bonjour a tous,
apres de multiples recherches sans fruit, je viens vers vous car j'essaie tant bien que mal de dépanner mon portable.
Symptomes: le ventilo tourne toujours à fond, ce qui m'a alerté. j'ai donc supprimé 1 à 1 les processus à commencer par firefox qui prend environ 200 ko et entraine de grosses lenteurs.
j'avais un rapport de plantage de pluggin container, j'ai donc analysé et mis à jour tous les pluggins.
s'en suis une baisse de tout les graphiques dans le gestionnaire des taches, mais reste un processus services.exe d'environ 1750 ko avec un nb de processus qui varie entre 20 et 70.
a l'heure ou j'ecris, je n'ai que ce forum d'ouvert et le PV ventile en boucle, il ne ralentis que si je le redémarre et n'ouvre pas firefox.
merci d'avance pour votre aide.
Processus "services.exe" qui utilise trop CPU
Modérateur : Mods Windows
Re: Processus "services.exe" qui utilise trop CPU
Bonjour,
Pour voir :
* Télécharge >> OTL <<sur ton bureau.
* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"
* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.
* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.
* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
PS : Si le rapport est trop long pour être poster sur un message, tu peux utiliser un hébergeur : http://pjjoint.malekal.com/index.php?lang=fr
Pour voir :
* Télécharge >> OTL <<sur ton bureau.
* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"
* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.
* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.
* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
PS : Si le rapport est trop long pour être poster sur un message, tu peux utiliser un hébergeur : http://pjjoint.malekal.com/index.php?lang=fr
Re: Processus "services.exe" qui utilise trop CPU
Bonjour, et merci de vous interresser à mon probleme.
ci dessous le rapport:
OTL logfile created on: 19/07/2014 15:02:20 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Romuald\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,36 Mb Total Physical Memory | 130,59 Mb Available Physical Memory | 25,54% Memory free
1,22 Gb Paging File | 0,74 Gb Available in Paging File | 60,54% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93,15 Gb Total Space | 48,71 Gb Free Space | 52,29% Space Free | Partition Type: NTFS
Computer Name: JEROME | User Name: Romuald | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Oracle Corporation)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Documents and Settings\Romuald\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\TWCU.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Samsung\ComSMMgr\SSMMgr.exe (Samsung Electronics.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\slserv.exe ( )
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\defs\14071900\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\DC_WFF.dll ()
MOD - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\TWCU.exe ()
MOD - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\WJRtl.dll ()
MOD - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\NicLan.dll ()
MOD - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\acAuth.dll ()
MOD - C:\WINDOWS\system32\ati2evxx.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()
========== Services (SafeList) ==========
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( )
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswmonflt.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (RtlWlanu) -- C:\WINDOWS\system32\drivers\RTWlanU.sys (Realtek Semiconductor Corporation )
DRV - (PCANDIS5) -- C:\WINDOWS\system32\pcandis5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (SG760_XP) -- C:\WINDOWS\system32\drivers\WlanUZXP.sys (ZyDAS Technology Corporation)
DRV - (AX88772) -- C:\WINDOWS\system32\drivers\ax88772.sys (ASIX Electronics Corp.)
DRV - (d347prt) -- C:\WINDOWS\system32\drivers\d347prt.sys ( )
DRV - (d347bus) -- C:\WINDOWS\system32\drivers\d347bus.sys ( )
DRV - (S3SavageNB) -- C:\WINDOWS\system32\drivers\s3gnbm.sys (S3 Graphics, Inc.)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (VIAudio) -- C:\WINDOWS\system32\drivers\vinyl97.sys (VIA Technologies, Inc.)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)
DRV - (RecAgent) -- C:\WINDOWS\system32\drivers\RecAgent.sys ( )
DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( )
DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( )
DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( )
DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( )
DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( )
DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys ( )
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (w22n51) -- C:\WINDOWS\system32\drivers\w22n51.sys (Intel® Corporation)
DRV - (CONAN) -- C:\WINDOWS\system32\drivers\o2mmb.sys (O2 Micro )
DRV - (MbxStby) -- C:\WINDOWS\system32\drivers\MbxStby.sys (O2 Micro)
DRV - (PCAMPR5) -- C:\WINDOWS\system32\pcampr5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (Wdm1) -- C:\WINDOWS\system32\drivers\usbbc.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.fr/https://www.google.fr/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX(rb)\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/23 10:54:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/06/23 19:51:02 | 000,000,000 | ---D | M]
[2009/04/01 07:34:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Romuald\Application Data\Mozilla\Extensions
[2014/07/16 20:18:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Romuald\Application Data\Mozilla\Firefox\Profiles\pkda4kvz.default-1399752152936\extensions
[2014/07/15 21:48:36 | 000,967,387 | ---- | M] () (No name found) -- C:\Documents and Settings\Romuald\Application Data\Mozilla\Firefox\Profiles\pkda4kvz.default-1399752152936\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/06/23 19:50:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/06/23 19:50:52 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2014/06/23 19:50:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/06/23 19:51:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2014/01/07 21:18:54 | 000,450,628 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15468 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Samsung Common SM] C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe (Samsung Electronics.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire de configuration sans fil TP-LINK.lnk = C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\TWCU.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F5A03F1-31C2-49F7-B80B-0AB2D23F66D2}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Romuald\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Romuald\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/20 22:01:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{75f03f13-0c2e-11db-8db7-00030d21f301}\Shell - "" = AutoRun
O33 - MountPoints2\{75f03f13-0c2e-11db-8db7-00030d21f301}\Shell\AutoRun\command - "" = F:\ReadMe.exe
O33 - MountPoints2\{f4897563-7bdf-11dc-8efd-00030d21f301}\Shell - "" = AutoRun
O33 - MountPoints2\{f4897563-7bdf-11dc-8efd-00030d21f301}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Romuald^Menu Démarrer^Programmes^Démarrage^Lanceur.lnk - C:\Program Files\Micro Application\LauncherMA.exe - (Micro Application)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: klmdb.sys - Driver
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: klmdb.sys - Driver
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - File not found
SafeBootNet: nm.sys - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {3F7924B9-D148-3141-87B1-68F36043A940} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {B908CC9E-ADA2-9CA7-C2B0-C7BC886A36FF} - DirectAnimation
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0} - Microsoft .NET Framework 1.1 Security Update (KB2833941)
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave5 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave6 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/07/15 06:29:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Romuald\Local Settings\Application Data\Adobe
[2014/07/15 06:23:49 | 000,699,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/07/15 06:23:49 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/06/28 07:47:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Romuald\Application Data\TP-LINK
[2014/06/28 07:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TP-LINK
[2014/06/28 07:46:10 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2014/06/28 07:45:06 | 001,345,936 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\rtwlanu.sys
[2014/06/28 07:45:06 | 001,345,936 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\RTWlanU.sys
[2014/06/28 07:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TP-LINK
[2014/06/24 21:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Java
[2014/06/24 21:50:08 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014/06/24 21:50:08 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014/06/24 21:49:47 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014/06/24 21:49:47 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014/06/24 21:49:47 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014/06/24 21:49:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
[2014/06/23 19:50:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2014/07/19 15:05:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/07/19 14:47:02 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/19 14:35:27 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/07/18 23:00:42 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/07/18 23:00:41 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/18 22:59:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/07/18 13:45:15 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/07/17 12:42:23 | 000,002,435 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\Microsoft AutoRoute.lnk
[2014/07/17 09:32:38 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Romuald\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/07/15 10:36:58 | 000,063,387 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\Commande validée - TopAchat.pdf
[2014/07/15 06:23:50 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/07/15 06:23:49 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/07/14 14:30:41 | 000,268,231 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\DSC00648-R.jpg
[2014/07/14 14:07:33 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2014/06/30 22:25:12 | 000,000,434 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2014/06/29 09:41:48 | 000,089,231 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\SIMULATION CAF Garde a domicile.pdf
[2014/06/29 09:37:27 | 000,089,335 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\SIMULATION CAF Garde ass mat.pdf
[2014/06/29 08:58:42 | 000,002,509 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\Microsoft Office Excel 2003.lnk
[2014/06/28 07:46:43 | 000,001,996 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire de configuration sans fil TP-LINK.lnk
[2014/06/28 07:46:43 | 000,001,970 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Utilitaire de configuration sans fil TP-LINK.lnk
[2014/06/26 20:44:52 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Romuald\Mes documents\Villosanges à près de Castellane.axe
========== Files Created - No Company Name ==========
[2014/07/19 15:05:49 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/07/15 10:36:47 | 000,063,387 | ---- | C] () -- C:\Documents and Settings\Romuald\Bureau\Commande validée - TopAchat.pdf
[2014/07/15 06:23:52 | 000,001,002 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/07/14 14:30:41 | 000,268,231 | ---- | C] () -- C:\Documents and Settings\Romuald\Bureau\DSC00648-R.jpg
[2014/06/29 09:41:46 | 000,089,231 | ---- | C] () -- C:\Documents and Settings\Romuald\Bureau\SIMULATION CAF Garde a domicile.pdf
[2014/06/29 09:37:26 | 000,089,335 | ---- | C] () -- C:\Documents and Settings\Romuald\Bureau\SIMULATION CAF Garde ass mat.pdf
[2014/06/28 07:46:43 | 000,001,996 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire de configuration sans fil TP-LINK.lnk
[2014/06/28 07:46:43 | 000,001,970 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Utilitaire de configuration sans fil TP-LINK.lnk
[2014/06/28 07:45:06 | 000,035,422 | ---- | C] () -- C:\WINDOWS\System32\netrtwlanu.inf
[2014/06/28 07:45:05 | 000,007,807 | ---- | C] () -- C:\WINDOWS\System32\netrtwlanu.cat
[2014/06/26 20:44:51 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Romuald\Mes documents\Villosanges à près de Castellane.axe
[2014/02/24 08:00:03 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/02/23 10:54:38 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/02/23 10:54:36 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/01/16 00:03:03 | 000,261,918 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3090141574-1093803269-4043484823-1007-0.dat
[2013/12/29 17:59:08 | 000,261,918 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/03/21 15:40:55 | 000,011,239 | ---- | C] () -- C:\Documents and Settings\Romuald\a
[2010/10/27 16:32:34 | 000,005,188 | ---- | C] () -- C:\Documents and Settings\Romuald\.recently-used.xbel
[2010/10/23 21:04:39 | 000,000,281 | ---- | C] () -- C:\Documents and Settings\Romuald\.gtk-bookmarks
[2008/04/04 13:30:08 | 000,003,042 | ---- | C] () -- C:\Documents and Settings\Romuald\.ganttproject
[2008/02/08 17:21:57 | 000,257,440 | ---- | C] () -- C:\Documents and Settings\Romuald\.fonts.cache-1
[2007/05/23 00:17:40 | 000,004,571 | ---- | C] () -- C:\Documents and Settings\Romuald\intlname.ols
[2007/05/16 17:07:11 | 000,028,184 | ---- | C] () -- C:\Documents and Settings\Romuald\Application Data\Valeurs séparées par des tabulations (Windows).ADR
[2006/09/06 12:26:03 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Romuald\Local Settings\Application Data\fusioncache.dat
[2005/02/21 12:20:55 | 000,110,592 | ---- | C] () -- C:\Documents and Settings\Romuald\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2004/08/20 22:07:44 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/12/19 10:54:10 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
[2014/01/20 21:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2005/02/26 22:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2014/02/23 10:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/02/23 10:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/05/12 13:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2006/03/15 12:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal Pro
[2009/02/11 17:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2009/10/14 18:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Application
[2013/12/29 11:28:55 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2013/12/29 17:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2014/02/24 19:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2004/10/09 23:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2010/08/25 14:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2014/01/07 23:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2014/01/18 21:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SketchUp
[2014/01/18 21:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2014/01/19 01:44:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2014/06/28 07:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TP-LINK
[2005/11/07 11:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2013/12/21 09:58:56 | 000,364,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1036-7B44-AB0000000001}\setup.exe
[2006/03/15 12:45:19 | 000,063,405 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal Pro\5.0\Bases\Patches\patch_ppro_5.0.388_390_to_5.0.391.exe
[2008/11/11 19:35:42 | 000,079,168 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009\French\setup.exe
[2013/12/29 15:54:28 | 000,887,896 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Package Cache\E15AD80FC74277EF2048312E9A71AF56B2EBA622\redist\dotNetFx40_Client_setup.exe
< %APPDATA%\*. >
[2014/01/17 18:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Adobe
[2005/03/03 01:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\AdobeUM
[2006/03/19 19:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Ahead
[2007/07/19 16:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Apple Computer
[2008/03/01 12:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Autodesk
[2014/02/23 10:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\AVAST Software
[2007/10/22 10:53:35 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Romuald\Application Data\Brother
[2013/12/30 20:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\DeepBurner
[2007/04/24 22:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\DivX
[2008/08/18 15:03:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\GARMIN
[2014/02/04 22:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Google
[2010/10/27 16:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\gtk-2.0
[2005/03/01 22:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Help
[2004/10/09 23:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Identities
[2005/02/21 20:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\InterVideo
[2010/08/25 13:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Leadertech
[2005/11/30 00:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Macromedia
[2009/10/14 18:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Magic Academy
[2014/01/17 18:33:08 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Romuald\Application Data\Microsoft
[2009/04/01 07:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Mozilla
[2008/10/01 09:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Panasonic
[2014/01/18 22:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\SketchUp
[2006/06/01 10:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\StarOffice8
[2005/02/02 06:58:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Sun
[2010/06/01 18:34:04 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Romuald\Application Data\SystemProc
[2007/04/20 09:53:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Talkback
[2007/04/20 09:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Thunderbird
[2014/06/28 07:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\TP-LINK
[2007/10/25 11:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\U3
< %APPDATA%\*.exe /s >
[2008/08/25 19:01:38 | 000,003,310 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_16496df1.exe
[2008/08/25 19:01:38 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_18be6784.exe
[2008/08/25 19:01:38 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_294823.exe
[2008/08/25 19:01:38 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_2cd672ae.exe
[2008/08/25 19:01:38 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_4ae13d6c.exe
[2008/08/25 19:01:38 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_69525f90.exe
[2010/04/23 18:07:34 | 000,006,144 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{B652CC58-6222-4149-B52D-C632AEE8C66C}\IconTmpl.0DED9891_8CB9_41F7_A2A0_A7E11270DB0A.exe
[2010/04/23 18:07:34 | 000,005,120 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{B652CC58-6222-4149-B52D-C632AEE8C66C}\IconTmpl1.0DED9891_8CB9_41F7_A2A0_A7E11270DB0A.exe
[2009/10/14 18:44:21 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}\ARPPRODUCTICON.exe
[2009/10/14 18:44:21 | 000,053,248 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}\NewShortcut1_C06EFB22B5DB46C59215BCB5C19C0858.exe
[2014/01/19 01:41:45 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\Romuald\Application Data\Sun\Java\jre1.7.0_51\lzma.exe
[2014/06/24 21:47:21 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\Romuald\Application Data\Sun\Java\jre1.7.0_60\lzma.exe
[2006/12/14 10:00:02 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Romuald\Application Data\U3\temp\cleanup.exe
[2007/02/12 17:46:54 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Romuald\Application Data\U3\temp\Launchpad Removal.exe
< %temp%\*.exe /s >
[2014/02/24 21:40:08 | 017,858,952 | ---- | M] (Adobe Systems Incorporated) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\fp_pl_pfs_installer.exe
[2014/05/27 18:12:09 | 000,918,440 | ---- | M] (Oracle Corporation) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\jre-7u60-windows-i586-iftw.exe
[2014/01/19 01:32:14 | 000,231,992 | ---- | M] (Adobe Systems Inc.) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\Shockwave_Installer_FF.exe
[9 C:\DOCUME~1\Romuald\LOCALS~1\Temp\*.tmp files -> C:\DOCUME~1\Romuald\LOCALS~1\Temp\*.tmp -> ]
[2013/10/07 22:02:14 | 001,207,296 | ---- | M] (Google) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\._msige61\GoogleEarth.exe
[2013/10/07 21:33:03 | 000,051,712 | ---- | M] () -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe
[2013/10/07 21:52:17 | 000,208,384 | ---- | M] (Google) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\client\googleearth.exe
[2013/10/07 21:33:15 | 000,301,056 | ---- | M] () -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe
[2013/10/07 21:52:17 | 000,208,384 | ---- | M] (Google) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe
[2011/10/22 16:30:28 | 000,221,184 | ---- | M] (Realtek) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\{7943C9C2-827E-40C4-96F4-F8C5164549E1}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RTLDHCP.exe
[2011/10/22 16:30:28 | 000,221,184 | ---- | M] (Realtek) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\{7943C9C2-827E-40C4-96F4-F8C5164549E1}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RTLDHCP.exe
[2008/10/11 15:03:00 | 000,024,576 | ---- | M] () -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\Répertoire temporaire 1 pour MemTest.zip\memtest.exe
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2004/08/20 23:50:30 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2004/08/20 23:50:30 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004/08/20 23:50:30 | 000,405,504 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< MD5 for: EXPLORER.EXE >
[2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007/06/13 15:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 15:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
< MD5 for: WINLOGON.EXE >
[2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"Debug" =
"Kmode" = %SystemRoot%\system32\win32k.sys -- [2012/02/03 11:58:01 | 001,860,224 | ---- | M] (Microsoft Corporation)
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928
< nslookup http://www.google.fr /c >
Serveur : livebox.home
Address: 192.168.1.1
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\WOOBrowser.exe\shell\open\command\\: C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\WOOBrowser.exe\shell\open\command\\: C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
< End of report >
ci dessous le rapport:
OTL logfile created on: 19/07/2014 15:02:20 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Romuald\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
511,36 Mb Total Physical Memory | 130,59 Mb Available Physical Memory | 25,54% Memory free
1,22 Gb Paging File | 0,74 Gb Available in Paging File | 60,54% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93,15 Gb Total Space | 48,71 Gb Free Space | 52,29% Space Free | Partition Type: NTFS
Computer Name: JEROME | User Name: Romuald | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Oracle Corporation)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Documents and Settings\Romuald\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\TWCU.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Samsung\ComSMMgr\SSMMgr.exe (Samsung Electronics.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\slserv.exe ( )
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\defs\14071900\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\DC_WFF.dll ()
MOD - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\TWCU.exe ()
MOD - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\WJRtl.dll ()
MOD - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\NicLan.dll ()
MOD - C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\acAuth.dll ()
MOD - C:\WINDOWS\system32\ati2evxx.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()
========== Services (SafeList) ==========
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( )
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswmonflt.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (RtlWlanu) -- C:\WINDOWS\system32\drivers\RTWlanU.sys (Realtek Semiconductor Corporation )
DRV - (PCANDIS5) -- C:\WINDOWS\system32\pcandis5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (SG760_XP) -- C:\WINDOWS\system32\drivers\WlanUZXP.sys (ZyDAS Technology Corporation)
DRV - (AX88772) -- C:\WINDOWS\system32\drivers\ax88772.sys (ASIX Electronics Corp.)
DRV - (d347prt) -- C:\WINDOWS\system32\drivers\d347prt.sys ( )
DRV - (d347bus) -- C:\WINDOWS\system32\drivers\d347bus.sys ( )
DRV - (S3SavageNB) -- C:\WINDOWS\system32\drivers\s3gnbm.sys (S3 Graphics, Inc.)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (VIAudio) -- C:\WINDOWS\system32\drivers\vinyl97.sys (VIA Technologies, Inc.)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)
DRV - (RecAgent) -- C:\WINDOWS\system32\drivers\RecAgent.sys ( )
DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( )
DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( )
DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( )
DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( )
DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( )
DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys ( )
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (w22n51) -- C:\WINDOWS\system32\drivers\w22n51.sys (Intel® Corporation)
DRV - (CONAN) -- C:\WINDOWS\system32\drivers\o2mmb.sys (O2 Micro )
DRV - (MbxStby) -- C:\WINDOWS\system32\drivers\MbxStby.sys (O2 Micro)
DRV - (PCAMPR5) -- C:\WINDOWS\system32\pcampr5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (Wdm1) -- C:\WINDOWS\system32\drivers\usbbc.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.fr/https://www.google.fr/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX(rb)\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/23 10:54:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/06/23 19:51:02 | 000,000,000 | ---D | M]
[2009/04/01 07:34:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Romuald\Application Data\Mozilla\Extensions
[2014/07/16 20:18:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Romuald\Application Data\Mozilla\Firefox\Profiles\pkda4kvz.default-1399752152936\extensions
[2014/07/15 21:48:36 | 000,967,387 | ---- | M] () (No name found) -- C:\Documents and Settings\Romuald\Application Data\Mozilla\Firefox\Profiles\pkda4kvz.default-1399752152936\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/06/23 19:50:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/06/23 19:50:52 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2014/06/23 19:50:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/06/23 19:51:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2014/01/07 21:18:54 | 000,450,628 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15468 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Samsung Common SM] C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe (Samsung Electronics.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire de configuration sans fil TP-LINK.lnk = C:\Program Files\TP-LINK\Utilitaire de configuration sans fil TP-LINK\TWCU.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] http in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([download] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F5A03F1-31C2-49F7-B80B-0AB2D23F66D2}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Romuald\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Romuald\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/20 22:01:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{75f03f13-0c2e-11db-8db7-00030d21f301}\Shell - "" = AutoRun
O33 - MountPoints2\{75f03f13-0c2e-11db-8db7-00030d21f301}\Shell\AutoRun\command - "" = F:\ReadMe.exe
O33 - MountPoints2\{f4897563-7bdf-11dc-8efd-00030d21f301}\Shell - "" = AutoRun
O33 - MountPoints2\{f4897563-7bdf-11dc-8efd-00030d21f301}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Romuald^Menu Démarrer^Programmes^Démarrage^Lanceur.lnk - C:\Program Files\Micro Application\LauncherMA.exe - (Micro Application)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: klmdb.sys - Driver
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: klmdb.sys - Driver
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - File not found
SafeBootNet: nm.sys - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {3F7924B9-D148-3141-87B1-68F36043A940} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {B908CC9E-ADA2-9CA7-C2B0-C7BC886A36FF} - DirectAnimation
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0} - Microsoft .NET Framework 1.1 Security Update (KB2833941)
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave5 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave6 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/07/15 06:29:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Romuald\Local Settings\Application Data\Adobe
[2014/07/15 06:23:49 | 000,699,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/07/15 06:23:49 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/06/28 07:47:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Romuald\Application Data\TP-LINK
[2014/06/28 07:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\TP-LINK
[2014/06/28 07:46:10 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2014/06/28 07:45:06 | 001,345,936 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\rtwlanu.sys
[2014/06/28 07:45:06 | 001,345,936 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\RTWlanU.sys
[2014/06/28 07:43:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TP-LINK
[2014/06/24 21:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Java
[2014/06/24 21:50:08 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014/06/24 21:50:08 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014/06/24 21:49:47 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014/06/24 21:49:47 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014/06/24 21:49:47 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014/06/24 21:49:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
[2014/06/23 19:50:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2014/07/19 15:05:49 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/07/19 14:47:02 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/19 14:35:27 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/07/18 23:00:42 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/07/18 23:00:41 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/18 22:59:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/07/18 13:45:15 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/07/17 12:42:23 | 000,002,435 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\Microsoft AutoRoute.lnk
[2014/07/17 09:32:38 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Romuald\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/07/15 10:36:58 | 000,063,387 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\Commande validée - TopAchat.pdf
[2014/07/15 06:23:50 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/07/15 06:23:49 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/07/14 14:30:41 | 000,268,231 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\DSC00648-R.jpg
[2014/07/14 14:07:33 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2014/06/30 22:25:12 | 000,000,434 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2014/06/29 09:41:48 | 000,089,231 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\SIMULATION CAF Garde a domicile.pdf
[2014/06/29 09:37:27 | 000,089,335 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\SIMULATION CAF Garde ass mat.pdf
[2014/06/29 08:58:42 | 000,002,509 | ---- | M] () -- C:\Documents and Settings\Romuald\Bureau\Microsoft Office Excel 2003.lnk
[2014/06/28 07:46:43 | 000,001,996 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire de configuration sans fil TP-LINK.lnk
[2014/06/28 07:46:43 | 000,001,970 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Utilitaire de configuration sans fil TP-LINK.lnk
[2014/06/26 20:44:52 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Romuald\Mes documents\Villosanges à près de Castellane.axe
========== Files Created - No Company Name ==========
[2014/07/19 15:05:49 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/07/15 10:36:47 | 000,063,387 | ---- | C] () -- C:\Documents and Settings\Romuald\Bureau\Commande validée - TopAchat.pdf
[2014/07/15 06:23:52 | 000,001,002 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/07/14 14:30:41 | 000,268,231 | ---- | C] () -- C:\Documents and Settings\Romuald\Bureau\DSC00648-R.jpg
[2014/06/29 09:41:46 | 000,089,231 | ---- | C] () -- C:\Documents and Settings\Romuald\Bureau\SIMULATION CAF Garde a domicile.pdf
[2014/06/29 09:37:26 | 000,089,335 | ---- | C] () -- C:\Documents and Settings\Romuald\Bureau\SIMULATION CAF Garde ass mat.pdf
[2014/06/28 07:46:43 | 000,001,996 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utilitaire de configuration sans fil TP-LINK.lnk
[2014/06/28 07:46:43 | 000,001,970 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Utilitaire de configuration sans fil TP-LINK.lnk
[2014/06/28 07:45:06 | 000,035,422 | ---- | C] () -- C:\WINDOWS\System32\netrtwlanu.inf
[2014/06/28 07:45:05 | 000,007,807 | ---- | C] () -- C:\WINDOWS\System32\netrtwlanu.cat
[2014/06/26 20:44:51 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Romuald\Mes documents\Villosanges à près de Castellane.axe
[2014/02/24 08:00:03 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/02/23 10:54:38 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/02/23 10:54:36 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/01/16 00:03:03 | 000,261,918 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3090141574-1093803269-4043484823-1007-0.dat
[2013/12/29 17:59:08 | 000,261,918 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/03/21 15:40:55 | 000,011,239 | ---- | C] () -- C:\Documents and Settings\Romuald\a
[2010/10/27 16:32:34 | 000,005,188 | ---- | C] () -- C:\Documents and Settings\Romuald\.recently-used.xbel
[2010/10/23 21:04:39 | 000,000,281 | ---- | C] () -- C:\Documents and Settings\Romuald\.gtk-bookmarks
[2008/04/04 13:30:08 | 000,003,042 | ---- | C] () -- C:\Documents and Settings\Romuald\.ganttproject
[2008/02/08 17:21:57 | 000,257,440 | ---- | C] () -- C:\Documents and Settings\Romuald\.fonts.cache-1
[2007/05/23 00:17:40 | 000,004,571 | ---- | C] () -- C:\Documents and Settings\Romuald\intlname.ols
[2007/05/16 17:07:11 | 000,028,184 | ---- | C] () -- C:\Documents and Settings\Romuald\Application Data\Valeurs séparées par des tabulations (Windows).ADR
[2006/09/06 12:26:03 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Romuald\Local Settings\Application Data\fusioncache.dat
[2005/02/21 12:20:55 | 000,110,592 | ---- | C] () -- C:\Documents and Settings\Romuald\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2004/08/20 22:07:44 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/12/19 10:54:10 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
[2014/01/20 21:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2005/02/26 22:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2014/02/23 10:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/02/23 10:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010/05/12 13:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Google
[2006/03/15 12:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal Pro
[2009/02/11 17:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2009/10/14 18:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Micro Application
[2013/12/29 11:28:55 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2013/12/29 17:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2014/02/24 19:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2004/10/09 23:31:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2010/08/25 14:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2014/01/07 23:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2014/01/18 21:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SketchUp
[2014/01/18 21:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2014/01/19 01:44:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2014/06/28 07:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TP-LINK
[2005/11/07 11:57:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2013/12/21 09:58:56 | 000,364,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1036-7B44-AB0000000001}\setup.exe
[2006/03/15 12:45:19 | 000,063,405 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal Pro\5.0\Bases\Patches\patch_ppro_5.0.388_390_to_5.0.391.exe
[2008/11/11 19:35:42 | 000,079,168 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2009\French\setup.exe
[2013/12/29 15:54:28 | 000,887,896 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Package Cache\E15AD80FC74277EF2048312E9A71AF56B2EBA622\redist\dotNetFx40_Client_setup.exe
< %APPDATA%\*. >
[2014/01/17 18:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Adobe
[2005/03/03 01:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\AdobeUM
[2006/03/19 19:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Ahead
[2007/07/19 16:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Apple Computer
[2008/03/01 12:53:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Autodesk
[2014/02/23 10:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\AVAST Software
[2007/10/22 10:53:35 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Romuald\Application Data\Brother
[2013/12/30 20:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\DeepBurner
[2007/04/24 22:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\DivX
[2008/08/18 15:03:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\GARMIN
[2014/02/04 22:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Google
[2010/10/27 16:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\gtk-2.0
[2005/03/01 22:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Help
[2004/10/09 23:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Identities
[2005/02/21 20:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\InterVideo
[2010/08/25 13:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Leadertech
[2005/11/30 00:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Macromedia
[2009/10/14 18:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Magic Academy
[2014/01/17 18:33:08 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Romuald\Application Data\Microsoft
[2009/04/01 07:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Mozilla
[2008/10/01 09:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Panasonic
[2014/01/18 22:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\SketchUp
[2006/06/01 10:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\StarOffice8
[2005/02/02 06:58:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Sun
[2010/06/01 18:34:04 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Romuald\Application Data\SystemProc
[2007/04/20 09:53:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Talkback
[2007/04/20 09:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\Thunderbird
[2014/06/28 07:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\TP-LINK
[2007/10/25 11:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Romuald\Application Data\U3
< %APPDATA%\*.exe /s >
[2008/08/25 19:01:38 | 000,003,310 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_16496df1.exe
[2008/08/25 19:01:38 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_18be6784.exe
[2008/08/25 19:01:38 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_294823.exe
[2008/08/25 19:01:38 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_2cd672ae.exe
[2008/08/25 19:01:38 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_4ae13d6c.exe
[2008/08/25 19:01:38 | 000,001,078 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}\_69525f90.exe
[2010/04/23 18:07:34 | 000,006,144 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{B652CC58-6222-4149-B52D-C632AEE8C66C}\IconTmpl.0DED9891_8CB9_41F7_A2A0_A7E11270DB0A.exe
[2010/04/23 18:07:34 | 000,005,120 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{B652CC58-6222-4149-B52D-C632AEE8C66C}\IconTmpl1.0DED9891_8CB9_41F7_A2A0_A7E11270DB0A.exe
[2009/10/14 18:44:21 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}\ARPPRODUCTICON.exe
[2009/10/14 18:44:21 | 000,053,248 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Romuald\Application Data\Microsoft\Installer\{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}\NewShortcut1_C06EFB22B5DB46C59215BCB5C19C0858.exe
[2014/01/19 01:41:45 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\Romuald\Application Data\Sun\Java\jre1.7.0_51\lzma.exe
[2014/06/24 21:47:21 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\Romuald\Application Data\Sun\Java\jre1.7.0_60\lzma.exe
[2006/12/14 10:00:02 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Romuald\Application Data\U3\temp\cleanup.exe
[2007/02/12 17:46:54 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Romuald\Application Data\U3\temp\Launchpad Removal.exe
< %temp%\*.exe /s >
[2014/02/24 21:40:08 | 017,858,952 | ---- | M] (Adobe Systems Incorporated) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\fp_pl_pfs_installer.exe
[2014/05/27 18:12:09 | 000,918,440 | ---- | M] (Oracle Corporation) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\jre-7u60-windows-i586-iftw.exe
[2014/01/19 01:32:14 | 000,231,992 | ---- | M] (Adobe Systems Inc.) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\Shockwave_Installer_FF.exe
[9 C:\DOCUME~1\Romuald\LOCALS~1\Temp\*.tmp files -> C:\DOCUME~1\Romuald\LOCALS~1\Temp\*.tmp -> ]
[2013/10/07 22:02:14 | 001,207,296 | ---- | M] (Google) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\._msige61\GoogleEarth.exe
[2013/10/07 21:33:03 | 000,051,712 | ---- | M] () -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe
[2013/10/07 21:52:17 | 000,208,384 | ---- | M] (Google) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\client\googleearth.exe
[2013/10/07 21:33:15 | 000,301,056 | ---- | M] () -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe
[2013/10/07 21:52:17 | 000,208,384 | ---- | M] (Google) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe
[2011/10/22 16:30:28 | 000,221,184 | ---- | M] (Realtek) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\{7943C9C2-827E-40C4-96F4-F8C5164549E1}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RTLDHCP.exe
[2011/10/22 16:30:28 | 000,221,184 | ---- | M] (Realtek) -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\{7943C9C2-827E-40C4-96F4-F8C5164549E1}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RTLDHCP.exe
[2008/10/11 15:03:00 | 000,024,576 | ---- | M] () -- C:\DOCUME~1\Romuald\LOCALS~1\Temp\Répertoire temporaire 1 pour MemTest.zip\memtest.exe
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2004/08/20 23:50:30 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2004/08/20 23:50:30 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004/08/20 23:50:30 | 000,405,504 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< MD5 for: EXPLORER.EXE >
[2004/08/05 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007/06/13 15:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 15:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
< MD5 for: WINLOGON.EXE >
[2004/08/05 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 04:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"Debug" =
"Kmode" = %SystemRoot%\system32\win32k.sys -- [2012/02/03 11:58:01 | 001,860,224 | ---- | M] (Microsoft Corporation)
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928
< nslookup http://www.google.fr /c >
Serveur : livebox.home
Address: 192.168.1.1
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\WOOBrowser.exe\shell\open\command\\: C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2014/06/23 19:51:30 | 000,900,312 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2014/06/23 19:51:37 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2013/10/29 07:15:36 | 000,174,592 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\WOOBrowser.exe\shell\open\command\\: C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
< End of report >
Re: Processus "services.exe" qui utilise trop CPU
Re,
A priori rien d'anormal.
Les ventilos ne sont pas encrassés ?
Pour Firefox :
As-tu le même problème avec un nouveau profil?
Créer un nouveau profil
/!\ N'efface pas ton ancien profil pour l'instant. /!\
A priori rien d'anormal.
Les ventilos ne sont pas encrassés ?
Pour Firefox :
As-tu le même problème avec un nouveau profil?
Créer un nouveau profil
- Fermer FireFox (en plus, assure-toi avec CTRL+ALT+DELETE qu'il n'y a plus aucun processus de Firefox actif).
- Démarrer >>> Exécuter >>> Taper firefox -p (remarque l'espace entre Firefox et -p) et valider par OK.
- Dans la fenêtre de gestion des profils qui vient de s'ouvrir, on peut en créer un nouveau et lancer FF avec celui-ci.
/!\ N'efface pas ton ancien profil pour l'instant. /!\
-
- Sujets similaires
- Réponses
- Vues
- Dernier message
-
- 12 Réponses
- 159 Vues
-
Dernier message par Malekal_morte
-
- 10 Réponses
- 238 Vues
-
Dernier message par Malekal_morte
-
- 13 Réponses
- 426 Vues
-
Dernier message par Malekal_morte
-
- 3 Réponses
- 44 Vues
-
Dernier message par Malekal_morte
-
- 11 Réponses
- 338 Vues
-
Dernier message par Parisien_entraide