 20:06:03 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000UA.job
[2013-12-28 20:05:39 | 000,309,248 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\jqlwbfwj.jss
[2013-12-28 19:30:29 | 000,024,576 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
[2013-12-27 16:50:50 | 000,000,848 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bodflffl.lnk
[2013-12-27 16:49:47 | 000,217,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lfflfdob.jss
[2013-12-27 16:09:24 | 000,000,850 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e1zj8zjbn.lnk
[2013-12-27 16:09:02 | 000,217,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nbjz8jz1e.jss
[2013-12-27 12:31:40 | 000,000,850 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7to7bn8zh.lnk
[2013-12-27 12:31:32 | 000,319,488 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\hz8nb7ot7.jss
[2013-12-26 15:10:30 | 000,000,846 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igqibn3.lnk
[2013-12-26 15:10:01 | 000,232,960 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\3nbiqgi.jss
[2013-12-26 15:04:48 | 000,000,327 | ---- | M] () -- C:\Windows\System32\dbfj37t.reg
[2013-12-26 15:04:30 | 000,000,846 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\woaavlf.lnk
[2013-12-26 15:04:10 | 000,232,960 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\flvaaow.jss
[2013-12-26 15:00:11 | 000,000,556 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ELSA.job
[2013-12-26 10:37:22 | 012,070,882 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013-12-26 10:37:22 | 004,236,200 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-12-26 10:37:22 | 004,094,066 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013-12-26 10:37:22 | 003,610,312 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-12-26 10:37:22 | 000,005,336 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2013-12-26 10:34:03 | 000,000,846 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dbfj37t.lnk
[2013-12-26 10:33:34 | 000,225,280 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\t73jfbd.jss
[2013-12-25 08:05:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000Core.job
[2013-12-24 10:17:58 | 000,000,850 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vrllcmqjw.lnk
[2013-12-23 18:59:05 | 000,000,108 | ---- | M] () -- C:\Users\ELSA\Desktop\Confidentialité.url
[2013-12-23 14:19:38 | 000,089,608 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\TfSNhA8ac.ijzp
[2013-12-23 13:53:23 | 000,021,000 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\DvXCEGGR6uC.xbbk
[2013-12-23 11:41:02 | 002,785,438 | ---- | M] () -- C:\Users\ELSA\Desktop\Indila feat. Black M - Dernière Danse (Remix).mp3
[2013-12-13 03:57:46 | 006,459,384 | ---- | M] () -- C:\Users\ELSA\Desktop\Cirfa feat Badré, Sadjo, Dja, Mam's, Zei Leand - 33 C'est La Famass-[www_flvto_com].mp3
[2013-12-12 05:11:46 | 000,001,356 | ---- | M] () -- C:\Users\ELSA\AppData\Local\d3d9caps.dat
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013-12-30 16:37:28 | 000,001,663 | ---- | C] () -- X:\Users\Default\Desktop\PENetwork.lnk
[2013-12-30 16:37:28 | 000,001,560 | ---- | C] () -- X:\Users\Default\Desktop\Command Prompt.lnk
[2013-12-30 16:37:28 | 000,001,444 | ---- | C] () -- X:\Users\Default\Desktop\Explorer.lnk
[2013-12-30 16:37:28 | 000,000,637 | ---- | C] () -- X:\Users\Default\Desktop\HD Tune v2.55.lnk
[2013-12-30 16:37:27 | 000,000,891 | ---- | C] () -- X:\Users\Default\Desktop\OTLPE.lnk
[2013-12-30 16:37:27 | 000,000,697 | ---- | C] () -- X:\Users\Default\Desktop\RogueKiller.lnk
[2013-12-30 16:37:27 | 000,000,625 | ---- | C] () -- X:\Users\Default\Desktop\Opera12.lnk
[2013-12-30 16:37:27 | 000,000,591 | ---- | C] () -- X:\Users\Default\Desktop\FRST.lnk
[2013-12-30 16:30:26 | 2951,036,928 | -HS- | C] () -- C:\hiberfil.sys
[2013-12-30 13:05:24 | 000,000,844 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a9bbr8.lnk
[2013-12-30 13:04:34 | 000,000,000 | ---- | C] () -- C:\Windows\System32\a9bbr8.odd
[2013-12-30 13:04:17 | 095,025,368 | ---- | C] () -- C:\Windows\System32\a9bbr8.fee
[2013-12-30 13:04:14 | 000,153,088 | ---- | C] () -- C:\Windows\System32\8rbb9a.jss
[2013-12-28 20:06:44 | 000,000,848 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jwfbwlqj.lnk
[2013-12-28 20:06:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\jwfbwlqj.odd
[2013-12-28 20:06:02 | 095,025,368 | ---- | C] () -- C:\Windows\System32\jwfbwlqj.fee
[2013-12-27 16:50:50 | 000,000,848 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bodflffl.lnk
[2013-12-27 16:50:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\bodflffl.odd
[2013-12-27 16:50:12 | 095,025,368 | ---- | C] () -- C:\Windows\System32\bodflffl.fee
[2013-12-27 16:09:24 | 000,000,850 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e1zj8zjbn.lnk
[2013-12-27 16:09:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\e1zj8zjbn.odd
[2013-12-27 16:09:07 | 095,025,368 | ---- | C] () -- C:\Windows\System32\e1zj8zjbn.fee
[2013-12-27 12:31:40 | 000,000,850 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7to7bn8zh.lnk
[2013-12-27 12:31:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\7to7bn8zh.odd
[2013-12-27 12:31:34 | 095,025,368 | ---- | C] () -- C:\Windows\System32\7to7bn8zh.fee
[2013-12-26 15:10:30 | 000,000,846 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igqibn3.lnk
[2013-12-26 15:10:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\igqibn3.odd
[2013-12-26 15:10:02 | 095,025,368 | ---- | C] () -- C:\Windows\System32\igqibn3.fee
[2013-12-26 15:04:48 | 000,000,327 | ---- | C] () -- C:\Windows\System32\dbfj37t.reg
[2013-12-26 15:04:30 | 000,000,846 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\woaavlf.lnk
[2013-12-26 15:04:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\woaavlf.odd
[2013-12-26 15:04:14 | 095,025,368 | ---- | C] () -- C:\Windows\System32\woaavlf.fee
[2013-12-26 10:34:03 | 000,000,846 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dbfj37t.lnk
[2013-12-26 10:34:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dbfj37t.odd
[2013-12-26 10:33:39 | 095,025,368 | ---- | C] () -- C:\Windows\System32\dbfj37t.fee
[2013-12-24 10:17:58 | 000,000,850 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vrllcmqjw.lnk
[2013-12-23 18:59:05 | 000,000,108 | ---- | C] () -- C:\Users\ELSA\Desktop\Confidentialité.url
[2013-12-23 14:19:38 | 000,089,608 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\TfSNhA8ac.ijzp
[2013-12-23 13:53:23 | 000,021,000 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\DvXCEGGR6uC.xbbk
[2013-12-23 11:40:59 | 002,785,438 | ---- | C] () -- C:\Users\ELSA\Desktop\Indila feat. Black M - Dernière Danse (Remix).mp3
[2013-12-13 03:57:29 | 006,459,384 | ---- | C] () -- C:\Users\ELSA\Desktop\Cirfa feat Badré, Sadjo, Dja, Mam's, Zei Leand - 33 C'est La Famass-[www_flvto_com].mp3
[2013-01-03 17:48:12 | 000,368,102 | ---- | C] () -- C:\Users\ELSA\AppData\Local\funmoods-speeddial_sf.crx
[2013-01-03 17:48:12 | 000,031,465 | ---- | C] () -- C:\Users\ELSA\AppData\Local\funmoods.crx
[2011-11-05 19:04:45 | 000,000,272 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\.backup.dm
[2010-11-24 13:26:39 | 000,000,000 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\wklnhst.dat
[2009-01-26 10:35:52 | 000,000,776 | ---- | C] () -- C:\Windows\WININIT.INI
[2008-12-21 13:33:24 | 000,001,356 | ---- | C] () -- C:\Users\ELSA\AppData\Local\d3d9caps.dat
[2008-12-21 13:08:44 | 000,038,400 | ---- | C] () -- C:\Users\ELSA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-12-21 11:35:13 | 000,000,109 | ---- | C] () -- C:\Windows\Kit.ini
[2008-11-21 22:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008-11-21 22:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008-11-21 22:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008-11-21 22:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008-10-08 09:17:43 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008-09-10 01:04:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008-09-09 16:22:55 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008-09-09 16:22:55 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008-09-09 15:56:17 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-03-06 09:41:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\AMV_DecDLL.dll
[2004-09-16 12:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\System32\drivers\ADFUUD.SYS
[2004-09-16 12:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\ADFUUD.SYS
[2001-12-26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001-09-03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001-07-30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001-07-23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[color=#E56717]========== LOP Check ==========[/color]
[2013-04-06 06:13:29 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Babylon
[2009-12-20 14:34:08 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Big Fish Games
[2013-05-05 22:15:39 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\eType
[2011-02-25 17:19:00 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\FissaSearch
[2011-02-13 18:11:22 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Floodlight Games
[2008-12-25 18:52:36 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\FloodLightGames
[2010-01-17 17:09:57 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\FUJIFILM
[2013-01-03 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Funmoods
[2010-12-23 17:59:54 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\GARMIN
[2009-05-17 19:00:05 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\InterVideo
[2012-10-31 13:23:43 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\MusicNet
[2013-05-05 20:34:18 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\OfferBox
[2010-07-19 18:37:22 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\SecretIslandFranc
[2010-11-24 13:26:39 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Template
[2010-05-29 20:21:09 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\widestream
[2011-08-17 18:00:33 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Windows Live Writer
[2013-12-30 16:51:03 | 000,000,000 | ---D | M] -- X:\Users\Default\AppData\Roaming\Opera
[2013-12-25 08:05:01 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000Core.job
[2013-12-28 20:06:03 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000UA.job
[2013-12-30 16:32:11 | 000,032,468 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013-12-30 16:25:08 | 000,001,066 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
[2013-12-29 18:58:52 | 000,001,070 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2006-11-02 10:46:03 | 000,011,776 | --
OTL logfile created on: 2013-12-30 17:25:42 - Run
OTLPE by OldTimer - Version 3.1.29.0 Folder = Y:\Programs\OTLPE
Windows Vista (TM) Home Basic Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,52 Gb Total Space | 18,76 Gb Free Space | 26,98% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 63,85 Gb Free Space | 91,84% Space Free | Partition Type: NTFS
Drive E: | 10,00 Gb Total Space | 2,81 Gb Free Space | 28,12% Space Free | Partition Type: NTFS
Drive F: | 951,98 Mb Total Space | 951,97 Mb Free Space | 100,00% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 230,62 Mb Total Space | 228,19 Mb Free Space | 98,95% Space Free | Partition Type: NTFS
Drive Y: | 548,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MININT-PEUU73
Current User Name: Système
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet002
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2013-12-26 10:33:34 | 000,225,280 | ---- | M] (http://tortoisesvn.net) [Auto] -- C:\Windows\System32\t73jfbd.jss -- (Winmgmt)
SRV - [2013-09-05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-01-03 17:53:55 | 000,139,576 | ---- | M] (Boxore OU.) [Auto] -- C:\Program Files\Software\Update\SoftwareUpdate.exe -- (supdate) Service Software Update (supdate)
SRV - [2012-08-24 01:21:20 | 000,194,032 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2011-07-20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010-11-20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-01-29 18:58:37 | 000,135,664 | ---- | M] (Google Inc.) [On_Demand] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem) Service Google Update (gupdatem)
SRV - [2010-01-29 18:58:37 | 000,135,664 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Service Google Update (gupdate)
SRV - [2009-11-25 13:39:21 | 000,030,192 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009-08-05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009-03-26 14:31:20 | 000,132,424 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008-12-12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008-08-20 03:12:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2008-06-11 10:18:30 | 000,024,576 | ---- | M] () [Auto] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008-04-06 21:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) [Auto] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008-04-04 02:03:14 | 000,131,072 | ---- | M] () [Auto] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008-03-03 12:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007-01-17 10:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007-01-04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (DKbFltr)
DRV - [2009-08-05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009-03-19 15:32:48 | 000,023,400 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008-08-20 03:12:00 | 007,546,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008-08-06 10:11:06 | 002,164,248 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008-07-22 03:21:08 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008-07-21 09:12:22 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008-06-25 09:39:42 | 000,212,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2008-06-11 10:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008-06-02 09:59:00 | 000,912,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-02-13 02:45:00 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008-01-30 10:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008-01-30 10:51:50 | 000,013,824 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2008-01-23 12:18:28 | 001,187,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008-01-21 03:33:43 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008-01-21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-04-17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 08:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006-11-02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=aed&ir=aed&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0DyByDtCzz0F0FtBtCzyyDtN0D0Tzu0CtAyCzytN1L2XzutBtFtBtFtCtFyEtDyB&cr=1602959007
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=119894&babsrc=HP_ss&mntrId=F81400234D7518FF
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer-group.com/selection.html?b=ACEW&l=040c&s=2&o=vb32&d=1008&m=emg620
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?pc=UP97&ocid=UP97DHP
IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\ELSA_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\ELSA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\ELSA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.offerbox.com
FF - HKLM\software\mozilla\Firefox\Extensions\\widestream6@spointer.com: C:\Program Files\Widestream6\spointer\extensions\widestream6@spointer.com [2011-02-25 17:22:21 | 000,000,000 | ---D | M]
[2013-04-06 06:13:12 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Interest recogniser for Widestream6 (powered by Spointer)) - {1a6dc111-b030-4c3e-be65-299284128b91} - C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll (Widestream6)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search-Results Toolbar) - {6e47d688-85ec-465a-9946-ec58220f14fc} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll (Google Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {6e47d688-85ec-465a-9946-ec58220f14fc} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\ELSA_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\ELSA_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\ELSA_ON_C\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Boxore Client] C:\Program Files\Boxore\BoxoreClient\boxore.exe (Boxore OU)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE File not found
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKU\ELSA_ON_C..\Run: [Facebook Update] C:\Users\ELSA\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\ELSA_ON_C..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe (Somoto)
O4 - HKU\ELSA_ON_C..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\ELSA_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\ELSA_ON_C..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 8597 = c:\progra~2\msvuxwoux.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\ELSA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O7 - HKU\ELSA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\ELSA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecycleFiles = 0
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.01\MediaManager\grab.html ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\ELSA_ON_C\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\ELSA_ON_C\..Trusted Ranges: 1 range(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (browse~1\261125~1.80\{c16c1~1\browse~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\progra~1\google\google~1\goec62~1.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: X:\Users\Default\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.jpg
O24 - Desktop BackupWallPaper: X:\Users\Default\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{61050a1f-b616-11e2-8f20-001e68f79001}\Shell - "" = AutoRun
O33 - MountPoints2\{61050a1f-b616-11e2-8f20-001e68f79001}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O33 - MountPoints2\{7fc8ac93-9510-11dd-9c1a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7fc8ac93-9510-11dd-9c1a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{96dd450c-e873-11e1-a814-001e68f79001}\Shell - "" = AutoRun
O33 - MountPoints2\{96dd450c-e873-11e1-a814-001e68f79001}\Shell\AutoRun\command - "" = F:\iLinker.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008-01-21 03:46:39 | 000,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: winmgmt - C:\Windows\System32\t73jfbd.jss (http://tortoisesvn.net)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan.lnk - C:\PROGRA~1\MCAFEE~1\10BCA1~1.150\SSSCHE~1.EXE - (McAfee, Inc.)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]BkupTray[/b] - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
MsConfig - StartUpReg: [b]Google Desktop Search[/b] - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe File not found
MsConfig - StartUpReg: [b]LManager[/b] - hkey= - key= - C:\PROGRA~1\LAUNCH~1\QtZyEmachine.EXE File not found
MsConfig - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe File not found
MsConfig - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: [b]SynTPEnh[/b] - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
MsConfig - StartUpReg: [b]WarReg_PopUp[/b] - hkey= - key= - C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe (eMachines)
MsConfig - StartUpReg: [b]Windows Defender[/b] - hkey= - key= - File not found
MsConfig - State: "startup" - 1
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: WinMgmt - C:\Windows\System32\t73jfbd.jss (http://tortoisesvn.net)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WinMgmt - C:\Windows\System32\t73jfbd.jss (http://tortoisesvn.net)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013-12-30 16:56:24 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Malwarebytes
[2013-12-30 16:55:51 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Local\Programs
[2013-12-30 16:53:06 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- X:\Users\Default\Desktop\mbam-setup-1.75.0.1300.exe
[2013-12-30 16:51:51 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Macromedia
[2013-12-30 16:51:49 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Adobe
[2013-12-30 16:51:04 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Local\Opera
[2013-12-30 16:51:03 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Opera
[2013-12-29 22:11:03 | 000,000,000 | ---D | C] -- C:\Users\ELSA\Desktop\RK_Quarantine
[2013-12-29 15:10:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2013-12-28 20:05:39 | 000,309,248 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\jqlwbfwj.jss
[2013-12-27 16:49:47 | 000,217,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lfflfdob.jss
[2013-12-27 16:09:02 | 000,217,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbjz8jz1e.jss
[2013-12-27 12:31:32 | 000,319,488 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\hz8nb7ot7.jss
[2013-12-26 15:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\GUM4153.tmp
[2013-12-26 15:10:01 | 000,232,960 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\3nbiqgi.jss
[2013-12-26 15:04:06 | 000,232,960 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\flvaaow.jss
[2013-12-26 10:33:27 | 000,225,280 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\t73jfbd.jss
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013-12-30 16:53:31 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- X:\Users\Default\Desktop\mbam-setup-1.75.0.1300.exe
[2013-12-30 16:37:28 | 000,001,663 | ---- | M] () -- X:\Users\Default\Desktop\PENetwork.lnk
[2013-12-30 16:37:28 | 000,001,560 | ---- | M] () -- X:\Users\Default\Desktop\Command Prompt.lnk
[2013-12-30 16:37:28 | 000,001,444 | ---- | M] () -- X:\Users\Default\Desktop\Explorer.lnk
[2013-12-30 16:37:28 | 000,000,637 | ---- | M] () -- X:\Users\Default\Desktop\HD Tune v2.55.lnk
[2013-12-30 16:37:27 | 000,000,891 | ---- | M] () -- X:\Users\Default\Desktop\OTLPE.lnk
[2013-12-30 16:37:27 | 000,000,697 | ---- | M] () -- X:\Users\Default\Desktop\RogueKiller.lnk
[2013-12-30 16:37:27 | 000,000,625 | ---- | M] () -- X:\Users\Default\Desktop\Opera12.lnk
[2013-12-30 16:37:27 | 000,000,591 | ---- | M] () -- X:\Users\Default\Desktop\FRST.lnk
[2013-12-30 16:32:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-12-30 16:32:10 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2013-12-30 16:31:53 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2013-12-30 16:31:39 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-12-30 16:31:35 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013-12-30 16:31:34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013-12-30 16:30:26 | 2951,036,928 | -HS- | M] () -- C:\hiberfil.sys
[2013-12-30 16:28:02 | 002,707,517 | -H-- | M] () -- C:\Users\ELSA\AppData\Local\IconCache.db
[2013-12-30 16:26:24 | 095,025,368 | ---- | M] () -- C:\Windows\System32\7to7bn8zh.fee
[2013-12-30 16:26:14 | 095,025,368 | ---- | M] () -- C:\Windows\System32\woaavlf.fee
[2013-12-30 16:26:05 | 095,025,368 | ---- | M] () -- C:\Windows\System32\igqibn3.fee
[2013-12-30 16:25:51 | 095,025,368 | ---- | M] () -- C:\Windows\System32\jwfbwlqj.fee
[2013-12-30 16:25:49 | 000,000,000 | ---- | M] () -- C:\Windows\System32\jwfbwlqj.odd
[2013-12-30 16:25:42 | 095,025,368 | ---- | M] () -- C:\Windows\System32\e1zj8zjbn.fee
[2013-12-30 16:25:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\e1zj8zjbn.odd
[2013-12-30 16:25:38 | 000,000,000 | ---- | M] () -- C:\Windows\System32\7to7bn8zh.odd
[2013-12-30 16:25:35 | 095,025,368 | ---- | M] () -- C:\Windows\System32\bodflffl.fee
[2013-12-30 16:25:35 | 000,000,000 | ---- | M] () -- C:\Windows\System32\woaavlf.odd
[2013-12-30 16:25:34 | 000,000,000 | ---- | M] () -- C:\Windows\System32\bodflffl.odd
[2013-12-30 16:25:30 | 095,025,368 | ---- | M] () -- C:\Windows\System32\a9bbr8.fee
[2013-12-30 16:25:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\igqibn3.odd
[2013-12-30 16:25:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\a9bbr8.odd
[2013-12-30 16:25:19 | 095,025,368 | ---- | M] () -- C:\Windows\System32\dbfj37t.fee
[2013-12-30 16:25:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\dbfj37t.odd
[2013-12-30 16:25:08 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2013-12-30 13:05:24 | 000,000,844 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a9bbr8.lnk
[2013-12-30 13:04:14 | 000,153,088 | ---- | M] () -- C:\Windows\System32\8rbb9a.jss
[2013-12-29 22:13:06 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-12-29 18:58:52 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2013-12-29 12:40:18 | 000,058,368 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2013-12-28 20:06:44 | 000,000,848 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jwfbwlqj.lnk
[2013-12-28 20:06:03 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000UA.job
[2013-12-28 20:05:39 | 000,309,248 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\jqlwbfwj.jss
[2013-12-28 19:30:29 | 000,024,576 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
[2013-12-27 16:50:50 | 000,000,848 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bodflffl.lnk
[2013-12-27 16:49:47 | 000,217,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lfflfdob.jss
[2013-12-27 16:09:24 | 000,000,850 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e1zj8zjbn.lnk
[2013-12-27 16:09:02 | 000,217,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nbjz8jz1e.jss
[2013-12-27 12:31:40 | 000,000,850 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7to7bn8zh.lnk
[2013-12-27 12:31:32 | 000,319,488 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\hz8nb7ot7.jss
[2013-12-26 15:10:30 | 000,000,846 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igqibn3.lnk
[2013-12-26 15:10:01 | 000,232,960 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\3nbiqgi.jss
[2013-12-26 15:04:48 | 000,000,327 | ---- | M] () -- C:\Windows\System32\dbfj37t.reg
[2013-12-26 15:04:30 | 000,000,846 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\woaavlf.lnk
[2013-12-26 15:04:10 | 000,232,960 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\flvaaow.jss
[2013-12-26 15:00:11 | 000,000,556 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ELSA.job
[2013-12-26 10:37:22 | 012,070,882 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013-12-26 10:37:22 | 004,236,200 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-12-26 10:37:22 | 004,094,066 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013-12-26 10:37:22 | 003,610,312 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-12-26 10:37:22 | 000,005,336 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2013-12-26 10:34:03 | 000,000,846 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dbfj37t.lnk
[2013-12-26 10:33:34 | 000,225,280 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\t73jfbd.jss
[2013-12-25 08:05:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000Core.job
[2013-12-24 10:17:58 | 000,000,850 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vrllcmqjw.lnk
[2013-12-23 18:59:05 | 000,000,108 | ---- | M] () -- C:\Users\ELSA\Desktop\Confidentialité.url
[2013-12-23 14:19:38 | 000,089,608 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\TfSNhA8ac.ijzp
[2013-12-23 13:53:23 | 000,021,000 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\DvXCEGGR6uC.xbbk
[2013-12-23 11:41:02 | 002,785,438 | ---- | M] () -- C:\Users\ELSA\Desktop\Indila feat. Black M - Dernière Danse (Remix).mp3
[2013-12-13 03:57:46 | 006,459,384 | ---- | M] () -- C:\Users\ELSA\Desktop\Cirfa feat Badré, Sadjo, Dja, Mam's, Zei Leand - 33 C'est La Famass-[www_flvto_com].mp3
[2013-12-12 05:11:46 | 000,001,356 | ---- | M] () -- C:\Users\ELSA\AppData\Local\d3d9caps.dat
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013-12-30 16:37:28 | 000,001,663 | ---- | C] () -- X:\Users\Default\Desktop\PENetwork.lnk
[2013-12-30 16:37:28 | 000,001,560 | ---- | C] () -- X:\Users\Default\Desktop\Command Prompt.lnk
[2013-12-30 16:37:28 | 000,001,444 | ---- | C] () -- X:\Users\Default\Desktop\Explorer.lnk
[2013-12-30 16:37:28 | 000,000,637 | ---- | C] () -- X:\Users\Default\Desktop\HD Tune v2.55.lnk
[2013-12-30 16:37:27 | 000,000,891 | ---- | C] () -- X:\Users\Default\Desktop\OTLPE.lnk
[2013-12-30 16:37:27 | 000,000,697 | ---- | C] () -- X:\Users\Default\Desktop\RogueKiller.lnk
[2013-12-30 16:37:27 | 000,000,625 | ---- | C] () -- X:\Users\Default\Desktop\Opera12.lnk
[2013-12-30 16:37:27 | 000,000,591 | ---- | C] () -- X:\Users\Default\Desktop\FRST.lnk
[2013-12-30 16:30:26 | 2951,036,928 | -HS- | C] () -- C:\hiberfil.sys
[2013-12-30 13:05:24 | 000,000,844 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a9bbr8.lnk
[2013-12-30 13:04:34 | 000,000,000 | ---- | C] () -- C:\Windows\System32\a9bbr8.odd
[2013-12-30 13:04:17 | 095,025,368 | ---- | C] () -- C:\Windows\System32\a9bbr8.fee
[2013-12-30 13:04:14 | 000,153,088 | ---- | C] () -- C:\Windows\System32\8rbb9a.jss
[2013-12-28 20:06:44 | 000,000,848 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jwfbwlqj.lnk
[2013-12-28 20:06:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\jwfbwlqj.odd
[2013-12-28 20:06:02 | 095,025,368 | ---- | C] () -- C:\Windows\System32\jwfbwlqj.fee
[2013-12-27 16:50:50 | 000,000,848 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bodflffl.lnk
[2013-12-27 16:50:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\bodflffl.odd
[2013-12-27 16:50:12 | 095,025,368 | ---- | C] () -- C:\Windows\System32\bodflffl.fee
[2013-12-27 16:09:24 | 000,000,850 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e1zj8zjbn.lnk
[2013-12-27 16:09:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\e1zj8zjbn.odd
[2013-12-27 16:09:07 | 095,025,368 | ---- | C] () -- C:\Windows\System32\e1zj8zjbn.fee
[2013-12-27 12:31:40 | 000,000,850 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7to7bn8zh.lnk
[2013-12-27 12:31:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\7to7bn8zh.odd
[2013-12-27 12:31:34 | 095,025,368 | ---- | C] () -- C:\Windows\System32\7to7bn8zh.fee
[2013-12-26 15:10:30 | 000,000,846 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igqibn3.lnk
[2013-12-26 15:10:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\igqibn3.odd
[2013-12-26 15:10:02 | 095,025,368 | ---- | C] () -- C:\Windows\System32\igqibn3.fee
[2013-12-26 15:04:48 | 000,000,327 | ---- | C] () -- C:\Windows\System32\dbfj37t.reg
[2013-12-26 15:04:30 | 000,000,846 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\woaavlf.lnk
[2013-12-26 15:04:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\woaavlf.odd
[2013-12-26 15:04:14 | 095,025,368 | ---- | C] () -- C:\Windows\System32\woaavlf.fee
[2013-12-26 10:34:03 | 000,000,846 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dbfj37t.lnk
[2013-12-26 10:34:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dbfj37t.odd
[2013-12-26 10:33:39 | 095,025,368 | ---- | C] () -- C:\Windows\System32\dbfj37t.fee
[2013-12-24 10:17:58 | 000,000,850 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vrllcmqjw.lnk
[2013-12-23 18:59:05 | 000,000,108 | ---- | C] () -- C:\Users\ELSA\Desktop\Confidentialité.url
[2013-12-23 14:19:38 | 000,089,608 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\TfSNhA8ac.ijzp
[2013-12-23 13:53:23 | 000,021,000 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\DvXCEGGR6uC.xbbk
[2013-12-23 11:40:59 | 002,785,438 | ---- | C] () -- C:\Users\ELSA\Desktop\Indila feat. Black M - Dernière Danse (Remix).mp3
[2013-12-13 03:57:29 | 006,459,384 | ---- | C] () -- C:\Users\ELSA\Desktop\Cirfa feat Badré, Sadjo, Dja, Mam's, Zei Leand - 33 C'est La Famass-[www_flvto_com].mp3
[2013-01-03 17:48:12 | 000,368,102 | ---- | C] () -- C:\Users\ELSA\AppData\Local\funmoods-speeddial_sf.crx
[2013-01-03 17:48:12 | 000,031,465 | ---- | C] () -- C:\Users\ELSA\AppData\Local\funmoods.crx
[2011-11-05 19:04:45 | 000,000,272 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\.backup.dm
[2010-11-24 13:26:39 | 000,000,000 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\wklnhst.dat
[2009-01-26 10:35:52 | 000,000,776 | ---- | C] () -- C:\Windows\WININIT.INI
[2008-12-21 13:33:24 | 000,001,356 | ---- | C] () -- C:\Users\ELSA\AppData\Local\d3d9caps.dat
[2008-12-21 13:08:44 | 000,038,400 | ---- | C] () -- C:\Users\ELSA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-12-21 11:35:13 | 000,000,109 | ---- | C] () -- C:\Windows\Kit.ini
[2008-11-21 22:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008-11-21 22:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008-11-21 22:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008-11-21 22:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008-10-08 09:17:43 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008-09-10 01:04:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008-09-09 16:22:55 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008-09-09 16:22:55 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008-09-09 15:56:17 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-03-06 09:41:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\AMV_DecDLL.dll
[2004-09-16 12:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\System32\drivers\ADFUUD.SYS
[2004-09-16 12:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\ADFUUD.SYS
[2001-12-26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001-09-03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001-07-30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001-07-23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[color=#E56717]========== LOP Check ==========[/color]
[2013-04-06 06:13:29 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Babylon
[2009-12-20 14:34:08 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Big Fish Games
[2013-05-05 22:15:39 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\eType
[2011-02-25 17:19:00 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\FissaSearch
[2011-02-13 18:11:22 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Floodlight Games
[2008-12-25 18:52:36 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\FloodLightGames
[2010-01-17 17:09:57 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\FUJIFILM
[2013-01-03 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Funmoods
[2010-12-23 17:59:54 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\GARMIN
[2009-05-17 19:00:05 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\InterVideo
[2012-10-31 13:23:43 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\MusicNet
[2013-05-05 20:34:18 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\OfferBox
[2010-07-19 18:37:22 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\SecretIslandFranc
[2010-11-24 13:26:39 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Template
[2010-05-29 20:21:09 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\widestream
[2011-08-17 18:00:33 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Windows Live Writer
[2013-12-30 16:51:03 | 000,000,000 | ---D | M] -- X:\Users\Default\AppData\Roaming\Opera
[2013-12-25 08:05:01 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000Core.job
[2013-12-28 20:06:03 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000UA.job
[2013-12-30 16:32:11 | 000,032,468 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013-12-30 16:25:08 | 000,001,066 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
[2013-12-29 18:58:52 | 000,001,070 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2006-11-02 10:46:03 | 000,011,776 | --
Re
Dans OTLPE
* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX
:OTL
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 8597 = c:\progra~2\msvuxwoux.exe ()
:files
O20 - AppInit_DLLs: (browse~1\261125~1.80\{c16c1~1\browse~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\progra~1\google\google~1\goec62~1.dll (Google)
tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse
@+
Dans OTLPE
* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX
:OTL
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 8597 = c:\progra~2\msvuxwoux.exe ()
:files
O20 - AppInit_DLLs: (browse~1\261125~1.80\{c16c1~1\browse~1.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\progra~1\google\google~1\goec62~1.dll (Google)
tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse
@+
RAPPORT RUN FIX
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\8597 deleted successfully.
c:\ProgramData\msvuxwoux.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:browse~1\261125~1.80\{c16c1~1\browse~1.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\google\google~1\goec62~1.dll deleted successfully.
c:\progra~1\google\google~1\goec62~1.dll moved successfully.
OTLPE by OldTimer - Version 3.1.29.0 log created on 12302013_215758
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\8597 deleted successfully.
c:\ProgramData\msvuxwoux.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:browse~1\261125~1.80\{c16c1~1\browse~1.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\google\google~1\goec62~1.dll deleted successfully.
c:\progra~1\google\google~1\goec62~1.dll moved successfully.
OTLPE by OldTimer - Version 3.1.29.0 log created on 12302013_215758
Re
On passe à autre chose.
Passe à ceci.
https://free.drweb.com/aid_admin/
C'est un autre CDLive mais de désinfection.
@+
On passe à autre chose.
Passe à ceci.
https://free.drweb.com/aid_admin/
C'est un autre CDLive mais de désinfection.
@+
Re
Une question?
Il s'agit bien d'un PC portable?
Il n'y aurait pas une partition de sauvegarde ou ne disposerait elle pas d'un CD ou DVD pour restaurer
@+
Une question?
Il s'agit bien d'un PC portable?
Il n'y aurait pas une partition de sauvegarde ou ne disposerait elle pas d'un CD ou DVD pour restaurer
@+
Salut jacques ;-))
Je viens de relire le premier post...
@ davidjp33
Tu sauvegarde les données importantes à l'aide du CD Malekal.
Et ensuite tu procèdes à une restauration usine comme mentionné par jacques-gache
https://www.commentcamarche.net/faq/8775-restaurer-un-ordinateur-acer-a-son-etat-d-usine#sans-cd-de-restauration-erecovery-mot-de-passe-touches-alt-f10-ou-f10
@+
Je viens de relire le premier post...
@ davidjp33
Tu sauvegarde les données importantes à l'aide du CD Malekal.
Et ensuite tu procèdes à une restauration usine comme mentionné par jacques-gache
https://www.commentcamarche.net/faq/8775-restaurer-un-ordinateur-acer-a-son-etat-d-usine#sans-cd-de-restauration-erecovery-mot-de-passe-touches-alt-f10-ou-f10
@+
OK
toutes mes excuses, je me suis un peu endormi sur l'ordi.Je vais effectuer toutes vos dernières recommandations dès vendredi (je pars faire la nouvelle année à l'extérieure) .
Dans l'attente , je vous souhaite de passer de trés bonnes fêtes de fin d'année et je vous remercie encore pour votre sélérité.
Merci et à vendredi.
toutes mes excuses, je me suis un peu endormi sur l'ordi.Je vais effectuer toutes vos dernières recommandations dès vendredi (je pars faire la nouvelle année à l'extérieure) .
Dans l'attente , je vous souhaite de passer de trés bonnes fêtes de fin d'année et je vous remercie encore pour votre sélérité.
Merci et à vendredi.
Bonjour
Je vous souhaite une trés bonne année 2014.
Je reviens comme prévu pour vous informer que j'ai suivi vos derniers conseils à la lettre et que tout est revenu en ordre. J'ai récuperé tous les documents que j'ai reinstallé aprés le redémarrage en mode usine.
Je vous remercie encore pour votre sélérité.
Amicalement
Je vous souhaite une trés bonne année 2014.
Je reviens comme prévu pour vous informer que j'ai suivi vos derniers conseils à la lettre et que tout est revenu en ordre. J'ai récuperé tous les documents que j'ai reinstallé aprés le redémarrage en mode usine.
Je vous remercie encore pour votre sélérité.
Amicalement
merçi pour tout le mal que tu t'es donné.
Si un jour tu as besoin d'un coup de main dans ma partie (froid et climatisation),