Hadopi et Vista - Page 2

Résolu
Précédent
  • 1
  • 2
  1. Utilisateur anonyme
     
    Re

    Les réponses sont revenues
    A toi d'agir

    @+
    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      Négatif,

      merçi pour tout le mal que tu t'es donné.
      Si un jour tu as besoin d'un coup de main dans ma partie (froid et climatisation),
      0
    2. Utilisateur anonyme
       
      Supprime cette adresse électronique;merci
      0
  2. Utilisateur anonyme
     
    Re

    Quel est le problème exactement.
    Tu ne peux pas graver ce CD?

    @+
    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      je ne trouve pas le programme
      0
    2. davidjp33 Messages postés 40 Statut Membre
       
      ni le mode opératoire
      0
  3. Utilisateur anonyme
     
    Re

    Sur cette page:https://www.malekal.com/malekal-live-cd-reparer-depanner-pc-windows/

    Rubrique Installation >>>le lien de téléchargement :CD Live Malekal

    @+
    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      ok, je n'avais pas compris ça.

      A plus
      0
    2. Utilisateur anonyme
       
      Après il faut graver cette image
      0
    3. davidjp33 Messages postés 40 Statut Membre
       
      ok

      je t informe dés que c'est fait
      0
    4. davidjp33 Messages postés 40 Statut Membre
       
      procédure effectuées:

      -gravure OK
      -démarrage pc infecté sur cd OK
      -lancement roguekiller OK
      -demande de mise à jour : (j'ai connecté internet en filaire entre temps)
      *chargement programme OK
      * installation EN COUR
      0
    5. Utilisateur anonyme
       
      Ok

      Dès que possible un rapport Roguekiller en mode scan
      0
  4. Utilisateur anonyme
     
    Re

    Tu essaies avec la version embarquée sur le CD

    @+
    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      ok, je redémarre sur cd, mais version existante marqué périmée.
      en attendant voici les rapports

      RogueKiller V8.8.0 [Dec 27 2013] par Tigzy
      mail : tigzyRK<at>gmail<dot>com
      Remontees : http://www.adlice.com/forum/
      Site Web : https://www.luanagames.com/index.fr.html
      Blog : https://www.adlice.com/

      Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
      Demarrage : Mode normal
      Utilisateur : Système [Droits d'admin]
      Mode : Recherche [Annulé] -- Date : 12/30/2013 15:30:40
      | ARK || FAK || MBR |

      ¤¤¤ Processus malicieux : 0 ¤¤¤

      ¤¤¤ Entrees de registre : 13 ¤¤¤
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> TROUVÉ
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> TROUVÉ
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> TROUVÉ
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> TROUVÉ
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> TROUVÉ
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> TROUVÉ
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowVideos (0) -> TROUVÉ
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> TROUVÉ
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> TROUVÉ
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> TROUVÉ
      [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
      [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
      [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ

      ¤¤¤ Tâches planifiées : 0 ¤¤¤

      ¤¤¤ Entrées Startup : 0 ¤¤¤

      ¤¤¤ Navigateurs web : 0 ¤¤¤

      ¤¤¤ Addons navigateur : 0 ¤¤¤

      ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

      ¤¤¤ Driver : [NON CHARGE 0xc0000033] ¤¤¤

      ¤¤¤ Ruches Externes: ¤¤¤

      ¤¤¤ Infection : ¤¤¤

      ¤¤¤ Fichier HOSTS: ¤¤¤
      --> %SystemRoot%\System32\drivers\etc\hosts




      ¤¤¤ MBR Verif: ¤¤¤

      Termine : << RKreport[0]_S_12302013_153040.txt >>





      RogueKiller V8.8.0 [Dec 27 2013] par Tigzy
      mail : tigzyRK<at>gmail<dot>com
      Remontees : http://www.adlice.com/forum/
      Site Web : https://www.luanagames.com/index.fr.html
      Blog : https://www.adlice.com/

      Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
      Demarrage : Mode normal
      Utilisateur : Système [Droits d'admin]
      Mode : Suppression [Annulé] -- Date : 12/30/2013 15:31:02
      | ARK || FAK || MBR |

      ¤¤¤ Processus malicieux : 0 ¤¤¤

      ¤¤¤ Entrees de registre : 13 ¤¤¤
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REMPLACÉ (1)
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> REMPLACÉ (1)
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REMPLACÉ (1)
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REMPLACÉ (1)
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REMPLACÉ (1)
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> REMPLACÉ (1)
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowVideos (0) -> REMPLACÉ (1)
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REMPLACÉ (1)
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REMPLACÉ (1)
      [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REMPLACÉ (1)
      [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
      [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
      [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)

      ¤¤¤ Tâches planifiées : 0 ¤¤¤

      ¤¤¤ Entrées Startup : 0 ¤¤¤

      ¤¤¤ Navigateurs web : 0 ¤¤¤

      ¤¤¤ Addons navigateur : 0 ¤¤¤

      ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

      ¤¤¤ Driver : [NON CHARGE 0xc0000033] ¤¤¤

      ¤¤¤ Ruches Externes: ¤¤¤

      ¤¤¤ Infection : ¤¤¤

      ¤¤¤ Fichier HOSTS: ¤¤¤
      --> %SystemRoot%\System32\drivers\etc\hosts




      ¤¤¤ MBR Verif: ¤¤¤

      Termine : << RKreport[0]_D_12302013_153102.txt >>
      RKreport[0]_S_12302013_153040.txt
      0
    2. davidjp33 Messages postés 40 Statut Membre
       
      rapport avec Roguekiller de base:

      RogueKiller V8.6.2 [Jul 5 2013] par Tigzy
      mail : tigzyRK<at>gmail<dot>com
      Remontees : http://www.adlice.com/forum/
      Site Web : https://www.luanagames.com/index.fr.html
      Blog : http://tigzyrk.blogspot.com/

      Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
      Demarrage : Mode normal
      Utilisateur : Système [Droits d'admin]
      Mode : Recherche -- Date : 12/30/2013 15:46:41
      | ARK || FAK || MBR |

      ¤¤¤ Processus malicieux : 0 ¤¤¤

      ¤¤¤ Entrees de registre : 13 ¤¤¤
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> TROUVÉ
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> TROUVÉ
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> TROUVÉ
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> TROUVÉ
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> TROUVÉ
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> TROUVÉ
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowVideos (0) -> TROUVÉ
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> TROUVÉ
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> TROUVÉ
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> TROUVÉ
      [HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
      [HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
      [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ

      ¤¤¤ Tâches planifiées : 0 ¤¤¤

      ¤¤¤ Entrées Startup : 0 ¤¤¤

      ¤¤¤ Navigateurs web : 0 ¤¤¤

      ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

      ¤¤¤ Driver : [CHARGE] ¤¤¤

      ¤¤¤ Ruches Externes: ¤¤¤
      -> C:\windows\system32\config\SYSTEM
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\windows\system32\config\SOFTWARE
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\windows\system32\config\SECURITY
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\windows\system32\config\SAM
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\windows\system32\config\DEFAULT
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\Users\Default\NTUSER.DAT
      C:\Windows\system32

      -> C:\Users\Default User\NTUSER.DAT
      C:\Windows\system32

      -> C:\Users\ELSA\NTUSER.DAT
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\Documents and Settings\Default\NTUSER.DAT
      C:\Windows\system32

      -> C:\Documents and Settings\Default User\NTUSER.DAT
      C:\Windows\system32

      -> C:\Documents and Settings\ELSA\NTUSER.DAT
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> E:\windows\system32\config\SYSTEM
      x:\Windows\system32

      -> E:\windows\system32\config\SOFTWARE
      x:\Windows\system32

      -> E:\windows\system32\config\SECURITY
      x:\Windows\system32

      -> E:\windows\system32\config\SAM
      x:\Windows\system32

      -> E:\windows\system32\config\DEFAULT
      x:\Windows\system32

      -> E:\Users\Default\NTUSER.DAT
      x:\Windows\system32


      ¤¤¤ Infection : ¤¤¤

      ¤¤¤ Fichier HOSTS: ¤¤¤
      --> %SystemRoot%\System32\drivers\etc\hosts




      ¤¤¤ MBR Verif: ¤¤¤

      +++++ PhysicalDrive0: +++++
      --- User ---
      [MBR] 824c05c35cc169899a56bd1f84c5cf00
      [BSP] 73b839e74895c7d433ce9d3c3e12f35f : Acer MBR Code
      Partition table:
      0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
      1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 71192 Mo
      2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166774784 | Size: 71193 Mo
      User = LL1 ... OK!
      User = LL2 ... OK!

      Termine : << RKreport[0]_S_12302013_154641.txt >>


      RogueKiller V8.6.2 [Jul 5 2013] par Tigzy
      mail : tigzyRK<at>gmail<dot>com
      Remontees : http://www.adlice.com/forum/
      Site Web : https://www.luanagames.com/index.fr.html
      Blog : http://tigzyrk.blogspot.com/

      Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
      Demarrage : Mode normal
      Utilisateur : Système [Droits d'admin]
      Mode : Suppression -- Date : 12/30/2013 15:47:50
      | ARK || FAK || MBR |

      ¤¤¤ Processus malicieux : 0 ¤¤¤

      ¤¤¤ Entrees de registre : 13 ¤¤¤
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REMPLACÉ (1)
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> REMPLACÉ (1)
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REMPLACÉ (1)
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REMPLACÉ (1)
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REMPLACÉ (1)
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> REMPLACÉ (1)
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowVideos (0) -> REMPLACÉ (1)
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REMPLACÉ (1)
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REMPLACÉ (1)
      [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REMPLACÉ (1)
      [HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
      [HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
      [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)

      ¤¤¤ Tâches planifiées : 0 ¤¤¤

      ¤¤¤ Entrées Startup : 0 ¤¤¤

      ¤¤¤ Navigateurs web : 0 ¤¤¤

      ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

      ¤¤¤ Driver : [CHARGE] ¤¤¤

      ¤¤¤ Ruches Externes: ¤¤¤
      -> C:\windows\system32\config\SYSTEM
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\windows\system32\config\SOFTWARE
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\windows\system32\config\SECURITY
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\windows\system32\config\SAM
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\windows\system32\config\DEFAULT
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\Users\Default\NTUSER.DAT
      C:\Windows\system32

      -> C:\Users\Default User\NTUSER.DAT
      C:\Windows\system32

      -> C:\Users\ELSA\NTUSER.DAT
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> C:\Documents and Settings\Default\NTUSER.DAT
      C:\Windows\system32

      -> C:\Documents and Settings\Default User\NTUSER.DAT
      C:\Windows\system32

      -> C:\Documents and Settings\ELSA\NTUSER.DAT
      C:\Windows\system32
      C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      -> E:\windows\system32\config\SYSTEM
      x:\Windows\system32

      -> E:\windows\system32\config\SOFTWARE
      x:\Windows\system32

      -> E:\windows\system32\config\SECURITY
      x:\Windows\system32

      -> E:\windows\system32\config\SAM
      x:\Windows\system32

      -> E:\windows\system32\config\DEFAULT
      x:\Windows\system32

      -> E:\Users\Default\NTUSER.DAT
      x:\Windows\system32


      ¤¤¤ Infection : ¤¤¤

      ¤¤¤ Fichier HOSTS: ¤¤¤
      --> %SystemRoot%\System32\drivers\etc\hosts




      ¤¤¤ MBR Verif: ¤¤¤

      +++++ PhysicalDrive0: +++++
      --- User ---
      [MBR] 824c05c35cc169899a56bd1f84c5cf00
      [BSP] 73b839e74895c7d433ce9d3c3e12f35f : Acer MBR Code
      Partition table:
      0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
      1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 71192 Mo
      2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166774784 | Size: 71193 Mo
      User = LL1 ... OK!
      User = LL2 ... OK!

      Termine : << RKreport[0]_D_12302013_154750.txt >>
      RKreport[0]_S_12302013_154641.txt
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Re

    Télécharge Malwaresbytes anti malware ici
    https://www.malwarebytes.com/

    * Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

    * Potasse le tuto pour te familiariser avec le prg :

    https://forum.pcastuces.com/sujet.asp?f=31&s=3

    (cela dis, il est très simple d'utilisation).

    relance Malwaresbytes en suivant scrupuleusement ces consignes :

    ! Déconnecte toi et ferme toutes applications en cours !

    * Lance Malwarebyte's. Sous Vista ;Seven ou Windows 8 (clic droit de la souris « exécuter en tant que administrateur »)

    *Procèdes à une mise à jour

    *Fais un examen dit "Rapide"

    --> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
    --> à la fin tu cliques sur "Afficher les résultats" " .
    --> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .

    Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

    Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)

    @+

    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      ok
      0
    2. davidjp33 Messages postés 40 Statut Membre
       
      voici le rapport:
      Malwarebytes Anti-Malware 1.75.0.1300
      www.malwarebytes.org

      Version de la base de données: v2013.12.30.05

      Windows 7 Service Pack 1 x86 NTFS
      Internet Explorer 8.0.7100.0
      Système :: MININT-PEHY93 [administrateur]

      2013-12-30 16:05:06
      mbam-log-2013-12-30 (16-05-06).txt

      Type d'examen: Examen rapide
      Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
      Options d'examen désactivées: P2P
      Elément(s) analysé(s): 145358
      Temps écoulé: 1 minute(s), 39 seconde(s)

      Processus mémoire détecté(s): 0
      (Aucun élément nuisible détecté)

      Module(s) mémoire détecté(s): 0
      (Aucun élément nuisible détecté)

      Clé(s) du Registre détectée(s): 0
      (Aucun élément nuisible détecté)

      Valeur(s) du Registre détectée(s): 0
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre détecté(s): 2
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSMHelp (PUM.Hijack.Help) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoFind (PUM.Hijack.Find) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès

      Dossier(s) détecté(s): 0
      (Aucun élément nuisible détecté)

      Fichier(s) détecté(s): 0
      (Aucun élément nuisible détecté)

      (fin)
      0
  7. Utilisateur anonyme
     
    Re

    Redémarre ton PC normalement

    Cela devrait fonctionner

    @+
    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      Désolé, toujours hadopi et mode sans echec impossible
      0
  8. Utilisateur anonyme
     
    Re

    Tu reprends avec le CD live Malekal.

    Et ensuite tu lances OTLPE

    Tu me postes son rapport .merci

    @+

    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      erreur de processus cible affiché

      quelle cible choisir?
      0
    2. davidjp33 Messages postés 40 Statut Membre
       
      OS
      DATA
      PQ SERVICE?
      0
    3. Utilisateur anonyme
       
      OS
      0
    4. davidjp33 Messages postés 40 Statut Membre
       
      Message:Erreur de runscanner
      0
  9. Utilisateur anonyme
     
    Re

    * Double-clique sur l'icone OTLPE
    * Une fenêtre s'ouvre: « Choose Windows Directory »

    Tu choisis le lecteur qui embarque Windows (C par défaut) et ensuite tu pointes vers ce fichier Windows.
    Une autre fenêtre mentionne :"Do you wish to loadremote user profile(s) for scanning ?"
    Tu cliques sur Oui
    Tu choisis ensuite ta session (logiquement la première ligne de cette fenêtre)
    La ligne en bas du tableau est cochée (sinon le faire)

    Cliquer sur Ok

    Tu cliques sur OK

    Ensuite
    * sous custom scans /fixes
    1) copie_colle le contenu du cadre ci dessous:

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    cdrom.sys
    disk.sys
    ndis.sys
    mountmgr.sys
    aec.sys
    rasacd.sys
    mrxsmb10.sys
    mrxsmb20.sys
    termdd.sys
    mrxsmb.sys
    win32k.sys
    storport.sys
    IdeChnDr.sys
    viasraid.sys
    explorer.exe
    winlogon.exe
    wininit.exe
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    CREATERESTOREPOINT


    * copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.

    * 2) Clic Run Scan pour démarrer le scan.
    * Une fois terminé , le fichier se trouve là C:\OTL.txt
    * Copie_colle le contenu dans ta prochaine réponse.

    @+

    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      je n'ai pas tout ça.
      si j'ouvre OTLPE j'ai une fenetre RECHERCE DE DOSSIER
      en sous titre erreur de processus cible

      Dans les arborescence je me met sur windows mais aucune fenetre ( do you wich...) ne s'affiche
      0
    2. davidjp33 Messages postés 40 Statut Membre
       
      Par contre en cliquer droit sur windows je peux ouvrir des lignes de commande
      0
  10. Utilisateur anonyme
     
    Re

    Et ce mode opératoire ici :
    https://www.malekal.com/malekal-live-cd-reparer-depanner-pc-windows/
    Rubrique OTL / OTLPE

    ne fonctionne pas?

    @+
    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      si.....en cour de scan
      0
    2. davidjp33 Messages postés 40 Statut Membre
       
      voici enfin le rapport scan OTL



      OTL logfile created on: 2013-12-30 17:25:42 - Run
      OTLPE by OldTimer - Version 3.1.29.0 Folder = Y:\Programs\OTLPE
      Windows Vista (TM) Home Basic Service Pack 1 (Version = 6.0.6001) - Type = System
      Internet Explorer (Version = 7.0.6001.18000)
      Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

      3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 78,00% Memory free
      3,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]

      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
      Drive C: | 69,52 Gb Total Space | 18,76 Gb Free Space | 26,98% Space Free | Partition Type: NTFS
      Drive D: | 69,52 Gb Total Space | 63,85 Gb Free Space | 91,84% Space Free | Partition Type: NTFS
      Drive E: | 10,00 Gb Total Space | 2,81 Gb Free Space | 28,12% Space Free | Partition Type: NTFS
      Drive F: | 951,98 Mb Total Space | 951,97 Mb Free Space | 100,00% Space Free | Partition Type: FAT32
      G: Drive not present or media not loaded
      H: Drive not present or media not loaded
      I: Drive not present or media not loaded
      Drive X: | 230,62 Mb Total Space | 228,19 Mb Free Space | 98,95% Space Free | Partition Type: NTFS
      Drive Y: | 548,00 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

      Computer Name: MININT-PEUU73
      Current User Name: Système
      Logged in as Administrator.

      Current Boot Mode: Normal
      Scan Mode: All users
      Company Name Whitelist: Off
      Skip Microsoft Files: Off
      File Age = 30 Days
      Output = Standard
      Using ControlSet: ControlSet002

      [color=#E56717]========== Win32 Services (SafeList) ==========[/color]

      SRV - [2013-12-26 10:33:34 | 000,225,280 | ---- | M] (http://tortoisesvn.net) [Auto] -- C:\Windows\System32\t73jfbd.jss -- (Winmgmt)
      SRV - [2013-09-05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
      SRV - [2013-01-03 17:53:55 | 000,139,576 | ---- | M] (Boxore OU.) [Auto] -- C:\Program Files\Software\Update\SoftwareUpdate.exe -- (supdate) Service Software Update (supdate)
      SRV - [2012-08-24 01:21:20 | 000,194,032 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
      SRV - [2011-07-20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
      SRV - [2010-11-20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand] -- winhttp.dll -- (WinHttpAutoProxySvc)
      SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
      SRV - [2010-01-29 18:58:37 | 000,135,664 | ---- | M] (Google Inc.) [On_Demand] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem) Service Google Update (gupdatem)
      SRV - [2010-01-29 18:58:37 | 000,135,664 | ---- | M] (Google Inc.) [Auto] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Service Google Update (gupdate)
      SRV - [2009-11-25 13:39:21 | 000,030,192 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
      SRV - [2009-08-05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
      SRV - [2009-03-26 14:31:20 | 000,132,424 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
      SRV - [2008-12-12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
      SRV - [2008-08-20 03:12:00 | 000,196,608 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
      SRV - [2008-06-11 10:18:30 | 000,024,576 | ---- | M] () [Auto] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
      SRV - [2008-04-06 21:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) [Auto] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
      SRV - [2008-04-04 02:03:14 | 000,131,072 | ---- | M] () [Auto] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
      SRV - [2008-03-03 12:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
      SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
      SRV - [2007-01-17 10:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
      SRV - [2007-01-04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
      SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


      [color=#E56717]========== Driver Services (SafeList) ==========[/color]

      DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
      DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
      DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
      DRV - File not found [Kernel | On_Demand] -- -- (DKbFltr)
      DRV - [2009-08-05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
      DRV - [2009-03-19 15:32:48 | 000,023,400 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
      DRV - [2008-08-20 03:12:00 | 007,546,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
      DRV - [2008-08-06 10:11:06 | 002,164,248 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
      DRV - [2008-07-22 03:21:08 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
      DRV - [2008-07-21 09:12:22 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
      DRV - [2008-06-25 09:39:42 | 000,212,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
      DRV - [2008-06-11 10:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\int15.sys -- (int15)
      DRV - [2008-06-02 09:59:00 | 000,912,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr)
      DRV - [2008-02-13 02:45:00 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
      DRV - [2008-01-30 10:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
      DRV - [2008-01-30 10:51:50 | 000,013,824 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)
      DRV - [2008-01-23 12:18:28 | 001,187,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
      DRV - [2008-01-21 03:33:43 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
      DRV - [2008-01-21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
      DRV - [2008-01-21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
      DRV - [2008-01-21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
      DRV - [2008-01-21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
      DRV - [2008-01-21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
      DRV - [2008-01-21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
      DRV - [2008-01-21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
      DRV - [2008-01-21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
      DRV - [2008-01-21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
      DRV - [2008-01-21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
      DRV - [2008-01-21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
      DRV - [2008-01-21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
      DRV - [2008-01-21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
      DRV - [2008-01-21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
      DRV - [2008-01-21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
      DRV - [2008-01-21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\arc.sys -- (arc)
      DRV - [2008-01-21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
      DRV - [2008-01-21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
      DRV - [2008-01-21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
      DRV - [2008-01-21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
      DRV - [2008-01-21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
      DRV - [2008-01-21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
      DRV - [2008-01-21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
      DRV - [2008-01-21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
      DRV - [2008-01-21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
      DRV - [2007-04-17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto] -- C:\Windows\System32\drivers\regi.sys -- (regi)
      DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
      DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
      DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
      DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
      DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
      DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
      DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
      DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
      DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
      DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
      DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
      DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
      DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
      DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
      DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
      DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
      DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
      DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
      DRV - [2006-11-02 08:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
      DRV - [2006-11-02 07:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)


      [color=#E56717]========== Standard Registry (SafeList) ==========[/color]


      [color=#E56717]========== Internet Explorer ==========[/color]

      IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
      IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=aed&ir=aed&cd=2XzuyEtN2Y1L1QzutDtDtBtAyE0DyByDtCzz0F0FtBtCzyyDtN0D0Tzu0CtAyCzytN1L2XzutBtFtBtFtCtFyEtDyB&cr=1602959007


      IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

      IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?affID=119894&babsrc=HP_ss&mntrId=F81400234D7518FF
      IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer-group.com/selection.html?b=ACEW&l=040c&s=2&o=vb32&d=1008&m=emg620
      IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
      IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
      IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?pc=UP97&ocid=UP97DHP
      IE - HKU\ELSA_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
      IE - HKU\ELSA_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
      IE - HKU\ELSA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKU\ELSA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.offerbox.com







      FF - HKLM\software\mozilla\Firefox\Extensions\\widestream6@spointer.com: C:\Program Files\Widestream6\spointer\extensions\widestream6@spointer.com [2011-02-25 17:22:21 | 000,000,000 | ---D | M]

      [2013-04-06 06:13:12 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

      O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
      O1 - Hosts: 127.0.0.1 localhost
      O1 - Hosts: ::1 localhost
      O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
      O2 - BHO: (Interest recogniser for Widestream6 (powered by Spointer)) - {1a6dc111-b030-4c3e-be65-299284128b91} - C:\Program Files\Widestream6\spointer\extensions\widestream6_air_ie.dll (Widestream6)
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
      O2 - BHO: (Search-Results Toolbar) - {6e47d688-85ec-465a-9946-ec58220f14fc} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
      O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll (Google Inc.)
      O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
      O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL File not found
      O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
      O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
      O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
      O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
      O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
      O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {6e47d688-85ec-465a-9946-ec58220f14fc} - C:\PROGRA~1\BEARSH~1\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
      O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
      O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
      O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKU\ELSA_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O3 - HKU\ELSA_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
      O3 - HKU\ELSA_ON_C\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
      O4 - HKLM..\Run: [Boxore Client] C:\Program Files\Boxore\BoxoreClient\boxore.exe (Boxore OU)
      O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
      O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
      O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE File not found
      O4 - HKLM..\Run: [eRecoveryService] File not found
      O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
      O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
      O4 - HKU\ELSA_ON_C..\Run: [Facebook Update] C:\Users\ELSA\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
      O4 - HKU\ELSA_ON_C..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe (Somoto)
      O4 - HKU\ELSA_ON_C..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
      O4 - HKU\ELSA_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
      O4 - HKU\ELSA_ON_C..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
      O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
      O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 8597 = c:\progra~2\msvuxwoux.exe ()
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
      O7 - HKU\ELSA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
      O7 - HKU\ELSA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
      O7 - HKU\ELSA_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
      O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
      O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1
      O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecycleFiles = 0
      O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 5.01\MediaManager\grab.html ()
      O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
      O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
      O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
      O13 - gopher Prefix: missing
      O15 - HKU\ELSA_ON_C\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
      O15 - HKU\ELSA_ON_C\..Trusted Ranges: 1 range(s) not assigned to a zone.
      O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
      O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
      O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
      O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
      O20 - AppInit_DLLs: (browse~1\261125~1.80\{c16c1~1\browse~1.dll) - File not found
      O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\progra~1\google\google~1\goec62~1.dll (Google)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O24 - Desktop WallPaper: X:\Users\Default\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.jpg
      O24 - Desktop BackupWallPaper: X:\Users\Default\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.jpg
      O32 - HKLM CDRom: AutoRun - 1
      O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
      O33 - MountPoints2\{61050a1f-b616-11e2-8f20-001e68f79001}\Shell - "" = AutoRun
      O33 - MountPoints2\{61050a1f-b616-11e2-8f20-001e68f79001}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
      O33 - MountPoints2\{7fc8ac93-9510-11dd-9c1a-806e6f6e6963}\Shell - "" = AutoRun
      O33 - MountPoints2\{7fc8ac93-9510-11dd-9c1a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
      O33 - MountPoints2\{96dd450c-e873-11e1-a814-001e68f79001}\Shell - "" = AutoRun
      O33 - MountPoints2\{96dd450c-e873-11e1-a814-001e68f79001}\Shell\AutoRun\command - "" = F:\iLinker.exe -- File not found
      O34 - HKLM BootExecute: (autocheck autochk *) - File not found
      O35 - comfile [open] -- "%1" %*
      O35 - exefile [open] -- "%1" %*

      NetSvcs: FastUserSwitchingCompatibility - File not found
      NetSvcs: Ias - C:\Windows\System32\ias [2008-01-21 03:46:39 | 000,000,000 | ---D | M]
      NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
      NetSvcs: Nla - File not found
      NetSvcs: Ntmssvc - File not found
      NetSvcs: NWCWorkstation - File not found
      NetSvcs: Nwsapagent - File not found
      NetSvcs: SRService - File not found
      NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
      NetSvcs: WmdmPmSp - File not found
      NetSvcs: LogonHours - File not found
      NetSvcs: PCAudit - File not found
      NetSvcs: helpsvc - File not found
      NetSvcs: uploadmgr - File not found
      NetSvcs: winmgmt - C:\Windows\System32\t73jfbd.jss (http://tortoisesvn.net)

      MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan.lnk - C:\PROGRA~1\MCAFEE~1\10BCA1~1.150\SSSCHE~1.EXE - (McAfee, Inc.)
      MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
      MsConfig - StartUpReg: [b]BkupTray[/b] - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
      MsConfig - StartUpReg: [b]Google Desktop Search[/b] - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
      MsConfig - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe File not found
      MsConfig - StartUpReg: [b]LManager[/b] - hkey= - key= - C:\PROGRA~1\LAUNCH~1\QtZyEmachine.EXE File not found
      MsConfig - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
      MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found
      MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
      MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe File not found
      MsConfig - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
      MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
      MsConfig - StartUpReg: [b]SynTPEnh[/b] - hkey= - key= - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
      MsConfig - StartUpReg: [b]WarReg_PopUp[/b] - hkey= - key= - C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe (eMachines)
      MsConfig - StartUpReg: [b]Windows Defender[/b] - hkey= - key= - File not found
      MsConfig - State: "startup" - 1

      SafeBootMin: AppMgmt - Service
      SafeBootMin: Base - Driver Group
      SafeBootMin: Boot Bus Extender - Driver Group
      SafeBootMin: Boot file system - Driver Group
      SafeBootMin: File system - Driver Group
      SafeBootMin: Filter - Driver Group
      SafeBootMin: HelpSvc - Service
      SafeBootMin: NTDS - File not found
      SafeBootMin: PCI Configuration - Driver Group
      SafeBootMin: PNP Filter - Driver Group
      SafeBootMin: Primary disk - Driver Group
      SafeBootMin: sacsvr - Service
      SafeBootMin: SCSI Class - Driver Group
      SafeBootMin: System Bus Extender - Driver Group
      SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
      SafeBootMin: WinMgmt - C:\Windows\System32\t73jfbd.jss (http://tortoisesvn.net)
      SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
      SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
      SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
      SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
      SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
      SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
      SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
      SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
      SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
      SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
      SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
      SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
      SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
      SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
      SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
      SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
      SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

      SafeBootNet: AppMgmt - Service
      SafeBootNet: Base - Driver Group
      SafeBootNet: Boot Bus Extender - Driver Group
      SafeBootNet: Boot file system - Driver Group
      SafeBootNet: File system - Driver Group
      SafeBootNet: Filter - Driver Group
      SafeBootNet: HelpSvc - Service
      SafeBootNet: Messenger - Service
      SafeBootNet: NDIS Wrapper - Driver Group
      SafeBootNet: NetBIOSGroup - Driver Group
      SafeBootNet: NetDDEGroup - Driver Group
      SafeBootNet: Network - Driver Group
      SafeBootNet: NetworkProvider - Driver Group
      SafeBootNet: NTDS - File not found
      SafeBootNet: PCI Configuration - Driver Group
      SafeBootNet: PNP Filter - Driver Group
      SafeBootNet: PNP_TDI - Driver Group
      SafeBootNet: Primary disk - Driver Group
      SafeBootNet: rdsessmgr - Service
      SafeBootNet: sacsvr - Service
      SafeBootNet: SCSI Class - Driver Group
      SafeBootNet: Streams Drivers - Driver Group
      SafeBootNet: System Bus Extender - Driver Group
      SafeBootNet: TDI - Driver Group
      SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
      SafeBootNet: WinMgmt - C:\Windows\System32\t73jfbd.jss (http://tortoisesvn.net)
      SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
      SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
      SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
      SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
      SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
      SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
      SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
      SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
      SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
      SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
      SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
      SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
      SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
      SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
      SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
      SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
      SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
      SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
      SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
      SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
      SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
      SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

      ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
      ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
      ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
      ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
      ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
      ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
      ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
      ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
      ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
      ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
      ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
      ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
      ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
      ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
      ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
      ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
      ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
      ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
      ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
      ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
      ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
      ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
      ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
      ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
      ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
      ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
      ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
      ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
      ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
      ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

      Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
      Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
      Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
      Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
      Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
      Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
      Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
      Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)

      [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

      [2013-12-30 16:56:24 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Malwarebytes
      [2013-12-30 16:55:51 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Local\Programs
      [2013-12-30 16:53:06 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- X:\Users\Default\Desktop\mbam-setup-1.75.0.1300.exe
      [2013-12-30 16:51:51 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Macromedia
      [2013-12-30 16:51:49 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Adobe
      [2013-12-30 16:51:04 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Local\Opera
      [2013-12-30 16:51:03 | 000,000,000 | ---D | C] -- X:\Users\Default\AppData\Roaming\Opera
      [2013-12-29 22:11:03 | 000,000,000 | ---D | C] -- C:\Users\ELSA\Desktop\RK_Quarantine
      [2013-12-29 15:10:43 | 000,000,000 | ---D | C] -- C:\_OTL
      [2013-12-28 20:05:39 | 000,309,248 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\jqlwbfwj.jss
      [2013-12-27 16:49:47 | 000,217,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lfflfdob.jss
      [2013-12-27 16:09:02 | 000,217,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nbjz8jz1e.jss
      [2013-12-27 12:31:32 | 000,319,488 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\hz8nb7ot7.jss
      [2013-12-26 15:15:21 | 000,000,000 | ---D | C] -- C:\Program Files\GUM4153.tmp
      [2013-12-26 15:10:01 | 000,232,960 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\3nbiqgi.jss
      [2013-12-26 15:04:06 | 000,232,960 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\flvaaow.jss
      [2013-12-26 10:33:27 | 000,225,280 | ---- | C] (http://tortoisesvn.net) -- C:\Windows\System32\t73jfbd.jss
      [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

      [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

      [2013-12-30 16:53:31 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- X:\Users\Default\Desktop\mbam-setup-1.75.0.1300.exe
      [2013-12-30 16:37:28 | 000,001,663 | ---- | M] () -- X:\Users\Default\Desktop\PENetwork.lnk
      [2013-12-30 16:37:28 | 000,001,560 | ---- | M] () -- X:\Users\Default\Desktop\Command Prompt.lnk
      [2013-12-30 16:37:28 | 000,001,444 | ---- | M] () -- X:\Users\Default\Desktop\Explorer.lnk
      [2013-12-30 16:37:28 | 000,000,637 | ---- | M] () -- X:\Users\Default\Desktop\HD Tune v2.55.lnk
      [2013-12-30 16:37:27 | 000,000,891 | ---- | M] () -- X:\Users\Default\Desktop\OTLPE.lnk
      [2013-12-30 16:37:27 | 000,000,697 | ---- | M] () -- X:\Users\Default\Desktop\RogueKiller.lnk
      [2013-12-30 16:37:27 | 000,000,625 | ---- | M] () -- X:\Users\Default\Desktop\Opera12.lnk
      [2013-12-30 16:37:27 | 000,000,591 | ---- | M] () -- X:\Users\Default\Desktop\FRST.lnk
      [2013-12-30 16:32:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013-12-30 16:32:10 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
      [2013-12-30 16:31:53 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
      [2013-12-30 16:31:39 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013-12-30 16:31:35 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
      [2013-12-30 16:31:34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
      [2013-12-30 16:30:26 | 2951,036,928 | -HS- | M] () -- C:\hiberfil.sys
      [2013-12-30 16:28:02 | 002,707,517 | -H-- | M] () -- C:\Users\ELSA\AppData\Local\IconCache.db
      [2013-12-30 16:26:24 | 095,025,368 | ---- | M] () -- C:\Windows\System32\7to7bn8zh.fee
      [2013-12-30 16:26:14 | 095,025,368 | ---- | M] () -- C:\Windows\System32\woaavlf.fee
      [2013-12-30 16:26:05 | 095,025,368 | ---- | M] () -- C:\Windows\System32\igqibn3.fee
      [2013-12-30 16:25:51 | 095,025,368 | ---- | M] () -- C:\Windows\System32\jwfbwlqj.fee
      [2013-12-30 16:25:49 | 000,000,000 | ---- | M] () -- C:\Windows\System32\jwfbwlqj.odd
      [2013-12-30 16:25:42 | 095,025,368 | ---- | M] () -- C:\Windows\System32\e1zj8zjbn.fee
      [2013-12-30 16:25:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\e1zj8zjbn.odd
      [2013-12-30 16:25:38 | 000,000,000 | ---- | M] () -- C:\Windows\System32\7to7bn8zh.odd
      [2013-12-30 16:25:35 | 095,025,368 | ---- | M] () -- C:\Windows\System32\bodflffl.fee
      [2013-12-30 16:25:35 | 000,000,000 | ---- | M] () -- C:\Windows\System32\woaavlf.odd
      [2013-12-30 16:25:34 | 000,000,000 | ---- | M] () -- C:\Windows\System32\bodflffl.odd
      [2013-12-30 16:25:30 | 095,025,368 | ---- | M] () -- C:\Windows\System32\a9bbr8.fee
      [2013-12-30 16:25:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\igqibn3.odd
      [2013-12-30 16:25:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\a9bbr8.odd
      [2013-12-30 16:25:19 | 095,025,368 | ---- | M] () -- C:\Windows\System32\dbfj37t.fee
      [2013-12-30 16:25:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\dbfj37t.odd
      [2013-12-30 16:25:08 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
      [2013-12-30 13:05:24 | 000,000,844 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a9bbr8.lnk
      [2013-12-30 13:04:14 | 000,153,088 | ---- | M] () -- C:\Windows\System32\8rbb9a.jss
      [2013-12-29 22:13:06 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013-12-29 18:58:52 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
      [2013-12-29 12:40:18 | 000,058,368 | ---- | M] () -- C:\Windows\System32\umstartup.etl
      [2013-12-28 20:06:44 | 000,000,848 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jwfbwlqj.lnk
      [2013-12-28 20:06:03 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000UA.job
      [2013-12-28 20:05:39 | 000,309,248 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\jqlwbfwj.jss
      [2013-12-28 19:30:29 | 000,024,576 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
      [2013-12-27 16:50:50 | 000,000,848 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bodflffl.lnk
      [2013-12-27 16:49:47 | 000,217,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lfflfdob.jss
      [2013-12-27 16:09:24 | 000,000,850 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e1zj8zjbn.lnk
      [2013-12-27 16:09:02 | 000,217,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nbjz8jz1e.jss
      [2013-12-27 12:31:40 | 000,000,850 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7to7bn8zh.lnk
      [2013-12-27 12:31:32 | 000,319,488 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\hz8nb7ot7.jss
      [2013-12-26 15:10:30 | 000,000,846 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igqibn3.lnk
      [2013-12-26 15:10:01 | 000,232,960 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\3nbiqgi.jss
      [2013-12-26 15:04:48 | 000,000,327 | ---- | M] () -- C:\Windows\System32\dbfj37t.reg
      [2013-12-26 15:04:30 | 000,000,846 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\woaavlf.lnk
      [2013-12-26 15:04:10 | 000,232,960 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\flvaaow.jss
      [2013-12-26 15:00:11 | 000,000,556 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ELSA.job
      [2013-12-26 10:37:22 | 012,070,882 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
      [2013-12-26 10:37:22 | 004,236,200 | ---- | M] () -- C:\Windows\System32\perfh009.dat
      [2013-12-26 10:37:22 | 004,094,066 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
      [2013-12-26 10:37:22 | 003,610,312 | ---- | M] () -- C:\Windows\System32\perfc009.dat
      [2013-12-26 10:37:22 | 000,005,336 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
      [2013-12-26 10:34:03 | 000,000,846 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dbfj37t.lnk
      [2013-12-26 10:33:34 | 000,225,280 | ---- | M] (http://tortoisesvn.net) -- C:\Windows\System32\t73jfbd.jss
      [2013-12-25 08:05:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000Core.job
      [2013-12-24 10:17:58 | 000,000,850 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vrllcmqjw.lnk
      [2013-12-23 18:59:05 | 000,000,108 | ---- | M] () -- C:\Users\ELSA\Desktop\Confidentialité.url
      [2013-12-23 14:19:38 | 000,089,608 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\TfSNhA8ac.ijzp
      [2013-12-23 13:53:23 | 000,021,000 | ---- | M] () -- C:\Users\ELSA\AppData\Roaming\DvXCEGGR6uC.xbbk
      [2013-12-23 11:41:02 | 002,785,438 | ---- | M] () -- C:\Users\ELSA\Desktop\Indila feat. Black M - Dernière Danse (Remix).mp3
      [2013-12-13 03:57:46 | 006,459,384 | ---- | M] () -- C:\Users\ELSA\Desktop\Cirfa feat Badré, Sadjo, Dja, Mam's, Zei Leand - 33 C'est La Famass-[www_flvto_com].mp3
      [2013-12-12 05:11:46 | 000,001,356 | ---- | M] () -- C:\Users\ELSA\AppData\Local\d3d9caps.dat
      [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

      [color=#E56717]========== Files Created - No Company Name ==========[/color]

      [2013-12-30 16:37:28 | 000,001,663 | ---- | C] () -- X:\Users\Default\Desktop\PENetwork.lnk
      [2013-12-30 16:37:28 | 000,001,560 | ---- | C] () -- X:\Users\Default\Desktop\Command Prompt.lnk
      [2013-12-30 16:37:28 | 000,001,444 | ---- | C] () -- X:\Users\Default\Desktop\Explorer.lnk
      [2013-12-30 16:37:28 | 000,000,637 | ---- | C] () -- X:\Users\Default\Desktop\HD Tune v2.55.lnk
      [2013-12-30 16:37:27 | 000,000,891 | ---- | C] () -- X:\Users\Default\Desktop\OTLPE.lnk
      [2013-12-30 16:37:27 | 000,000,697 | ---- | C] () -- X:\Users\Default\Desktop\RogueKiller.lnk
      [2013-12-30 16:37:27 | 000,000,625 | ---- | C] () -- X:\Users\Default\Desktop\Opera12.lnk
      [2013-12-30 16:37:27 | 000,000,591 | ---- | C] () -- X:\Users\Default\Desktop\FRST.lnk
      [2013-12-30 16:30:26 | 2951,036,928 | -HS- | C] () -- C:\hiberfil.sys
      [2013-12-30 13:05:24 | 000,000,844 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a9bbr8.lnk
      [2013-12-30 13:04:34 | 000,000,000 | ---- | C] () -- C:\Windows\System32\a9bbr8.odd
      [2013-12-30 13:04:17 | 095,025,368 | ---- | C] () -- C:\Windows\System32\a9bbr8.fee
      [2013-12-30 13:04:14 | 000,153,088 | ---- | C] () -- C:\Windows\System32\8rbb9a.jss
      [2013-12-28 20:06:44 | 000,000,848 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jwfbwlqj.lnk
      [2013-12-28 20:06:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\jwfbwlqj.odd
      [2013-12-28 20:06:02 | 095,025,368 | ---- | C] () -- C:\Windows\System32\jwfbwlqj.fee
      [2013-12-27 16:50:50 | 000,000,848 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bodflffl.lnk
      [2013-12-27 16:50:33 | 000,000,000 | ---- | C] () -- C:\Windows\System32\bodflffl.odd
      [2013-12-27 16:50:12 | 095,025,368 | ---- | C] () -- C:\Windows\System32\bodflffl.fee
      [2013-12-27 16:09:24 | 000,000,850 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e1zj8zjbn.lnk
      [2013-12-27 16:09:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\e1zj8zjbn.odd
      [2013-12-27 16:09:07 | 095,025,368 | ---- | C] () -- C:\Windows\System32\e1zj8zjbn.fee
      [2013-12-27 12:31:40 | 000,000,850 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7to7bn8zh.lnk
      [2013-12-27 12:31:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\7to7bn8zh.odd
      [2013-12-27 12:31:34 | 095,025,368 | ---- | C] () -- C:\Windows\System32\7to7bn8zh.fee
      [2013-12-26 15:10:30 | 000,000,846 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igqibn3.lnk
      [2013-12-26 15:10:24 | 000,000,000 | ---- | C] () -- C:\Windows\System32\igqibn3.odd
      [2013-12-26 15:10:02 | 095,025,368 | ---- | C] () -- C:\Windows\System32\igqibn3.fee
      [2013-12-26 15:04:48 | 000,000,327 | ---- | C] () -- C:\Windows\System32\dbfj37t.reg
      [2013-12-26 15:04:30 | 000,000,846 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\woaavlf.lnk
      [2013-12-26 15:04:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\woaavlf.odd
      [2013-12-26 15:04:14 | 095,025,368 | ---- | C] () -- C:\Windows\System32\woaavlf.fee
      [2013-12-26 10:34:03 | 000,000,846 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dbfj37t.lnk
      [2013-12-26 10:34:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dbfj37t.odd
      [2013-12-26 10:33:39 | 095,025,368 | ---- | C] () -- C:\Windows\System32\dbfj37t.fee
      [2013-12-24 10:17:58 | 000,000,850 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vrllcmqjw.lnk
      [2013-12-23 18:59:05 | 000,000,108 | ---- | C] () -- C:\Users\ELSA\Desktop\Confidentialité.url
      [2013-12-23 14:19:38 | 000,089,608 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\TfSNhA8ac.ijzp
      [2013-12-23 13:53:23 | 000,021,000 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\DvXCEGGR6uC.xbbk
      [2013-12-23 11:40:59 | 002,785,438 | ---- | C] () -- C:\Users\ELSA\Desktop\Indila feat. Black M - Dernière Danse (Remix).mp3
      [2013-12-13 03:57:29 | 006,459,384 | ---- | C] () -- C:\Users\ELSA\Desktop\Cirfa feat Badré, Sadjo, Dja, Mam's, Zei Leand - 33 C'est La Famass-[www_flvto_com].mp3
      [2013-01-03 17:48:12 | 000,368,102 | ---- | C] () -- C:\Users\ELSA\AppData\Local\funmoods-speeddial_sf.crx
      [2013-01-03 17:48:12 | 000,031,465 | ---- | C] () -- C:\Users\ELSA\AppData\Local\funmoods.crx
      [2011-11-05 19:04:45 | 000,000,272 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\.backup.dm
      [2010-11-24 13:26:39 | 000,000,000 | ---- | C] () -- C:\Users\ELSA\AppData\Roaming\wklnhst.dat
      [2009-01-26 10:35:52 | 000,000,776 | ---- | C] () -- C:\Windows\WININIT.INI
      [2008-12-21 13:33:24 | 000,001,356 | ---- | C] () -- C:\Users\ELSA\AppData\Local\d3d9caps.dat
      [2008-12-21 13:08:44 | 000,038,400 | ---- | C] () -- C:\Users\ELSA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2008-12-21 11:35:13 | 000,000,109 | ---- | C] () -- C:\Windows\Kit.ini
      [2008-11-21 22:47:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
      [2008-11-21 22:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
      [2008-11-21 22:45:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
      [2008-11-21 22:44:16 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
      [2008-10-08 09:17:43 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
      [2008-09-10 01:04:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
      [2008-09-09 16:22:55 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
      [2008-09-09 16:22:55 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
      [2008-09-09 15:56:17 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
      [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
      [2006-03-06 09:41:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\AMV_DecDLL.dll
      [2004-09-16 12:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\System32\drivers\ADFUUD.SYS
      [2004-09-16 12:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\ADFUUD.SYS
      [2001-12-26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
      [2001-09-03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
      [2001-07-30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
      [2001-07-23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

      [color=#E56717]========== LOP Check ==========[/color]

      [2013-04-06 06:13:29 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Babylon
      [2009-12-20 14:34:08 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Big Fish Games
      [2013-05-05 22:15:39 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\eType
      [2011-02-25 17:19:00 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\FissaSearch
      [2011-02-13 18:11:22 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Floodlight Games
      [2008-12-25 18:52:36 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\FloodLightGames
      [2010-01-17 17:09:57 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\FUJIFILM
      [2013-01-03 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Funmoods
      [2010-12-23 17:59:54 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\GARMIN
      [2009-05-17 19:00:05 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\InterVideo
      [2012-10-31 13:23:43 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\MusicNet
      [2013-05-05 20:34:18 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\OfferBox
      [2010-07-19 18:37:22 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\SecretIslandFranc
      [2010-11-24 13:26:39 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Template
      [2010-05-29 20:21:09 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\widestream
      [2011-08-17 18:00:33 | 000,000,000 | ---D | M] -- C:\Users\ELSA\AppData\Roaming\Windows Live Writer
      [2013-12-30 16:51:03 | 000,000,000 | ---D | M] -- X:\Users\Default\AppData\Roaming\Opera
      [2013-12-25 08:05:01 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000Core.job
      [2013-12-28 20:06:03 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1733705690-3943974109-890921738-1000UA.job
      [2013-12-30 16:32:11 | 000,032,468 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
      [2013-12-30 16:25:08 | 000,001,066 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
      [2013-12-29 18:58:52 | 000,001,070 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job

      [color=#E56717]========== Purity Check ==========[/color]



      [color=#E56717]========== Custom Scans ==========[/color]


      Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.

      Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe

      [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]


      [color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
      [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
      [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
      [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
      [2008-01-21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
      [2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

      [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
      [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
      [2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
      [2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
      [2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
      [2008-01-21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
      [2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

      [color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
      [2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
      [2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
      [2008-01-21 03:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
      [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
      [2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
      [2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

      [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
      [2006-11-02 10:46:03 | 000,011,776 | --
      0
  11. Utilisateur anonyme
     
    Re

    Dans OTLPE

    * sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX

    :OTL
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 8597 = c:\progra~2\msvuxwoux.exe ()
    :files
    O20 - AppInit_DLLs: (browse~1\261125~1.80\{c16c1~1\browse~1.dll) - File not found
    O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\progra~1\google\google~1\goec62~1.dll (Google)

    tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse

    @+
    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      RAPPORT RUN FIX


      ========== OTL ==========
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\8597 deleted successfully.
      c:\ProgramData\msvuxwoux.exe moved successfully.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:browse~1\261125~1.80\{c16c1~1\browse~1.dll deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\google\google~1\goec62~1.dll deleted successfully.
      c:\progra~1\google\google~1\goec62~1.dll moved successfully.

      OTLPE by OldTimer - Version 3.1.29.0 log created on 12302013_215758
      0
  12. Utilisateur anonyme
     
    Re

    Essaie de démarrer ton PC normalement

    @+
    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      OK
      0
    2. davidjp33 Messages postés 40 Statut Membre
       
      aucun changement
      même probleme hadopi
      0
  13. Utilisateur anonyme
     
    Re

    Une question?
    Il s'agit bien d'un PC portable?
    Il n'y aurait pas une partition de sauvegarde ou ne disposerait elle pas d'un CD ou DVD pour restaurer

    @+
    0
    1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
       
      guillaume salut , c'est un emachines g620 donc portable de marque acer pour le remettre usine c'est ALT et F10 en même temps au démarrage du pc ??
      0
    2. davidjp33 Messages postés 40 Statut Membre
       
      non, je lui ai demandé
      0
  14. Utilisateur anonyme
     
    Salut jacques ;-))
    Je viens de relire le premier post...

    @ davidjp33

    Tu sauvegarde les données importantes à l'aide du CD Malekal.

    Et ensuite tu procèdes à une restauration usine comme mentionné par jacques-gache

    https://www.commentcamarche.net/faq/8775-restaurer-un-ordinateur-acer-a-son-etat-d-usine#sans-cd-de-restauration-erecovery-mot-de-passe-touches-alt-f10-ou-f10

    @+
    0
    1. davidjp33 Messages postés 40 Statut Membre
       
      OK

      toutes mes excuses, je me suis un peu endormi sur l'ordi.Je vais effectuer toutes vos dernières recommandations dès vendredi (je pars faire la nouvelle année à l'extérieure) .
      Dans l'attente , je vous souhaite de passer de trés bonnes fêtes de fin d'année et je vous remercie encore pour votre sélérité.
      Merci et à vendredi.
      0
    2. Utilisateur anonyme
       
      Bonnes fêtes de fin d'année également

      @ vendredi
      0
    3. davidjp33
       
      Bonjour

      Je vous souhaite une trés bonne année 2014.
      Je reviens comme prévu pour vous informer que j'ai suivi vos derniers conseils à la lettre et que tout est revenu en ordre. J'ai récuperé tous les documents que j'ai reinstallé aprés le redémarrage en mode usine.
      Je vous remercie encore pour votre sélérité.

      Amicalement
      0
  15. Utilisateur anonyme
     
    Bonjour

    Je te souhaite également une bonne et heureuse année 2014.

    @+

    --------Contributeur Sécurité---------
    On a tous été un jour débutant dans quelque chose.
    Mais le savoir est la récompense de l'assiduité.
    0
  16. cypobos Messages postés 85 Statut Membre 56
     
    tu peut essayer de faire un live cd linux pour formater ton disque
    -2
Précédent
  • 1
  • 2