Sujet Précédent Sujet Suivant

Win32/Adware.Toolbar.Dealio

Résolu/Fermé
artika Messages postés 103 Date d'inscription jeudi 17 janvier 2008 Statut Membre Dernière intervention 13 juillet 2011 - 15 févr. 2011 à 03:16
 Utilisateur anonyme - 17 févr. 2011 à 01:29
Bonjour,

config>Windows XP sp3 / Firefox 3.6.13</config>

Pentium R (4) CPU 2.8
2.80, 1.43 GoRam

Nod 32 a trouver
C:\System Volume Information\_restore{CA776613-94CE-41D7-9DD3-3DEB152E1F13}\RP204\A0056481.exe Win32/Adware.Toolbar.Dealio application Aucune action

Comment faire de se débarrasser de cela

Merci de bien vouloir m'aider

25 réponses

  • 1
  • 2
Réponse 1 / 25
Utilisateur anonyme
15 févr. 2011 à 03:19
salut c'est dans la restauration systeme...

on le virera après


▶ Télécharge ici : Ad-remover sur ton bureau :


▶ Déconnecte toi et ferme toutes applications en cours !

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

▶ sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

▶ clique le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

▶ Au menu principal choisis "option Nettoyer" et tape sur [entrée] .

▶ Laisse travailler l'outil et ne touche à rien ...

▶ Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
Réponse 2 / 25
artika Messages postés 103 Date d'inscription jeudi 17 janvier 2008 Statut Membre Dernière intervention 13 juillet 2011
15 févr. 2011 à 03:58
Bonjour

j ai fait ad-remover

il ma demander de redémarrer mon pc pour terminer le nettoyage
maintenant il y a l'écran bleu de windows
ca fait 20 minutes es ce que je doit faire quelque chose pou
le redémarrer ou attendre

Merci encore
0
Réponse 3 / 25
artika Messages postés 103 Date d'inscription jeudi 17 janvier 2008 Statut Membre Dernière intervention 13 juillet 2011
15 févr. 2011 à 05:53
Bonjour

finalement j'ai redémarrer mon pc
Voici le Rapport de AD-Remover

======= RAPPORT D'AD-REMOVER 2.0.0.2,E | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:31:38 le 14/02/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
andrefi@ANDREFI-130D344 ( )

============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\PopCap
Clé supprimée: HKLM\Software\Trymedia Systems


============== SCAN ADDITIONNEL ==============

-- C:\Documents and Settings\andrefi\Application Data\Mozilla\FireFox\Profiles\z4id2y6o.default --
Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} (Garmin Communicator)
Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2) (DownloadHelper)
Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} (DownThemAll!)
Searchplugins\downloadhelper-safe-videos.xml (?)
Searchplugins\sideload-search.xml (?)
Prefs.js - browser.download.dir, C:\\Documents and Settings\\andrefi\\Bureau
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\andrefi\\Bureau
Prefs.js - browser.startup.homepage, hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1267117989&rver=6.0.5285.0&wp=MBI&wr...
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

**** Internet Explorer Version [7.0.5730.13] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 14/02/2011 (482 Octet(s))

Fin à: 21:33:43, 14/02/2011

============== E.O.F ==============
0
Réponse 4 / 25
Utilisateur anonyme
15 févr. 2011 à 15:46
▶ Télécharge ici : USBFIX sur ton bureau

branche tous tes periphériques sans les ouvrir

/!\ Désactive provisoirement et seulement le temps de l'utilisation d'USBFIX, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur l'icône Usbfix située sur ton Bureau.
Sur la page, clique sur le bouton :

▶ choisi l option Suppression

▶ UsbFix scannera ton pc , laisse travailler l outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

▶ Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 25
artika Messages postés 103 Date d'inscription jeudi 17 janvier 2008 Statut Membre Dernière intervention 13 juillet 2011
15 févr. 2011 à 18:26
Bonjour
mon pc plus rapide

voici rapport USBFix

############################## | UsbFix 7.039 | [Suppression]

Utilisateur: andrefi (Administrateur) # ANDREFI-130D344 [ ]
Mis à jour le 09/02/2011 par El Desaparecido / C_XX
Lancé à 12:15:38 | 15/02/2011
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org

CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz
Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 7.0.5730.13

Pare-feu Windows: Activé
Antivirus: ESET NOD32 Antivirus 4.0 4.0 [(!) Disabled | Updated]
Firewall: Pare-feu Online Armor 4.0.0.45 [(!) Disabled]
RAM -> 1471 Mo
C:\ (%systemdrive%) -> Disque fixe # 118 Go (90 Go libre(s) - 76%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque amovible # 7 Go (187 Mo libre(s) - 2%) [] # FAT32
H:\ -> Disque fixe # 16 Go (10 Go libre(s) - 61%) [Andrefi 2] # NTFS

################## | Éléments infectieux |


Supprimé! C:\Recycler\S-1-5-21-1960408961-2139871995-1606980848-1003
Supprimé! H:\Recycler\S-1-5-21-1960408961-2139871995-1606980848-1003
Supprimé! C:\log.txt

################## | Registre |


################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{5fa028d6-3b3c-11df-8cca-00138f1bab9c}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{c164ac5c-fbcb-11df-8e29-00138f1bab9c}

################## | Listing |

[12/02/2010 - 00:55:35 | D ] C:\1aaabdfcc7f38b2897d358
[11/02/2010 - 23:08:12 | D ] C:\8009b68f714d8b8024
[14/02/2011 - 21:33:43 | N | 2531] C:\Ad-Report-CLEAN[1].txt
[29/11/2010 - 10:34:46 | N | 54] C:\AUTOEXEC.BAT
[12/03/2010 - 01:23:52 | RASHD ] C:\autorun.inf
[28/01/2010 - 11:55:06 | N | 335] C:\boot.ini
[28/08/2001 - 06:00:00 | N | 4952] C:\Bootfont.bin
[08/01/2011 - 22:07:47 | D ] C:\Config.Msi
[28/01/2010 - 01:56:51 | N | 0] C:\CONFIG.SYS
[12/06/2010 - 18:19:58 | D ] C:\Documents and Settings
[11/02/2010 - 20:12:23 | D ] C:\fb3fc6de0809f8e4e3a9128e
[14/01/2011 - 22:12:10 | D ] C:\Graveur et dvd
[25/09/2010 - 10:00:01 | D ] C:\hegames
[13/08/2010 - 23:37:50 | D ] C:\INTERNET
[28/01/2010 - 01:56:51 | N | 0] C:\IO.SYS
[18/08/2010 - 00:03:55 | D ] C:\JEU
[14/02/2011 - 23:46:36 | D ] C:\LOG ENLEVER
[01/02/2010 - 19:06:31 | D ] C:\Mise a jour Internet
[28/01/2010 - 01:56:51 | N | 0] C:\MSDOS.SYS
[08/02/2010 - 23:06:02 | RHD ] C:\MSOCache
[09/02/2010 - 01:21:22 | D ] C:\MUSIC
[10/02/2011 - 15:21:42 | D ] C:\MyWorks
[31/03/2010 - 19:04:25 | D ] C:\Nouveau dossier
[13/04/2008 - 08:43:04 | N | 47564] C:\NTDETECT.COM
[13/04/2008 - 10:31:52 | N | 252240] C:\ntldr
[15/02/2011 - 12:11:53 | ASH | 2145386496] C:\pagefile.sys
[14/02/2011 - 21:31:37 | D ] C:\Program Files
[15/02/2011 - 12:17:14 | SHD ] C:\RECYCLER
[31/03/2010 - 18:57:59 | D ] C:\Rogers cles internet
[01/02/2010 - 18:46:07 | SHD ] C:\System Volume Information
[14/02/2011 - 19:27:23 | D ] C:\Telecharge
[04/03/2010 - 23:42:18 | D ] C:\TELECHARGEMENT
[08/02/2010 - 23:09:14 | D ] C:\TEXTE
[15/02/2011 - 12:17:14 | D ] C:\UsbFix
[15/02/2011 - 12:17:14 | A | 1094] C:\UsbFix.txt
[08/01/2011 - 23:18:06 | D ] C:\UTILITAIRE
[14/02/2011 - 12:12:55 | D ] C:\WINDOWS
[15/02/2011 - 11:49:18 | D ] F:\Carte mere cuisine
[15/02/2011 - 11:49:20 | D ] F:\Carte mere xcel2000
[11/02/2010 - 19:48:28 | D ] F:\Sauve de cuisine telechargement
[15/02/2011 - 11:52:44 | D ] F:\lotus
[18/12/2009 - 22:03:20 | N | 3223912] F:\drivermax.exe
[30/12/2009 - 23:42:14 | D ] F:\My Drivers
[03/01/2010 - 16:36:08 | D ] F:\Pension 2010
[03/01/2010 - 16:36:26 | D ] F:\Penssion 2009 Bon
[28/12/2009 - 20:27:28 | N | 13747304] F:\OnlineArmor_Setup_Free_FRA.exe
[14/02/2011 - 17:53:16 | D ] F:\Pilotte ordi andré 2011
[15/02/2011 - 11:49:20 | D ] F:\Floride dec 2009
[07/01/2010 - 17:15:50 | N | 5115824] F:\mbam-setup.exe
[28/12/2009 - 18:52:10 | N | 32256] F:\Suduku 1.doc
[18/12/2009 - 22:25:14 | N | 1777926] F:\rcsetup133.zip
[17/12/2009 - 20:33:28 | N | 58735016] F:\videoMetro.flv
[24/03/2008 - 15:30:10 | N | 24064] F:\Ordinateur.doc
[17/03/2008 - 00:58:44 | N | 313344] F:\Partitionner Knoppic Tuto.doc
[05/01/2010 - 17:22:00 | D ] F:\Temp DVDSHRINK
[06/01/2010 - 11:26:04 | N | 524] F:\pilotte possible.jpg.lnk
[06/01/2010 - 11:27:18 | N | 529] F:\Cartes graphiques.doc.lnk
[06/01/2010 - 16:58:32 | N | 8092773] F:\02 Piste 2.mp3
[15/02/2011 - 11:50:48 | D ] F:\Halo
[15/02/2011 - 11:52:28 | D ] F:\Job 2010
[06/01/2010 - 16:57:30 | N | 2936568] F:\01 Piste 1.mp3
[08/01/2010 - 11:52:54 | D ] F:\Pilote mon ordi
[08/01/2010 - 12:11:26 | N | 2022680] F:\MyDefrag-v4.2.7.exe
[15/02/2011 - 11:52:28 | D ] F:\logi musicAudacyetjeu
[08/01/2010 - 00:36:20 | N | 33004] F:\Pit_rosea_small.jpg
[08/01/2010 - 01:49:08 | N | 14336] F:\Monbre de jour.xls
[04/01/2010 - 21:07:14 | N | 141135] F:\liste_de_canaux_bell_f.pdf
[15/12/2009 - 02:44:26 | N | 116436] F:\dc_200_322_4.pdf
[28/12/2009 - 18:59:34 | N | 32256] F:\Suduku 1 A.doc
[25/12/2009 - 02:53:46 | N | 98816] F:\Restaurer les pilotes.doc
[19/12/2009 - 09:29:42 | N | 100864] F:\ulcere Aphtes.doc
[15/12/2009 - 09:52:04 | N | 872547] F:\ListeprixWeb.pdf
[22/02/2010 - 23:01:48 | N | 1942816] F:\Horaire27.pdf
[15/02/2011 - 11:52:38 | D ] F:\LOGICIEL NOKIA BON
[25/12/2009 - 02:53:58 | N | 87040] F:\Sauvegarder ses pilotes.doc
[25/12/2009 - 03:03:54 | N | 62976] F:\Télécharger et installer DriverMax.doc
[25/12/2009 - 03:00:50 | N | 61952] F:\Enregistrer DriverMax.doc
[11/01/2010 - 12:25:38 | N | 8391824] F:\Firefox Setup 3.6 RC 1(2).exe
[11/01/2010 - 15:36:28 | N | 525824] F:\Microsoft cles pz.doc
[11/01/2010 - 14:06:56 | N | 65795] F:\Cles_Belarc_Profile.pdf
[12/01/2010 - 22:28:16 | N | 3357024] F:\ccsetup227.exe
[12/01/2010 - 21:22:42 | N | 5359048] F:\FoxitReader31_enu_Setup_091125.exe
[12/01/2010 - 19:52:00 | N | 629821] F:\bpsetup_1_03_1.exe
[15/02/2011 - 11:53:02 | D ] F:\Marine Malice
[15/03/2008 - 15:55:18 | N | 693] F:\Échantillons d'images.lnk
[13/01/2010 - 02:10:26 | N | 676878] F:\RadioaacPlus_plugin.exe
[13/01/2010 - 08:40:46 | N | 94720] F:\Confi bios.doc
[15/02/2011 - 11:54:08 | D ] F:\Mes driver 2010 telecharger
[10/11/2009 - 17:08:32 | N | 3533478] F:\aida32ee_393.exe
[15/02/2011 - 11:54:08 | D ] F:\miseajourExtra office2003
[27/01/2010 - 12:24:16 | D ] F:\Nouveau dossier123
[01/02/2010 - 17:04:56 | D ] F:\SP3ntlite iso windows
[11/02/2010 - 17:49:30 | D ] F:\Paatch pour halo
[22/02/2010 - 12:21:48 | N | 254403] F:\Depliant_SHilaire.pdf
[22/02/2010 - 12:22:56 | N | 254403] F:\Depliant_SHilaireretour.pdf
[22/02/2010 - 12:30:02 | N | 243090] F:\Depliant_DMontagnehoraire.pdf
[23/07/2010 - 22:37:34 | N | 25600] F:\Recettes du Québec.doc
[01/08/2010 - 22:32:48 | N | 34981] F:\taux_index.aspx.htm
[31/08/2010 - 22:03:06 | D ] F:\Pochette etienne 2010
[05/01/2010 - 18:18:36 | D ] F:\Recu pour pension Alimentaire dossier
[31/03/2010 - 19:19:26 | N | 132415913] F:\MD400_PC_Final_Software.zip
[09/11/2008 - 14:34:52 | N | 17920] F:\Numéro de Téllépnone .xls
[28/08/2001 - 07:00:00 | N | 43008] F:\wab2002.exe
[05/01/2010 - 18:39:46 | D ] F:\ODS POUR SOPHIE
[19/12/2009 - 15:35:50 | N | 20480] F:\Recette bonhomme.doc
[05/01/2008 - 22:20:26 | N | 20480] F:\Cheats halo 1 2.doc
[05/01/2008 - 22:15:12 | N | 65024] F:\Cheats Halo 1 .doc
[05/01/2008 - 22:25:54 | N | 455] F:\Patch pour Halo Combat Evolved.url
[05/01/2008 - 23:08:14 | N | 228] F:\patch du jeu Halo Combat Evolved telechargement.url
[24/05/2008 - 08:55:10 | N | 1700] F:\Lisez-moi de Halo.lnk
[05/11/2010 - 21:19:08 | D ] H:\2010 Photo ecole
[25/10/2010 - 08:20:13 | N | 1345588] H:\2_basement_crawlspace.pdf
[22/04/2010 - 20:07:15 | D ] H:\A sylvie
[25/10/2010 - 20:38:26 | N | 543102] H:\ass guide Desjardins.pdf
[12/03/2010 - 01:23:53 | RASHD ] H:\autorun.inf
[19/10/2010 - 23:36:50 | N | 17881] H:\Beaudry-Laurence-225x300.jpg
[20/10/2010 - 16:30:11 | N | 96436] H:\Bougie equivalent.pdf
[14/02/2011 - 19:27:45 | D ] H:\Cles usb 8 gig 1 fevr 2011
[22/11/2010 - 22:07:07 | D ] H:\Cles wind xp cuisine
[07/10/2010 - 23:07:32 | N | 25088] H:\Comment pouvez.doc
[25/10/2010 - 08:12:44 | N | 20693] H:\couches-isolation.gif
[31/12/2010 - 12:44:23 | D ] H:\Etienne cossin
[15/10/2010 - 12:07:47 | N | 724640] H:\Floride route maman Saint-An...tif
[25/10/2010 - 19:04:27 | N | 603297] H:\imagehandler.ashx.png
[25/10/2010 - 19:17:24 | N | 80384] H:\Las vegas.doc
[27/01/2011 - 23:14:35 | D ] H:\Logiciel install
[16/01/2011 - 17:53:48 | N | 14021] H:\loraine_n.jpg
[25/10/2010 - 20:44:34 | N | 40448] H:\Maladie 1234.doc
[05/11/2010 - 13:18:06 | N | 47616] H:\Mon drôle de pâté chinois.doc
[24/02/2010 - 15:51:37 | D ] H:\Musique 2
[05/11/2010 - 13:10:16 | D ] H:\Pension Table
[16/11/2010 - 17:08:39 | N | 252928] H:\Perspective historique sur les compositeurs dans les traditions écossaise.doc
[17/11/2010 - 20:54:18 | D ] H:\Petit part
[19/10/2010 - 23:44:20 | D ] H:\Photo
[31/01/2011 - 15:25:06 | D ] H:\Prog Intall
[25/10/2010 - 19:58:43 | N | 628305] H:\RAMQ Services de santé assurés hors Québec.pdf
[15/02/2011 - 12:17:14 | SHD ] H:\RECYCLER
[18/02/2010 - 20:44:26 | SHD ] H:\System Volume Information
[27/10/2010 - 22:07:04 | N | 69968] H:\tico.jpg
[27/10/2010 - 22:05:52 | N | 85067] H:\toci petit.jpg
[25/10/2010 - 19:40:44 | N | 425056] H:\Un bon départ- guide santé voyage.pdf
[25/10/2010 - 19:42:30 | N | 34816] H:\Voyager avec une maladie chronique.doc
[18/02/2010 - 01:42:38 | N | 9872] H:\WLMContacts.csv
[07/02/2001 - 08:22:50 | N | 32415] H:\zmneuve12.jpg

################## | Vaccin |

C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_ANDREFI-130D344.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.

################## | E.O.F |
0
Réponse 6 / 25
Utilisateur anonyme
15 févr. 2011 à 19:08
Télécharge ici :OTL

enregistre le sur ton Bureau.

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.

▶ Coche les 2 cases Lop et Purity

▶ Coche la case devant tous les utilisateurs

▶ règle age du fichier sur "60 jours"

▶ dans les 6 onglets de la moitié gauche , mets tout sur "tous"

ne modifie pas ceci :

"fichiers créés" et "fichiers Modifiés"

▶Clic sur Analyse.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

▶ Copie ce lien dans ta réponse.

▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
0
Réponse 7 / 25
artika Messages postés 103 Date d'inscription jeudi 17 janvier 2008 Statut Membre Dernière intervention 13 juillet 2011
15 févr. 2011 à 20:21
Bonjour

Voici lles deu lien pour les rapport

http://www.cijoint.fr/cjlink.php?file=cj201102/cijQr4CA4A.txt

http://www.cijoint.fr/cjlink.php?file=cj201102/cijQr4CA4A.txt
0
Réponse 8 / 25
Utilisateur anonyme
15 févr. 2011 à 20:34
ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.


▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous "Personnalisation" :


:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:OTL
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
O4 - HKLM\..\Run: [Cmaudio] File not found
O4 - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\..\Run: [] File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)


:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"HonorAutoRunSetting"=1

:Files
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B9A77133

:commands
[emptytemp]
[start explorer]
[reboot]


▶ Clique sur "Correction" pour lancer la suppression.


▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
0
Réponse 9 / 25
artika Messages postés 103 Date d'inscription jeudi 17 janvier 2008 Statut Membre Dernière intervention 13 juillet 2011
15 févr. 2011 à 21:15
Bonjour

Je crois que ca n'a pas fonctionner OLT.exe
ma demander de redémarrer pour terminer la suspression
il a figer il a fallu que
je redémarre manuellement il n'y avait pas de rapport

Merci
0
Réponse 10 / 25
Utilisateur anonyme
15 févr. 2011 à 21:42
C:\_OTL\Moved Files\la_date_et_l'heure.txt
0
Réponse 11 / 25
artika Messages postés 103 Date d'inscription jeudi 17 janvier 2008 Statut Membre Dernière intervention 13 juillet 2011
15 févr. 2011 à 22:50
Bonjour

je crois que ça fonctionne pas
peut-être du a mon pare feu online Amor
ou antivirus
je ne trouve pas le Rapport
même avec Rechercher avec windows
0
Réponse 12 / 25
Utilisateur anonyme
15 févr. 2011 à 23:32
recommence l'operation en mode sans echec

il faut desactiver les protections pour utiliser les outils
0
Réponse 13 / 25
artika Messages postés 103 Date d'inscription jeudi 17 janvier 2008 Statut Membre Dernière intervention 13 juillet 2011
16 févr. 2011 à 00:23
bonjour

Voici le rapport

OTL logfile created on: 2011-02-15 14:03:23 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\andrefi\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 118,26 Gb Total Space | 89,80 Gb Free Space | 75,93% Space Free | Partition Type: NTFS
Drive F: | 7,45 Gb Total Space | 0,18 Gb Free Space | 2,46% Space Free | Partition Type: FAT32
Drive G: | 169,90 Mb Total Space | 12,53 Mb Free Space | 7,38% Space Free | Partition Type: FAT
Drive H: | 15,65 Gb Total Space | 9,59 Gb Free Space | 61,27% Space Free | Partition Type: NTFS

Computer Name: ANDREFI-130D344 | User Name: andrefi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-02-15 13:27:54 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\andrefi\Bureau\OTL.exe
PRC - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2010-08-17 08:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010-07-07 11:53:42 | 003,065,160 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oahlp.exe
PRC - [2010-07-07 11:53:40 | 006,854,984 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oaui.exe
PRC - [2010-07-07 11:53:38 | 003,364,680 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oasrv.exe
PRC - [2010-07-07 11:53:38 | 001,283,400 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oacat.exe
PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2009-09-25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\UTILITAIRE\Seagate Disque dur Free Agent\Sync\FreeAgentService.exe
PRC - [2009-09-11 06:24:32 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-09-11 06:23:46 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009-02-09 06:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2008-10-14 14:47:36 | 000,106,496 | R--- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson MD400 Wireless Modem\wwanSvc.exe
PRC - [2008-04-13 18:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008-04-13 18:34:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2008-04-13 18:34:24 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [EAPSVCS]
PRC - [2008-04-13 18:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2008-04-13 18:34:22 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scardsvr.exe
PRC - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008-04-13 18:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-04-13 18:34:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008-04-13 18:34:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-13 18:33:54 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007-12-06 06:16:00 | 000,493,216 | ---- | M] () -- C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2007-12-06 05:09:38 | 000,905,000 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2007-12-06 05:03:32 | 000,140,568 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
PRC - [2007-12-06 05:03:26 | 000,427,288 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
PRC - [2007-12-06 05:00:32 | 002,616,288 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) -- C:\Graveur et dvd\Nero 7\InCD\InCDsrv.exe
PRC - [2005-08-07 23:54:00 | 000,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2005-03-11 04:33:28 | 000,147,456 | R--- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe
PRC - [2005-03-07 14:33:28 | 000,053,248 | R--- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2005-01-28 13:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
PRC - [2004-05-03 07:18:56 | 000,045,056 | ---- | M] ( ) -- C:\WINDOWS\system32\slserv.exe
PRC - [2001-10-11 12:11:16 | 000,022,560 | ---- | M] () -- C:\Program Files\Le Robert\Le Petit Robert\PRHYPER.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-02-15 13:27:54 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\andrefi\Bureau\OTL.exe
MOD - [2010-08-23 11:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-16 03:44:32 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-27 01:30:01 | 008,518,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-07-16 07:06:19 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2010-07-07 11:53:40 | 000,947,016 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft\Online Armor\oawatch.dll
MOD - [2009-12-08 04:24:28 | 000,474,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-06-25 03:26:32 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-03-21 09:07:58 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-02-26 23:57:11 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2009-02-09 05:53:55 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2009-02-09 05:53:55 | 000,685,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2008-10-23 07:36:51 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008-10-15 11:35:43 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2008-04-13 18:34:36 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008-04-13 18:33:52 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008-04-13 18:33:52 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008-04-13 18:33:50 | 000,734,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008-04-13 18:33:50 | 000,579,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008-04-13 18:33:50 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008-04-13 18:33:50 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008-04-13 18:33:50 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008-04-13 18:33:50 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008-04-13 18:33:50 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008-04-13 18:33:50 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008-04-13 18:33:48 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008-04-13 18:33:42 | 001,005,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008-04-13 18:33:40 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2008-04-13 18:33:40 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008-04-13 18:33:40 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008-04-13 18:33:40 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008-04-13 18:33:38 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008-04-13 18:33:34 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008-04-13 18:33:32 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2008-04-13 18:33:28 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008-04-13 18:33:28 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008-04-13 18:33:26 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008-04-13 18:33:22 | 000,851,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008-04-13 18:33:22 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008-04-13 18:33:22 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008-04-13 18:32:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


[color=#E56717]========== Win32 Services (All) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010-11-12 18:53:22 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010-08-27 00:58:58 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2010-08-17 08:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010-07-07 11:53:38 | 003,364,680 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2010-07-07 11:53:38 | 001,283,400 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft\Online Armor\OAcat.exe -- (OAcat)
SRV - [2009-09-25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\UTILITAIRE\Seagate Disque dur Free Agent\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009-09-11 06:33:18 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-09-11 06:24:32 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-06-10 01:15:17 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2009-02-09 06:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009-02-09 06:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009-02-09 05:53:55 | 000,685,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2009-02-09 05:53:55 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Appel de procédure distante (RPC)
SRV - [2009-02-09 05:53:55 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2008-10-14 14:47:36 | 000,106,496 | R--- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson MD400 Wireless Modem\wwanSvc.exe -- (wwanSvc)
SRV - [2008-07-29 21:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008-07-29 19:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-07-29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008-07-25 11:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-07-25 11:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008-07-07 15:28:20 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008-06-20 12:47:22 | 000,247,808 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) NLA (Network Location Awareness)
SRV - [2008-04-13 18:47:24 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008-04-13 18:34:30 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008-04-13 18:34:28 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008-04-13 18:34:28 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2008-04-13 18:34:26 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008-04-13 18:34:24 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008-04-13 18:34:22 | 000,142,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008-04-13 18:34:22 | 000,100,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008-04-13 18:34:16 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008-04-13 18:34:16 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008-04-13 18:34:14 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008-04-13 18:34:14 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2008-04-13 18:34:12 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008-04-13 18:34:10 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Localisateur d'appels de procédure distante (RPC)
SRV - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008-04-13 18:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008-04-13 18:34:08 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008-04-13 18:34:02 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008-04-13 18:34:02 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008-04-13 18:34:02 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2008-04-13 18:33:58 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008-04-13 18:33:58 | 000,005,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2008-04-13 18:33:54 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008-04-13 18:33:54 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008-04-13 18:33:52 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008-04-13 18:33:52 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008-04-13 18:33:50 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA)
SRV - [2008-04-13 18:33:50 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008-04-13 18:33:50 | 000,178,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008-04-13 18:33:50 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008-04-13 18:33:50 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008-04-13 18:33:50 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008-04-13 18:33:48 | 000,297,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008-04-13 18:33:48 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008-04-13 18:33:48 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008-04-13 18:33:48 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008-04-13 18:33:48 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008-04-13 18:33:42 | 000,194,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008-04-13 18:33:42 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008-04-13 18:33:42 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008-04-13 18:33:42 | 000,135,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008-04-13 18:33:42 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008-04-13 18:33:42 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008-04-13 18:33:40 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008-04-13 18:33:40 | 000,293,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)
SRV - [2008-04-13 18:33:40 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008-04-13 18:33:40 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008-04-13 18:33:40 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008-04-13 18:33:40 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008-04-13 18:33:38 | 000,438,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008-04-13 18:33:36 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008-04-13 18:33:32 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008-04-13 18:33:32 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008-04-13 18:33:30 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
SRV - [2008-04-13 18:33:30 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008-04-13 18:33:28 | 000,332,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008-04-13 18:33:26 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008-04-13 18:33:24 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008-04-13 18:33:24 | 000,127,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008-04-13 18:33:24 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2008-04-13 18:33:24 | 000,033,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost) Service Protocole EAP (Extensible Authentication Protocol)
SRV - [2008-04-13 18:33:24 | 000,024,576 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008-04-13 18:33:22 | 000,077,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008-04-13 18:33:22 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008-04-13 18:33:20 | 000,176,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2008-04-13 18:33:20 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008-04-13 18:33:20 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007-12-06 06:16:00 | 000,493,216 | ---- | M] () [Auto | Running] -- C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2007-12-06 05:03:26 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007-05-15 15:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Running] -- C:\Graveur et dvd\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007-05-08 19:47:22 | 000,271,920 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007-04-13 21:09:56 | 000,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Graveur et dvd\Nero 7\Nero BackItUp\NBService.exe -- (NBService)
SRV - [2005-08-07 23:54:00 | 000,167,936 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2005-01-28 13:44:28 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
SRV - [2005-01-28 13:44:28 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\MsPMSNSv.dll -- (WmdmPmSN)
SRV - [2004-11-24 09:12:36 | 000,425,984 | ---- | M] (ATI Technologies Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2004-05-03 07:18:56 | 000,045,056 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2003-07-28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001-08-28 06:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)


[color=#E56717]========== Driver Services (All) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (PCIIde)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
DRV - [2010-11-02 10:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010-08-26 08:39:50 | 000,357,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010-08-15 23:42:57 | 000,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2010-07-07 11:25:58 | 000,022,600 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2010-07-07 11:25:42 | 000,028,232 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2010-07-07 11:25:38 | 000,236,104 | ---- | M] (Emsisoft) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2010-02-24 08:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2010-02-04 12:38:06 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010-02-04 12:38:06 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010-02-04 12:37:42 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010-02-04 12:37:39 | 000,368,736 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009-10-20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009-09-11 06:26:26 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009-09-11 06:23:50 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009-09-11 06:17:16 | 000,116,008 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009-06-24 06:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008-10-09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008-08-14 05:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2008-08-13 10:52:34 | 000,434,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3mdm2.sys -- (seu3mdm2)
DRV - [2008-08-13 10:52:34 | 000,405,504 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3unic.sys -- (seu3unic) Sony Ericsson MD400g Mobile Broadband Network Adapter (WDM)
DRV - [2008-08-13 10:52:34 | 000,389,376 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3mdm.sys -- (seu3mdm)
DRV - [2008-08-13 10:52:34 | 000,025,984 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3nd5.sys -- (seu3nd5) Sony Ericsson MD400g Mobile Broadband Network Adapter (NDIS)
DRV - [2008-08-13 10:52:34 | 000,014,976 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3mdfl2.sys -- (seu3mdfl2)
DRV - [2008-08-13 10:52:32 | 000,380,800 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3card.sys -- (seu3card)
DRV - [2008-08-13 10:52:32 | 000,307,200 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3bus.sys -- (seu3bus) Sony Ericsson MD400g Mobile Broadband Composite Device driver (WDM)
DRV - [2008-08-13 10:52:32 | 000,014,976 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3mdfl.sys -- (seu3mdfl)
DRV - [2008-08-08 12:47:04 | 000,076,200 | R--- | M] (Sony Ericsson) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3gps.sys -- (seu4gps)
DRV - [2008-08-08 12:45:18 | 000,024,232 | R--- | M] (Sony Ericsson) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seu3scard.sys -- (Sony_EricssonWWSC)
DRV - [2008-06-20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008-04-13 19:34:54 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008-04-13 18:47:24 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008-04-13 18:47:24 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008-04-13 18:47:24 | 000,023,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008-04-13 18:47:24 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008-04-13 18:47:24 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008-04-13 18:47:24 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008-04-13 18:34:56 | 000,139,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008-04-13 18:34:54 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008-04-13 18:34:54 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008-04-13 18:10:04 | 000,073,600 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr)
DRV - [2008-04-13 18:09:54 | 000,120,576 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008-04-13 18:09:48 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI)
DRV - [2008-04-13 18:05:16 | 000,025,216 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008-04-13 18:05:14 | 000,154,496 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio)
DRV - [2008-04-13 18:05:08 | 000,800,256 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008-04-13 18:04:36 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2008-04-13 18:03:28 | 000,040,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008-04-13 18:00:54 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008-04-13 18:00:10 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008-04-13 17:57:40 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008-04-13 17:56:06 | 000,053,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008-04-13 17:52:44 | 000,188,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2008-04-13 13:57:36 | 000,058,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008-04-13 12:17:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008-04-13 12:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008-04-13 11:45:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008-04-13 11:45:36 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008-04-13 11:45:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2008-04-13 11:45:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud) Filtre de décodeur DRM (Noyau Microsoft)
DRV - [2008-04-13 11:45:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008-04-13 11:45:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008-04-13 11:45:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008-04-13 11:45:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2008-04-13 11:39:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV - [2008-04-13 11:39:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK)
DRV - [2008-04-13 11:39:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM)
DRV - [2008-04-13 11:32:52 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008-04-13 11:28:40 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008-04-13 11:21:02 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008-04-13 11:20:44 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008-04-13 11:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008-04-13 11:19:50 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) Miniport réseau étendu (PPTP)
DRV - [2008-04-13 11:19:44 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008-04-13 11:19:44 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) Miniport réseau étendu (L2TP)
DRV - [2008-04-13 11:17:06 | 000,105,344 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2008-04-13 11:15:54 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008-04-13 11:14:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008-04-13 11:14:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008-04-13 10:57:34 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008-04-13 10:57:28 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008-04-13 10:57:28 | 000,010,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008-04-13 10:57:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008-04-13 10:57:16 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008-04-13 10:57:08 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008-04-13 10:56:34 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008-04-13 10:56:04 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008-04-13 10:54:30 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008-04-13 10:53:36 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008-04-13 10:51:26 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008-04-13 10:45:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008-04-13 10:45:36 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008-04-13 10:45:36 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008-04-13 10:44:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008-04-13 10:41:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008-04-13 10:40:50 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008-04-13 10:40:50 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008-04-13 10:40:48 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008-04-13 10:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk)
DRV - [2008-04-13 10:40:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\atapi.sys -- (atapi)
DRV - [2008-04-13 10:40:32 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaide.sys -- (ViaIde)
DRV - [2008-04-13 10:40:26 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008-04-13 10:40:26 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008-04-13 10:40:14 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2008-04-13 10:39:48 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008-04-13 10:39:48 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008-04-13 10:33:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\fltMgr.sys -- (FltMgr)
DRV - [2008-04-13 10:32:46 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008-04-13 10:32:40 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008-04-13 10:32:40 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008-04-13 10:32:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008-04-13 09:39:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec) Suppresseur d'écho acoustique (Noyau Microsoft)
DRV - [2008-04-13 08:39:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008-04-13 06:36:42 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\uagp35.sys -- (uagp35)
DRV - [2007-05-15 15:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007-05-15 15:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007-05-15 15:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2005-12-15 13:57:46 | 001,368,000 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda)
DRV - [2005-11-03 09:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005-08-10 07:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005-05-16 08:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005-04-25 22:22:40 | 000,060,928 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viamraid.sys -- (viamraid)
DRV - [2005-04-22 21:20:28 | 000,226,048 | R--- | M] (Copyright (C) VIA/S3 Graphics Co, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vtmini.sys -- (viagfx)
DRV - [2004-11-24 09:19:54 | 000,872,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004-05-03 07:10:58 | 000,013,920 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)
DRV - [2004-05-03 07:10:50 | 000,632,960 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2004-05-03 07:06:08 | 000,095,768 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2004-05-03 07:03:04 | 000,230,664 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2004-05-03 06:59:14 | 001,302,680 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2004-05-03 06:55:38 | 000,180,640 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2004-05-03 06:44:54 | 000,013,288 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2001-08-28 06:00:00 | 000,126,080 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2001-08-28 06:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2001-08-28 06:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2001-08-28 06:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2001-08-28 06:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001-08-28 06:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2001-08-28 06:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001-08-28 06:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2001-08-28 06:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001-08-28 06:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2001-08-28 06:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2001-08-28 06:00:00 | 000,006,912 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2001-08-28 06:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload)
DRV - [2001-08-28 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2001-08-28 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2001-08-28 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2001-08-28 06:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2001-08-17 21:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001-08-17 16:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001-08-17 15:13:08 | 000,027,165 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fetnd5.sys -- (FETNDIS)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1960408961-2139871995-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "https://forums.commentcamarche.net/forum/affich-20866575-win32-adware-toolbar-dealio"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.1
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010-02-18 03:29:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-04-13 21:21:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\INTERNET\Mozilla Firefox\components [2011-01-07 18:41:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\INTERNET\Mozilla Firefox\plugins [2010-12-16 20:59:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-07-20 10:11:39 | 000,000,000 | ---D | M]

[2010-02-01 19:14:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Extensions
[2010-02-01 19:14:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011-02-14 20:26:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions
[2010-11-04 14:25:10 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010-04-26 21:27:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-09-20 00:21:25 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010-03-02 15:34:46 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2011-02-09 10:08:01 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010-02-26 02:19:08 | 000,002,313 | ---- | M] () -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\searchplugins\downloadhelper-safe-videos.xml
[2010-02-26 02:16:23 | 000,001,011 | ---- | M] () -- C:\Documents and Settings\andrefi\Application Data\Mozilla\Firefox\Profiles\z4id2y6o.default\searchplugins\sideload-search.xml
[2010-04-13 21:22:14 | 000,000,000 | ---D | M] (Jav
0
Réponse 14 / 25
Utilisateur anonyme
16 févr. 2011 à 00:40
ok ben quand ce qu'il faut sera fait , je continuerai
0
Réponse 15 / 25
artika Messages postés 103 Date d'inscription jeudi 17 janvier 2008 Statut Membre Dernière intervention 13 juillet 2011
16 févr. 2011 à 07:20
Bonjour

Excuse moi je viens de comprendre que je viens de faire une bêtise
car j 'ai vu OTL sur mon bureau et je croyait que c'était celui la
Excuse moi encore
Je viens de trouver le Rapport je croie
voici le dernier car il y en a trois

All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-2139871995-1606980848-1003\\Software\Microsoft\Windows\CurrentVersion\Run\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TrueImageMonitor.exe not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"HonorAutoRunSetting"|1 /E : value set successfully!
========== FILES ==========
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:B9A77133 .
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: andrefi
->Temp folder emptied: 513 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 31260285 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 30,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02152011_181042

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Merci encore
0
Réponse 16 / 25
Utilisateur anonyme
16 févr. 2011 à 14:46
salut recommence en mode sans echec car apparement il n'a fonctionné qu'à 20%
0
Réponse 17 / 25
artika Messages postés 103 Date d'inscription jeudi 17 janvier 2008 Statut Membre Dernière intervention 13 juillet 2011
16 févr. 2011 à 16:03
Bonjour

Rapport

All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-1960408961-2139871995-1606980848-1003\\Software\Microsoft\Windows\CurrentVersion\Run\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TrueImageMonitor.exe not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"HonorAutoRunSetting"|1 /E : value set successfully!
========== FILES ==========
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:B9A77133 .
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrateur.ANDREFI-130D344
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: andrefi
->Temp folder emptied: 2046 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 46442211 bytes
->Flash cache emptied: 769 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

Merci pour ton aide

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 44,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 02162011_095234
0
Réponse 18 / 25
Utilisateur anonyme
16 févr. 2011 à 16:10
fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.


▶ Télécharge ici :

Malwarebytes

▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

▶ Potasses le Tuto pour te familiariser avec le prg :


( cela dit, il est très simple d'utilisation ).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

▶ Lance Malwarebyte's .

Fais un examen dit "Complet" .

▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

0
Réponse 19 / 25
artika Messages postés 103 Date d'inscription jeudi 17 janvier 2008 Statut Membre Dernière intervention 13 juillet 2011
16 févr. 2011 à 18:31
bonjour

J'avais déja Malwarebytes installer
j'ai fait la mise a jour
ensuite fait un examen complet mais il bloque après 5 minutes 14
il a analyser 48524 fichier
il bloque a C\8009b68f714b8024\i386\xpssvcs.dll
je ne sais pas si ca peut t'aider
je me demande si il était mieux de désinstaller Malwarebytes
et de télécharger celui que tu me propose
si ça pourrait changer quelque chose
j'ai deux essais il bloque toujours a la même place
j'ai attendu 20 minutes et rien ne change il reste toujours bloquer
48524 fichier

Merci
0
Réponse 20 / 25
Utilisateur anonyme
16 févr. 2011 à 19:10
fais le scan en mode sans echec
0

Discussions similaires

Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
infecté par HackTool:Win32/AutoKMS
fredo1968 -
fredo1968 -

5 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
Que fait le virus LPI Win32 Pup-Gen
Tristan Chrome -
Tristan Chrome -

2 réponses
win32 bogent [susp]
hidalgo -
papajohn -

36 réponses