Dois-je effacer toutes les partitions?

Morgwen · le 04 Sep 2011 00:11

Bonjour.

Je suis affligée d'un PC de marque Acer utilisant Vista. N'ayant jamais pu régler un problème d'espace disque du lecteur C qui disparaît et qui dure depuis presque un an, j'ai décidé de réinstaller mon système. Mes données personnelles sont toutes en sûreté. Sur un autre forum, quelqu'un qui ne fait pas l'unanimité me conseille d'effacer toutes les partitions avant de réinstaller le système car selon lui c'est peut-être un virus qui bouffe tout l'espace du lecteur C et il ne servirait à rien de réinstaller une partition infectée. J'aimerais avoir un autre avis avant d'effacer quoi que ce soit. Mon PC a été scanné, analysé et désinfecté plusieurs fois depuis 1 an. Il y a un fichier en quarantaine en ce moment, selon mon système de sécurité.

Je n'ai pas de disque de sauvegarde, il y a une partition cachée contenant le nécessaires. Mon graveur intégré refuse malheureusement tout les DVD et CD que je met dans le lecteur (il ouvre le tiroir et continue de me demander d'insérer un CD/DVD). Pourtant, je peux sans problème copier et lire des fichiers textes, images, mp3 ou mp4 sur des DVD ou CD. De toute façon, s'il y a un virus, ne va-t-il pas être copié avec le reste? De plus, y-a-t-il une solution pour graver un disque de sauvegarde mise à part l'achat d'un graveur externe? Un logiciel de gravure, je ne sais pas.

Il ne me reste que 350 Mo d'espace disque libre (j'en avait environ 700 Mo ce matin). J'ai redémarré, défragmenté, nettoyé avec CCleaner et désinstallé quelques petits trucs). Je devrais peut-être tenter une réinstallation, juste pour voir si l'espace disque revient, question de tester la théorie du virus.

jeanmimigab · le 04 Sep 2011 11:25

hello,

l'espace disque disponible sur ta partition système est "vivant", il va irrémédiablement diminuer au fil du temps au fur et à mesure que Windows créera des points de restaurations par exemple.
Le seul moyen moyen de remédier à cela est de désactiver/réactiver le service de clichés instantanés ( la restauration )

On va vérifier qu'il n'y ai rien d'infectieux quand même :wink:

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

%temp%\smtmp\1\*.* /s
%temp%\smtmp\2\*.* /s
%temp%\smtmp\4\*.* /s
nslookup http://www.google.fr /c
SAVEMBR:0
NetSvcs
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
netsvcs
/md5start
userinit.exe
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).
* Copie et colle les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Morgwen · le 04 Sep 2011 13:02

Bonjour jeanmimigab

Voici les 2 rapports:

Code: Tout sélectionner: OTL Extras logfile created on: 2011-09-04 07:20:28 - Run 1 OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Stéphanie\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd 894,45 Mb Total Physical Memory | 301,12 Mb Available Physical Memory | 33,67% Memory free 2,00 Gb Paging File | 0,64 Gb Available in Paging File | 32,07% Paging File free Paging file location(s): d:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 53,74 Gb Total Space | 0,35 Gb Free Space | 0,64% Space Free | Partition Type: NTFS Drive D: | 80,65 Gb Total Space | 54,44 Gb Free Space | 67,50% Space Free | Partition Type: NTFS Drive E: | 702,31 Mb Total Space | 612,24 Mb Free Space | 87,17% Space Free | Partition Type: UDF Drive I: | 1,89 Gb Total Space | 0,24 Gb Free Space | 12,59% Space Free | Partition Type: FAT Drive J: | 7,65 Gb Total Space | 0,09 Gb Free Space | 1,23% Space Free | Partition Type: FAT32 Computer Name: PC-DE-STÉPHANIE | User Name: Stéphanie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2334208541-2780428526-1792836687-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2334208541-2780428526-1792836687-1000] "EnableNotifications" = 1 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{3F3E3787-86FB-40C4-8950-BF9B6C299925}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp | "{A344A1C0-4592-4E30-8274-141AB4D8C3E0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{CE943465-184E-44CB-ABC1-2D2F7D034FBA}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp | "{DC66D440-7248-479E-B650-D1DF01964380}" = lport=2869 | protocol=6 | dir=in | app=system | "{DEE5CE6B-532D-4FEC-BCC7-241A738DD968}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{E5111D60-1FAF-4533-A5B6-ED75E52F651A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06C21DEA-8BBC-47EF-9862-50630F166761}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{0E1892D0-A1BA-4AE0-9523-55F224724B90}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{3553C3C9-C965-445B-9E53-E91E9FEBBDEB}" = protocol=6 | dir=in | app=c:\program files\videotron\videotron service agent\servicepointservice.exe | "{4103F052-E003-4490-BD69-3540FA6B3A71}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{4D5AE3AF-3F1C-4580-AAA0-EF24A8044E06}" = protocol=17 | dir=in | app=c:\program files\videotron\videotron service agent\servicepointservice.exe | "{4FDF10B6-8DA0-499A-B9CF-0CE6D8280686}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | "{5B0115C2-E5DA-4E9C-803F-ADAD1491E89E}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{605D9A92-CA13-4695-AF79-BA5101D47754}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe | "{702132FB-7D5F-4BFD-AEFF-7BA050199596}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{7BD08FA2-B80C-4DA7-8B80-3DF24C6E1F44}" = protocol=6 | dir=in | app=c:\program files\videotron\videotron service agent\servicepointservice.exe | "{82D3E6A1-51E6-418D-ACBF-27C817D04A47}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{8EC8F6BC-AE56-4326-8E74-C8EDBC486A01}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{9C46C0D1-C92D-49B2-BCD2-1B79E78865D9}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe | "{9DAF8ECE-ABCA-4DE6-8E4D-904F53713B34}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | "{9E073D10-4853-423D-A917-D708D1AD4EE7}" = protocol=17 | dir=in | app=c:\program files\videotron\videotron service agent\servicepointservice.exe | "{C22105A5-1963-4D5B-9C88-A1ADDCC785BB}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{C9DE9E3B-1B9B-48AA-82AC-076E1FD1E51E}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{D2108991-E9EA-4E14-A6CB-42E7CF5D0178}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{E6866BB3-8C90-4EEF-9863-C67E0571D394}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{F30B0D8F-CC32-4BE9-B123-A607A8D841EC}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "TCP Query User{26DF6D0E-1148-4659-872C-5955478D59DE}C:\windows\lmi2df.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\windows\lmi2df.tmp\lmi_rescue.exe | "UDP Query User{E2D2384F-9271-42BD-8DA9-3965B15C9E80}C:\windows\lmi2df.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\windows\lmi2df.tmp\lmi_rescue.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00911CCB-51C6-4B90-AAE8-F60F9E694CB1}" = RPS RpsCore "{01B0503D-45A2-CCA2-44DF-C716B80B7EB6}" = Catalyst Control Center Graphics Light "{080E275F-67BF-6E44-10A5-6B25BD0C73E6}" = ccc-utility "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management "{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{1A9E151D-05DD-4937-9FDB-82B7140734A5}" = RPS CRT "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{4677674C-59CE-41B0-AA32-44A30A9D1EEB}" = Catalyst Control Center - Branding "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C7F547E-DDE3-51BF-1D2E-04816F30AD66}" = ATI Catalyst Install Manager "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 7.0 with 5.1ch "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger "{6FD29E18-619D-259B-948F-3A65967486A3}" = ccc-core-static "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{7B738CD9-D107-48C7-8E65-2E6639A39C8D}" = PerfectDisk 10 Professional "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{8004E5FD-A3A1-F723-EDAF-D5808A756DDC}" = Catalyst Control Center Graphics Previews Common "{8011B8CD-CD37-5B5D-4423-78D358B70C21}" = ccc-utility "{81E95872-8357-4363-A764-8F98B28340C5}" = Ma-Config.com "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DB9E645-E6DB-A4BB-B18A-265435D13274}" = Catalyst Control Center Graphics Full Existing "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E62F311-A40C-A7B3-C595-FE1E17D838F8}" = Skins "{8E9CF937-2997-4214-97AB-A4596644B95E}" = RPS CRT "{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology "{8FD4407C-A901-092A-EB3C-602B52C361DC}" = Catalyst Control Center "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9738C893-02C6-6694-DD7B-D50CC8D57248}" = Catalyst Control Center Core Implementation "{9A6F4E4F-9FAB-78A2-020B-3DAED3B2E0E1}" = AMD Fuel "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime "{A4BEC8AC-0E57-E1F8-C3C5-01ED0F27ECB9}" = Catalyst Control Center Localization French "{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A91FB756-A9B5-7A88-7637-21B3061B97A7}" = Catalyst Control Center Graphics Full New "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources "{AC76BA86-7AD7-1036-7B44-A81000000003}" = Adobe Reader 8.1.0 - Français "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B1F54B3A-E702-4A28-BDCC-36636FEA5144}" = Services de sécurité Vidéotron "{C24B0741-A616-6C3F-F952-BAC0CE90761F}" = CCC Help English "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C990C769-B469-4AF0-BEAB-758476D4B059}" = RPS PerfectDiskStub "{CAAF4EB9-68E8-6BC9-ADC2-24491B70A84D}" = Catalyst Control Center Graphics Previews Vista "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector (Acer DT) "{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E9BECF5D-5BA8-950F-7757-17D825A37371}" = Catalyst Control Center InstallProxy "{EA34B5D9-A3C9-333A-B1CD-ABCC975FB5EF}" = CCC Help French "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F22B6F59-D6A5-4FA1-A913-D821A9F53DD6}" = RPS CRT "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety "{FCFBA290-CB48-4AF1-A241-2685AEDEDD66}" = Windows Live Family Safety "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "7-Zip" = 7-Zip 9.20 "AbiWord2" = AbiWord 2.8.2 "Acer Assist" = Acer Assist "Acer Registration" = Acer Registration "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "CCleaner" = CCleaner "Digital Editions" = Adobe Digital Editions "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector (Acer DT) "KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full) "LHTTSFRF" = L&H TTS3000 Français "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800 "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mozilla Firefox 6.0.1 (x86 fr)" = Mozilla Firefox 6.0.1 (x86 fr) "MP4 To MP3 Converter_is1" = MP4 To MP3 Converter V3.0.4 "RadialpointClientGateway_is1" = Agent de services Vidéotron 3.7.44 "Subliminal Blaster 2.0" = Subliminal Blaster 2.0 "SyncBack_is1" = SyncBack "WinLiveSuite" = Windows Live [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2334208541-2780428526-1792836687-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "PhotoFiltre" = PhotoFiltre [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-01-06 19:57:00 | Computer Name = PC-de-Stéphanie | Source = MsiInstaller | ID = 11601 Description = Error - 2011-01-06 19:57:06 | Computer Name = PC-de-Stéphanie | Source = MsiInstaller | ID = 11601 Description = Error - 2011-01-06 19:57:06 | Computer Name = PC-de-Stéphanie | Source = MsiInstaller | ID = 11601 Description = Error - 2011-01-06 19:57:07 | Computer Name = PC-de-Stéphanie | Source = MsiInstaller | ID = 11601 Description = Error - 2011-01-06 20:02:37 | Computer Name = PC-de-Stéphanie | Source = WinMgmt | ID = 10 Description = Error - 2011-01-07 08:45:41 | Computer Name = PC-de-Stéphanie | Source = WinMgmt | ID = 10 Description = Error - 2011-01-07 18:46:24 | Computer Name = PC-de-Stéphanie | Source = System Restore | ID = 8193 Description = Error - 2011-01-07 18:46:24 | Computer Name = PC-de-Stéphanie | Source = System Restore | ID = 8210 Description = Error - 2011-01-07 19:51:08 | Computer Name = PC-de-Stéphanie | Source = Microsoft-Windows-RestartManager | ID = 10006 Description = Error - 2011-01-07 20:03:06 | Computer Name = PC-de-Stéphanie | Source = Microsoft-Windows-RestartManager | ID = 10006 Description = [ System Events ] Error - 2011-09-03 20:59:11 | Computer Name = PC-de-Stéphanie | Source = netbt | ID = 4307 Description = L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales. Error - 2011-09-03 20:59:15 | Computer Name = PC-de-Stéphanie | Source = netbt | ID = 4307 Description = L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales. Error - 2011-09-03 22:03:41 | Computer Name = PC-de-Stéphanie | Source = netbt | ID = 4307 Description = L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales. Error - 2011-09-03 22:03:41 | Computer Name = PC-de-Stéphanie | Source = netbt | ID = 4307 Description = L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales. Error - 2011-09-04 00:06:43 | Computer Name = PC-de-Stéphanie | Source = netbt | ID = 4307 Description = L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales. Error - 2011-09-04 00:06:46 | Computer Name = PC-de-Stéphanie | Source = netbt | ID = 4307 Description = L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales. Error - 2011-09-04 06:58:40 | Computer Name = PC-de-Stéphanie | Source = netbt | ID = 4307 Description = L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales. Error - 2011-09-04 06:58:40 | Computer Name = PC-de-Stéphanie | Source = netbt | ID = 4307 Description = L'initialisation a échoué car le transport a refusé d'ouvrir les adresses initiales. Error - 2011-09-04 07:01:03 | Computer Name = PC-de-Stéphanie | Source = Service Control Manager | ID = 7009 Description = Error - 2011-09-04 07:01:03 | Computer Name = PC-de-Stéphanie | Source = Service Control Manager | ID = 7000 Description = < End of report >

Code: Tout sélectionner: OTL logfile created on: 2011-09-04 07:20:28 - Run 1 OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Stéphanie\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd 894,45 Mb Total Physical Memory | 301,12 Mb Available Physical Memory | 33,67% Memory free 2,00 Gb Paging File | 0,64 Gb Available in Paging File | 32,07% Paging File free Paging file location(s): d:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 53,74 Gb Total Space | 0,35 Gb Free Space | 0,64% Space Free | Partition Type: NTFS Drive D: | 80,65 Gb Total Space | 54,44 Gb Free Space | 67,50% Space Free | Partition Type: NTFS Drive E: | 702,31 Mb Total Space | 612,24 Mb Free Space | 87,17% Space Free | Partition Type: UDF Drive I: | 1,89 Gb Total Space | 0,24 Gb Free Space | 12,59% Space Free | Partition Type: FAT Drive J: | 7,65 Gb Total Space | 0,09 Gb Free Space | 1,23% Space Free | Partition Type: FAT32 Computer Name: PC-DE-STÉPHANIE | User Name: Stéphanie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\Stéphanie\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Users\Stéphanie\Desktop\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) PRC - C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe (Radialpoint Inc.) PRC - C:\Program Files\Videotron\Videotron Service Agent\VideotronSA.exe (Vidéotron) PRC - C:\Program Files\Videotron\Videotron Service Agent\VideotronSAComHandler.exe (Radialpoint Inc.) PRC - C:\Users\Stéphanie\Desktop\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.) PRC - C:\Users\Stéphanie\Desktop\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) PRC - C:\Users\Stéphanie\Desktop\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices) PRC - C:\Program Files\Videotron\Services de sécurité Vidéotron\RpsSecurityAwareR.exe (Vidéotron) PRC - C:\Program Files\Videotron\Services de sécurité Vidéotron\rps.exe (Vidéotron) PRC - C:\Program Files\Videotron\Services de sécurité Vidéotron\Fws.exe (Vidéotron) PRC - C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Acer\Empowering Technology\SysMonitor.exe () PRC - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe () PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe () PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - c:\program files\windows defender\MpCmdRun.exe (Microsoft Corporation) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4117485024b0f652b9fbb66ff5025896\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a6d889aa69fd51c100352f23c7cebd22\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5aa9131000876de66160ff713b543d99\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\3.5.4084.42001__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\3.5.4084.42008__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\3.5.4084.42055__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2990.37169__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2990.37168__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2990.37169__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\Program Files\Videotron\Videotron Service Agent\Windows7Features.dll () MOD - C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\boost_log-vc71-mt-1_32.dll () MOD - C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\boost_thread-vc71-mt-1_32.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3009.0__739b31b1908c49e5\Framework.UIComponent.dll () MOD - C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll () MOD - C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll () MOD - C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll () MOD - C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\Program Files\Acer\Empowering Technology\SysMonitor.exe () MOD - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe () MOD - C:\Program Files\Acer\Empowering Technology\Framework.Presenter.dll () MOD - C:\Program Files\Acer\Empowering Technology\fr\Framework.AppBar.resources.dll () MOD - C:\Program Files\Acer\Empowering Technology\Framework.AppBar.dll () MOD - C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.QuickMenu.dll () MOD - C:\Windows\System32\atitmmxx.dll () MOD - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll () [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AMD FUEL Service) -- C:\Users\Stéphanie\Desktop\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft) SRV - (ServicepointService) -- C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe (Radialpoint Inc.) SRV - (scan) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\BitDefender\scan.dll (S.C. BitDefender S.R.L) SRV - (AMD Reservation Manager) -- C:\Users\Stéphanie\Desktop\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices) SRV - (Radialpoint Security Services) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\RpsSecurityAwareR.exe (Vidéotron) SRV - (RP_FWS) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\Fws.exe (Vidéotron) SRV - (RadialpointIDSAgent) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) SRV - (PDEngine) -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (Raxco Software, Inc.) SRV - (PDAgent) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.) SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe () SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft) DRV - (RPSKT) Security Services Driver (x86) -- C:\Windows\System32\drivers\rp_skt32.sys (Radialpoint Inc.) DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices) DRV - (Trufos) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\BitDefender\trufos.sys (BitDefender S.R.L.) DRV - (Profos) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\BitDefender\profos.sys (BitDefender S.R.L.) DRV - (RadialpointIDSDriver) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys (AVG Technologies ) DRV - (RadialpointIDSFilter) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSFilter.sys (AVG Technologies ) DRV - (RadialpointIDSShim) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys (AVG Technologies ) DRV - (RadialpointIDSEH) -- C:\Windows\system32\drivers\AVGIDSEH.sys (AVG Technologies ) DRV - (bdfsfltr) -- C:\Windows\system32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV - (DefragFS) -- C:\Windows\System32\drivers\DefragFs.sys (Raxco Software, Inc.) DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (tvicport) -- C:\Windows\System32\drivers\TVicPort.sys (EnTech Taiwan) DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio) DRV - (ahcix86s) -- C:\Windows\system32\drivers\ahcix86s.sys (AMD Technologies Inc.) DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.foxtab.com/?s=0&chnl=dcom&cd=2XzutBtN2Y1L1QzutDtDtC0F0EtByDzz0EtBtA0EtA0C0DtAtBtN0D0TzutBtDtCtCtDzztCtB&cr=28429302 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data] IE - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.foxtab.com/?s=0&chnl=dcom&cd=2XzutBtN2Y1L1QzutDtDtC0F0EtByDzz0EtBtA0EtA0C0DtAtBtN0D0TzutBtDtCtCtDzztCtB&cr=28429302 IE - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/defaultf.aspx?lang=fr-ca&OCID=iehp IE - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ca IE - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 F3 7C D0 0C C6 CB 01 [binary data] IE - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Foxtab Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://search.foxtab.com/?s=0&chnl=dcom&cd=2XzutBtN2Y1L1QzutDtDtC0F0EtByDzz0EtBtA0EtA0C0DtAtBtN0D0TzutBtDtCtCtDzztCtB&cr=28429302" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Videotron\Videotron Service Agent\nprpspa.dll (Vidéotron) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-09-01 07:23:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-05-31 19:17:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stéphanie\AppData\Roaming\mozilla\Extensions [2011-08-30 10:44:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stéphanie\AppData\Roaming\mozilla\Firefox\Profiles\2nfwlaal.default\extensions [2011-08-30 10:44:12 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Stéphanie\AppData\Roaming\mozilla\Firefox\Profiles\2nfwlaal.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011-07-09 19:10:23 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Stéphanie\AppData\Roaming\mozilla\Firefox\Profiles\2nfwlaal.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011-08-12 08:28:55 | 000,005,421 | ---- | M] () -- C:\Users\Stéphanie\AppData\Roaming\Mozilla\Firefox\Profiles\2nfwlaal.default\searchplugins\Foxtab Web Search.xml [2011-06-14 09:30:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2011-06-14 09:30:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- C:\USERS\STÃ©PHANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2NFWLAAL.DEFAULT\EXTENSIONS\{1018E4D6-728F-4B20-AD56-37578A4DE76B} File not found (No name found) -- C:\USERS\STÃ©PHANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2NFWLAAL.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7} File not found (No name found) -- C:\USERS\STÃ©PHANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2NFWLAAL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI File not found (No name found) -- C:\USERS\STÃ©PHANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2NFWLAAL.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI File not found (No name found) -- C:\USERS\STÃ©PHANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2NFWLAAL.DEFAULT\EXTENSIONS\TRACKERBLOCK@PRIVACYCHOICE.ORG.XPI [2009-10-07 16:13:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011-09-01 07:23:11 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-08-19 07:44:18 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011-08-19 07:44:18 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011-08-19 07:44:18 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011-08-19 07:44:18 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011-08-19 07:44:18 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011-08-19 07:44:18 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011-02-06 10:29:04 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) O3 - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found. O3 - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe () O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe () O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer\Acer Registration\ACE1.exe (Leader Technologies) O4 - HKLM..\Run: [EmpoweringTechnology] File not found O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Users\Stéphanie\Desktop\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [VideotronSA.exe] C:\Program Files\Videotron\Videotron Service Agent\VideotronSA.exe (Vidéotron) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\..Trusted Domains: live.com ([by111w.bay111.mail] https in Trusted sites) O15 - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-2334208541-2780428526-1792836687-1000\..Trusted Domains: mcafee.com ([]https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C8CEFB3-EFDC-4798-B651-FA38ECEAD82E}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: D:\Créations 2\Fond d'écran\fleur rouge2.jpg O24 - Desktop BackupWallPaper: D:\Créations 2\Fond d'écran\fleur rouge2.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]eDataSecurity Loader[/b] - hkey= - key= - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated) MsConfig - StartUpReg: [b]RemoteControl[/b] - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) MsConfig - StartUpReg: [b]Windows Defender[/b] - hkey= - key= - File not found MsConfig - State: "services" - 2 MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: Radialpoint Security Services - C:\Program Files\Videotron\Services de sécurité Vidéotron\RpsSecurityAwareR.exe (Vidéotron) SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: ServicepointService - C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe (Radialpoint Inc.) SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: Radialpoint Security Services - C:\Program Files\Videotron\Services de sécurité Vidéotron\RpsSecurityAwareR.exe (Vidéotron) SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: ServicepointService - C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe (Radialpoint Inc.) SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-09-04 07:12:52 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Stéphanie\Desktop\OTL.exe [2011-09-04 07:02:07 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{22C03D8C-A31E-471C-9D5D-34F26A2CFABB} [2011-09-04 07:01:45 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{69FF3E08-DA9C-4E38-ADD7-476A33E6D47B} [2011-09-04 06:59:14 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD [2011-09-03 18:32:24 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{BEF6EB16-098F-46F7-932D-59F484BE5157} [2011-09-03 18:31:59 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{60C3D888-8B32-485C-A9A5-A85E24F8839F} [2011-09-03 07:12:21 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{7537439D-645A-448A-85C7-C9048FA3073D} [2011-09-03 07:09:57 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{977FDFDF-60E4-42FB-B37A-1D5160214519} [2011-09-02 07:04:20 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{E3CE9E74-C60B-4F5C-8AA5-9E4DCF12F1DA} [2011-09-01 07:09:05 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{679ACB3C-32B0-4D1E-8998-834F60E31766} [2011-09-01 07:08:14 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{430CEEE3-9489-45F0-9A1C-036BD8B94352} [2011-08-31 16:10:20 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{7ED00A1F-328F-4A07-ADAA-BA9933F0D7A5} [2011-08-31 16:05:58 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{E871B70F-C8C4-46D9-87E2-710F80DD0D71} [2011-08-31 07:00:15 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{3A79FAB7-5EBA-46FC-871E-AA6B2F1ECF03} [2011-08-31 06:59:38 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{8CDBCAFF-0330-42D9-8818-5EE8DBB7A3AD} [2011-08-30 06:52:48 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{B187BA6E-6CC2-4C49-960A-A0E24F6D612E} [2011-08-29 07:29:38 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{404E0F87-AF2C-432F-B1D5-E52543DEBD64} [2011-08-29 07:29:15 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{365C2B9D-B457-4856-9384-4658922FCBF9} [2011-08-28 08:37:12 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{176F1E50-4F2F-4213-AA10-C59CAE4B846D} [2011-08-28 08:34:27 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{04E61F90-C2B6-4919-97E5-42B3A3CF4BB1} [2011-08-27 12:07:01 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{84CAAFFE-BEA8-4420-A451-F1C8D62504DC} [2011-08-27 12:06:16 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{CF91CDC5-10E4-4007-85AB-5C88E1350157} [2011-08-27 07:30:18 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{1DD0BECE-6911-4F5B-9591-29635FF4E969} [2011-08-26 08:48:24 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{9436CEBA-6CDC-4A1C-8C27-66A02CF64B47} [2011-08-26 08:44:34 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{0C99EF56-FCBB-47E3-AC90-DD516BD5750E} [2011-08-25 09:23:45 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{21EEC1B0-DA41-456B-99A1-4510ACB51E67} [2011-08-25 07:16:06 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{46B55D33-7A38-4105-863B-337766B650E4} [2011-08-25 07:15:47 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{27498015-729B-431A-A375-258F3A291F04} [2011-08-24 07:26:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011-08-21 07:19:20 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{F1A0FE82-BBD2-43A0-8A6A-EBF6E88EB2A3} [2011-08-21 07:17:51 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{02F2F48A-2DC1-4C44-8AEE-4639EC648143} [2011-08-17 20:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media [2011-08-17 20:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Oberon Media [2011-08-17 20:48:15 | 000,427,872 | ---- | C] (Oberon Media Inc.) -- C:\Users\Stéphanie\Desktop\Backspin_Billards-setup.s111543617.c110005373.uBA6A21AFD5A62635.dl.exe [2011-08-16 14:53:43 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{5BBDBB1D-E476-408F-AB57-4B8F8052426C} [2011-08-16 14:53:05 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{A8473ACB-CA7B-42B1-BED8-1F7242071FB3} [2011-08-14 22:14:01 | 007,812,840 | ---- | C] (VS Revo Group ) -- C:\Users\Stéphanie\Desktop\RevoUninProSetup.exe [2011-08-14 19:20:18 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{9C2570F3-5F2D-4843-BF9F-001C256ECBF5} [2011-08-14 19:19:39 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{FEEA0B77-7EE4-4D23-8BEE-0215B95C8BCA} [2011-08-13 18:56:25 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{A6F3BBD0-F770-4D3B-824C-4E4022C83842} [2011-08-13 18:55:43 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{3DCECA6F-E116-4561-A55F-BCD3EE6AE37B} [2011-08-13 18:23:54 | 000,221,184 | ---- | C] (Prassi Software) -- C:\Windows\InZU31.exe [2011-08-13 18:22:36 | 006,116,660 | ---- | C] (Prassi Software) -- C:\Users\Stéphanie\Desktop\ONES Trial Setup (EFIGS).exe [2011-08-13 17:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP [2011-08-13 09:35:19 | 005,015,880 | ---- | C] (Canneverbe Limited ) -- C:\Users\Stéphanie\Desktop\cdburnerxp-pro_cdburnerxp_pro_4.3.8.2568_slim_francais_18424.exe [2011-08-12 08:19:19 | 000,454,120 | ---- | C] (CBS Interactive) -- C:\Users\Stéphanie\Desktop\cnet_pdr6free_exe.exe [2011-08-12 07:38:29 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{A71BCA82-CAFD-4E0E-B1E8-0D2E2978000E} [2011-08-11 22:47:54 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\Desktop\Users [2011-08-11 07:39:33 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{EDE2C3BD-997A-4F90-A958-959019B5EDEE} [2011-08-11 07:36:12 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{FB013424-B0F1-4941-A8B6-B23B0EFAD1ED} [2011-08-11 03:15:02 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011-08-11 03:15:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011-08-11 03:14:59 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011-08-11 03:14:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-08-11 03:14:54 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011-08-10 08:29:50 | 385,727,264 | ---- | C] (Nero AG) -- C:\Users\Stéphanie\Desktop\nero-10_nero_10.6.11300_francais_45172.exe [2011-08-10 08:15:05 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2011-08-10 08:13:29 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011-08-10 08:13:28 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011-08-09 13:47:32 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Roaming\DeepBurner [2011-08-09 13:47:06 | 000,000,000 | ---D | C] -- C:\Program Files\Astonsoft [2011-08-07 21:57:50 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{D333E317-20FC-4DEE-AEF8-134C93CEFCB2} [2011-08-07 21:57:28 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{B1CA7F99-2D88-4DE1-86CE-882C97B5A025} [2011-08-07 00:44:01 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\Option [2011-08-07 00:37:13 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{F233F9E8-E49D-4893-A21F-CFFC3262D9B0} [2011-08-06 20:14:39 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{0908650C-E61C-485D-AEE2-9DA60F00617F} [2011-08-06 20:14:24 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{D2ECC7D0-AF01-4556-A3B5-EDBEFBB30374} [2011-08-06 07:50:27 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{D228BE27-32C4-4DC3-9411-446ADF342BD7} [2011-08-06 07:48:42 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{815C933F-B40D-4A94-A33C-7899AD997A0B} [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-09-04 07:22:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011-09-04 07:13:12 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Stéphanie\Desktop\OTL.exe [2011-09-04 07:05:05 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-09-04 06:59:51 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-09-04 06:58:34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-09-04 06:58:34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-09-04 06:58:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-09-03 18:26:23 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2011-09-03 17:42:26 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011-09-03 17:42:26 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-09-03 17:42:26 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011-09-03 17:42:26 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-09-03 13:19:45 | 000,000,800 | ---- | M] () -- C:\Windows\System32\PDBootState [2011-08-31 07:35:52 | 000,035,318 | ---- | M] () -- C:\Users\Stéphanie\AppData\Roaming\wklnhst.dat [2011-08-25 09:51:59 | 265,947,971 | ---- | M] () -- C:\Users\Stéphanie\Documents\Ma sauvegarde.zip [2011-08-25 07:42:17 | 002,405,118 | ---- | M] () -- C:\Users\Stéphanie\Desktop\Musique majong.mp3 [2011-08-25 07:10:09 | 000,323,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-08-17 20:48:24 | 000,427,872 | ---- | M] (Oberon Media Inc.) -- C:\Users\Stéphanie\Desktop\Backspin_Billards-setup.s111543617.c110005373.uBA6A21AFD5A62635.dl.exe [2011-08-16 07:52:00 | 000,071,680 | ---- | M] () -- C:\Users\Stéphanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-08-14 22:14:32 | 007,812,840 | ---- | M] (VS Revo Group ) -- C:\Users\Stéphanie\Desktop\RevoUninProSetup.exe [2011-08-13 18:26:12 | 000,001,742 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2011-08-13 09:35:37 | 005,015,880 | ---- | M] (Canneverbe Limited ) -- C:\Users\Stéphanie\Desktop\cdburnerxp-pro_cdburnerxp_pro_4.3.8.2568_slim_francais_18424.exe [2011-08-12 08:19:42 | 000,454,120 | ---- | M] (CBS Interactive) -- C:\Users\Stéphanie\Desktop\cnet_pdr6free_exe.exe [2011-08-10 08:40:24 | 385,727,264 | ---- | M] (Nero AG) -- C:\Users\Stéphanie\Desktop\nero-10_nero_10.6.11300_francais_45172.exe [2011-08-07 23:59:41 | 000,114,023 | ---- | M] () -- C:\Users\Stéphanie\Documents\Couponmom.pdf [2011-08-07 23:56:20 | 000,114,023 | ---- | M] () -- C:\Users\Stéphanie\Documents\cf005a935662f44bd26e808ed7d033d9ea176f14.pdf [2011-08-07 23:52:13 | 000,114,022 | ---- | M] () -- C:\Users\Stéphanie\Documents\Coupon orthèses.pdf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-09-04 07:22:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011-08-25 09:50:35 | 265,947,971 | ---- | C] () -- C:\Users\Stéphanie\Documents\Ma sauvegarde.zip [2011-08-13 17:38:48 | 000,001,742 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2011-08-13 17:38:46 | 000,001,688 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2011-08-11 22:46:18 | 135,855,986 | ---- | C] () -- C:\Users\Stéphanie\Desktop\Ma sauvegardemini.zip [2011-08-07 23:59:41 | 000,114,023 | ---- | C] () -- C:\Users\Stéphanie\Documents\Couponmom.pdf [2011-08-07 23:56:20 | 000,114,023 | ---- | C] () -- C:\Users\Stéphanie\Documents\cf005a935662f44bd26e808ed7d033d9ea176f14.pdf [2011-08-07 23:52:13 | 000,114,022 | ---- | C] () -- C:\Users\Stéphanie\Documents\Coupon orthèses.pdf [2011-07-23 17:00:39 | 000,323,544 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2011-05-31 19:17:05 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011-04-29 18:13:13 | 000,000,490 | ---- | C] () -- C:\Windows\wininit.ini [2011-03-21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2011-02-13 22:49:47 | 000,000,809 | ---- | C] () -- C:\Windows\NTIWVEDT.INI [2011-02-13 22:48:41 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI [2010-09-13 11:15:21 | 000,035,318 | ---- | C] () -- C:\Users\Stéphanie\AppData\Roaming\wklnhst.dat [2010-07-10 13:06:25 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-07-10 13:06:23 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-07-10 13:06:17 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-07-10 13:06:17 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-07-10 13:06:13 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-05-11 22:42:04 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat [2010-05-11 15:46:35 | 000,003,750 | ---- | C] () -- C:\Windows\cool.ini [2010-05-11 15:44:42 | 000,082,398 | ---- | C] () -- C:\Windows\c96unins.exe [2010-02-25 12:05:13 | 000,073,728 | ---- | C] () -- C:\Windows\unacev2.dll [2009-10-21 13:20:08 | 000,005,504 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen_x86.sys [2009-10-13 08:18:01 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009-10-09 18:13:42 | 158,905,632 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat [2009-10-07 16:48:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-10-07 16:48:50 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009-01-23 15:25:33 | 000,071,680 | ---- | C] () -- C:\Users\Stéphanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-12-12 08:42:18 | 000,001,356 | ---- | C] () -- C:\Users\Stéphanie\AppData\Local\d3d9caps.dat [2008-12-06 21:32:08 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008-12-06 16:23:09 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini [2008-12-06 16:23:08 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini [2008-12-06 12:47:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2008-05-09 01:25:46 | 000,749,568 | ---- | C] () -- C:\Windows\AcerStore.exe [2008-04-09 02:14:46 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2008-04-09 02:14:45 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008-04-09 02:14:43 | 000,168,886 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2008-04-09 02:14:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2008-03-16 17:59:35 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2008-03-16 17:59:35 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2008-03-16 17:23:17 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2008-03-16 17:20:40 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2008-03-16 17:20:40 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2008-03-16 17:20:40 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat [2008-01-21 03:23:37 | 000,678,804 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2008-01-21 03:23:37 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2008-01-21 03:23:37 | 000,126,420 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2008-01-21 03:23:37 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2006-11-02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 06:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 06:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001-12-26 11:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001-09-03 18:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001-07-30 11:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001-07-23 17:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll [color=#E56717]========== LOP Check ==========[/color] [2011-07-29 19:18:29 | 000,000,000 | -HSD | M] -- C:\Users\Stéphanie\AppData\Roaming\.# [2008-12-06 16:10:09 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Acer [2008-03-16 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Acer GameZone Console [2009-10-14 18:00:49 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Big Fish Games [2011-06-11 20:04:02 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Canneverbe Limited [2010-01-08 22:44:51 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Coby [2011-07-29 17:28:04 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Coby Media Manager [2011-08-10 09:10:16 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\DeepBurner [2011-07-29 15:18:28 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\eSobi [2010-05-11 17:49:07 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Gaijin Ent [2010-05-12 10:09:41 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\inkscape [2009-10-15 11:18:42 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\iWin [2011-07-23 14:21:11 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\JAM Software [2008-12-06 16:09:41 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Leadertech [2010-03-07 13:40:40 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\OpenOffice.org [2010-02-12 21:48:21 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\PhotoFiltre [2010-09-13 11:15:31 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Template [2010-05-08 13:01:05 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Videotron [2011-09-03 18:19:52 | 000,032,528 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %temp%\smtmp\1\*.* /s >[/color] [color=#A23BEC]< %temp%\smtmp\2\*.* /s >[/color] [color=#A23BEC]< %temp%\smtmp\4\*.* /s >[/color] [color=#A23BEC]< nslookup http://www.google.fr /c >[/color] No captured output from command... [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [2009-10-23 13:25:54 | 000,285,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\drivers\bdfsfltr.sys [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color] [color=#A23BEC]< %APPDATA%\*. >[/color] [2011-07-29 19:18:29 | 000,000,000 | -HSD | M] -- C:\Users\Stéphanie\AppData\Roaming\.# [2008-12-06 16:10:09 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Acer [2008-03-16 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Acer GameZone Console [2011-04-29 20:19:23 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Adobe [2011-04-13 16:10:33 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\ATI [2009-10-14 18:00:49 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Big Fish Games [2011-06-11 20:04:02 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Canneverbe Limited [2010-01-08 22:44:51 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Coby [2011-07-29 17:28:04 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Coby Media Manager [2011-08-10 09:10:16 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\DeepBurner [2011-07-29 15:18:28 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\eSobi [2010-05-11 17:49:07 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Gaijin Ent [2011-04-13 17:00:47 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Google [2008-12-06 16:08:59 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Identities [2010-05-12 10:09:41 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\inkscape [2009-01-14 19:37:36 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\InstallShield [2009-10-15 11:18:42 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\iWin [2011-07-23 14:21:11 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\JAM Software [2008-12-06 16:09:41 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Leadertech [2008-12-06 16:23:08 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Macromedia [2010-03-20 12:41:40 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Malwarebytes [2009-01-14 17:07:15 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\McAfee [2011-08-07 22:03:25 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Media Player Classic [2011-06-11 21:49:54 | 000,000,000 | --SD | M] -- C:\Users\Stéphanie\AppData\Roaming\Microsoft [2011-05-31 19:17:33 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Mozilla [2010-03-07 13:40:40 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\OpenOffice.org [2010-02-12 21:48:21 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\PhotoFiltre [2009-10-13 14:20:32 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Sony Corporation [2010-09-13 11:15:31 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Template [2010-05-08 13:01:05 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Videotron [2008-12-09 18:24:58 | 000,000,000 | ---D | M] -- C:\Users\Stéphanie\AppData\Roaming\Yahoo! [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2011-04-29 18:10:49 | 000,117,427 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Stéphanie\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\digitaleditions\digitaleditions.exe [2009-10-13 12:09:09 | 000,010,134 | R--- | M] () -- C:\Users\Stéphanie\AppData\Roaming\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe [2009-05-05 12:19:00 | 000,068,608 | ---- | M] (Radialpoint Inc.) -- C:\Users\Stéphanie\AppData\Roaming\Videotron\Videotron Service Agent\downloads\Videotron_FF.6334.zip.dir\all\tools\RpsInstallerFinder.exe [2011-01-14 17:37:34 | 000,216,064 | ---- | M] (Radialpoint Inc.) -- C:\Users\Stéphanie\AppData\Roaming\Videotron\Videotron Service Agent\downloads\Videotron-RPS-SA_Rec-Det_IE-R48-T15.41.zip.dir\CampaignEmulator\CampaignEmulator.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008-01-20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys [2008-01-20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008-01-20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008-01-20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008-01-20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008-01-20 22:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006-11-02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: AHCIX86S.SYS >[/color] [2007-12-19 02:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\ACER\Preload\msdrv\ahcix86s.sys [2007-12-19 02:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\drivers\ahcix86s.sys [2007-12-19 02:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_864d20f0\ahcix86s.sys [2007-08-08 00:55:08 | 000,122,880 | ---- | M] (Promise Technology, Inc.) MD5=4283A0F3A9557EB133D2BA8979747A77 -- C:\ACER\Preload\Autorun\DRV\ATI Chipset RS780 RS740+SB700\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys [2007-08-08 12:55:08 | 000,122,880 | ---- | M] (Promise Technology, Inc.) MD5=4283A0F3A9557EB133D2BA8979747A77 -- C:\Users\Stéphanie\Desktop\CHIPSET\PACKAGES\DRIVERS\SBDRV\SB6XX\RAID\LH\AHCIX86S.SYS [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-04-11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys [2009-04-11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009-04-11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009-04-11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008-01-20 22:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008-01-20 22:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006-11-02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008-02-22 00:59:12 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=76D70915EB81608DC6ACA87887FAB38F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22120_none_ddac250d3ab7a648\atapi.sys [2008-02-22 01:03:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=92210921EEFC081693F649C3631DEEC2 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_3d9c5057\atapi.sys [2008-02-22 01:03:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=92210921EEFC081693F649C3631DEEC2 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18023_none_dd25892021975283\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2008-01-20 22:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys [2008-01-20 22:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys [2009-04-11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys [2009-04-11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys [2009-04-11 00:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys [2006-11-02 04:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2006-11-02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll [2006-11-02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006-11-02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2009-04-11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys [2009-04-11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys [2009-04-11 02:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys [2008-01-20 22:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys [2008-01-20 22:32:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys [2006-11-02 05:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2007-01-12 17:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\Cyberlink\PowerDirector\EventLog.dll [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2008-01-20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008-01-20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008-01-20 22:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006-11-02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-04-11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\ERDNT\cache\ndis.sys [2009-04-11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009-04-11 02:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008-01-20 22:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009-04-11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll [2009-04-11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009-04-11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008-01-20 22:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2006-11-02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008-01-20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008-01-20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008-01-20 22:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2008-01-20 22:34:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys [2008-01-20 22:34:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2009-04-11 00:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\System32\drivers\rdpwd.sys [2009-04-11 00:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6002.18005_none_4d610153d22453a6\rdpwd.sys [2008-01-20 22:34:38 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6001.18000_none_4b758847d502885a\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008-01-20 22:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009-04-11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll [2009-04-11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009-04-11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2006-11-02 04:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\drivers\sfloppy.sys [2006-11-02 04:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys [2008-01-20 22:32:45 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys [2008-01-20 22:32:45 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2008-04-26 04:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys [2009-04-11 02:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys [2009-12-08 16:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys [2009-08-15 17:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys [2009-08-14 13:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys [2011-06-17 16:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\System32\drivers\tcpip.sys [2011-06-17 16:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys [2010-02-18 07:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys [2010-02-18 10:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys [2009-08-14 10:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys [2009-12-08 16:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys [2010-02-18 10:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys [2010-02-18 08:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys [2009-12-08 16:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys [2010-06-16 11:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys [2009-08-14 12:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys [2011-06-17 16:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys [2010-06-16 12:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys [2010-06-16 11:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys [2008-04-26 04:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys [2009-12-08 13:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys [2009-08-14 13:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys [2010-02-18 13:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys [2010-06-16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\ERDNT\cache\tcpip.sys [2010-06-16 12:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys [2009-12-08 13:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys [2010-02-18 10:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys [2009-12-08 16:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys [2008-01-20 22:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys [2009-08-14 12:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2008-01-20 22:33:45 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys [2008-01-20 22:33:45 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008-01-20 22:33:45 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys [2008-01-20 22:33:45 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2006-11-02 05:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\drivers\usbprint.sys [2006-11-02 05:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys [2008-01-20 22:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys [2008-01-20 22:32:48 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2008-01-20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_0bb72b9f\usbscan.sys [2008-01-20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys [2008-01-20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys [2008-01-20 22:32:53 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys [2006-11-02 05:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008-01-20 22:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe [2008-01-20 22:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008-01-20 22:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2009-11-27 22:15:54 | 000,000,036 | ---- | M] ()(C:\Windows\System32\????????????????????????????????????????????g) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜摩潥牴湯卜牥楶散⁳敤猠揩牵瑩⃩楖瑯潲屮慓敦潃湮捥屴潃普杩塜楖睥挮湯楦g [2009-10-09 18:10:50 | 000,000,036 | ---- | C] ()(C:\Windows\System32\????????????????????????????????????????????g) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜摩潥牴湯卜牥楶散⁳敤猠揩牵瑩⃩楖瑯潲屮慓敦潃湮捥屴潃普杩塜楖睥挮湯楦g [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:B623B5B8 @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:9F683177 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:FEBEC560 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:E36F5B57 @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:4BB26BE9 @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:861A898F @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:9E22BBE8 @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:131C0EE9 @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:580E04D8 @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:4F636E25 @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:FC420CE6 < End of report >

routman54 · le 04 Sep 2011 13:21

Bonjour Jeanmimigab ,
Notre amie a dèjà suivi un peu de nos conseils et je croie que Bernard l'a pris en charge par la suite et n'a rien diagnostiquè.
Je viens de remarquer qu'elle t'as envoyè ses rapports , là c'est ton domaine .
Moi je lui suggèrerè d'installer un second HDD ou en mettre un portable ce qui lui permettrai d'allèger son disque système, il est vrai que lorsqu'il y a peu de place tu as l'impression que ça diminue très vite.
Ses document elle peut aisèment les dèplacer avec un logiciel tel que Easus c'est en anglais mais notre amie étant canadienne je ne pense pas que celà lui posera problème et il est très facile, je viens de le trouver et de m'en servir pour modifier une partition système ,il lui faut un certain temps (env:1h) mais je n'ai eu aucun soucis .
Bon dimanche et bonne continuation.

Morgwen · le 04 Sep 2011 13:44

@routman54

Moi je lui suggèrerè d'installer un second HDD ou en mettre un portable ce qui lui permettrai d'allèger son disque système, il est vrai que lorsqu'il y a peu de place tu as l'impression que ça diminue très vite.

Que suis-je censé mettre dans ce HDD? Mon lecteur C a été vidé de tout ce que j'y avais mis, il ne reste que les trucs qu'il y avait déjà dessus. Dois-je aussi transférer le reste? Qui est l'imbécile qui a conçu un ordinateur qui finit par ne plus être utilisable après même pas 3 ans lorsqu'on l'utilise normalement??? Quelle entreprise d'électroménagers ne ferait pas faillite s'il fallait acheter une glacière ou un tiroir à légumes supplémentaire après 3 ans parce que l'espace de stockage rétréci?

Ses document elle peut aisèment les dèplacer avec un logiciel tel que Easus c'est en anglais mais notre amie étant canadienne je ne pense pas que celà lui posera problème

Je parle seulement un anglais de base, je suis loin d'être parfaitement bilingue. Quant à mon "anglais informatique", il est pratiquement inexistant. Dès qu'on parle d'informatique, c'est tout juste si j'arrive à comprendre en français.

Si je réinstalle mon système, est-ce qu'il pourrait y avoir des effets positifs? S'il s'avère qu'il n'y a pas de virus, est-ce que ça n'est pas censé remettre mon PC dans l'état où il était le jour maudis où je me le suis procuré sous l'effet combiné de l'ignorance et des difficultés financières?

Que penser de la théorie de celui qui me conseille d'effacer toutes les partitions avant de réinstaller le système car il croit qu'un virus ultrarésistant se cache quelques part et bouffe mon espace?

Ask to Old Man · le 04 Sep 2011 14:50

Bonjour,

Morgwen a écrit:Qui est l'imbécile qui a conçu un ordinateur qui finit par ne plus être utilisable après même pas 3 ans

Ça je sais y répondre... ... Ce n'est pas un imbécile mais au moins deux!!
Le premier s’appelle Acer qui vend des machines en mousse, en faisant croire qu'il s'agit de PC,
Le second s'appelle Microsoft avec son Vista bugué dès la mise en commercialisation.

Je rajouterai à ceci que ta machine ayant duré trois ans, c'est rare !! Mais si l'on tient compte que cela fait
plus ou moins un an que ce truc boiteux te prend la tête, il n'aura fonctionné peu ou prou deux.

C'est normal pour ce matos, il a largement dépassé la date limite de consommation. Notre ami Routman
en sait quelque chose, pour en rendre un (Acer) fonctionnel, il lui aura fallu quasiment tout changer à l'intérieur.

Je ne t'en dirais pas plus, j'ai totalement l'impression de perdre mon temps avec ces bouses.

jeanmimigab · le 04 Sep 2011 15:07

hello tlm,

ben pas grand choses de méchant...fais quand même cela stp...

Je vois que tu as déplacé pagefile.sys sur "D:\" >> Paging file location(s): d:\pagefile.sys , c'est bien

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:FEBEC560
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:4BB26BE9
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:9E22BBE8
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:131C0EE9
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:FC420CE6
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
:Commands
[clearrestorepoints]
[emptytemp]
[EMPTYFLASH]

* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport va s'ouvrir
* Copie et colle le rapports dans ta réponse stp...

ensuite...

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

%systemdrive%\*.sys

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scanne un rapport va s'ouvrir "OTL.Txt"
* Poste le rapport dans ta réponse stp...
* Au cas où, tu peux le retrouver dans le dossier C:\OTL

d'effacer toutes les partitions avant de réinstaller le système car il croit qu'un virus ultrarésistant se cache quelques part et bouffe mon espace?

Dans ton cas cela ne sert à rien, car le MBR ne sera pas ré-écris par le processus de restauration Acer qui se contentera de restaurer une image disque sur ta partiton "C:\" et si part hasard un exécutable infectieux serait sur la partition "D:\", vue qu'il n'y a pas de fichier Autorun.inf sur celle-ci et que tous les éventuels points de lancement seront supprimés par la restauration de la partition "C:\", l'infection ne pourra pas se réinstaller.

Morgwen · le 04 Sep 2011 15:36

@jeanmimigab

Voilà les 2 derniers rapports:

Code: Tout sélectionner: All processes killed ========== OTL ========== ADS C:\ProgramData\TEMP:B623B5B8 deleted successfully. ADS C:\ProgramData\TEMP:9F683177 deleted successfully. ADS C:\ProgramData\TEMP:FEBEC560 deleted successfully. ADS C:\ProgramData\TEMP:E36F5B57 deleted successfully. ADS C:\ProgramData\TEMP:4BB26BE9 deleted successfully. ADS C:\ProgramData\TEMP:861A898F deleted successfully. ADS C:\ProgramData\TEMP:9E22BBE8 deleted successfully. ADS C:\ProgramData\TEMP:131C0EE9 deleted successfully. ADS C:\ProgramData\TEMP:580E04D8 deleted successfully. ADS C:\ProgramData\TEMP:4F636E25 deleted successfully. ADS C:\ProgramData\TEMP:FC420CE6 deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. ========== COMMANDS ========== Error: Unable to interpret <[clearrestorepoints]> in the current context! [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes User: Stéphanie ->Temp folder emptied: 447147 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 21486576 bytes ->FireFox cache emptied: 45528601 bytes ->Flash cache emptied: 123320 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 96864 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 4220 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 65,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Public User: Stéphanie ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.27.0 log created on 09042011_102334 Files\Folders moved on Reboot... File\Folder C:\Users\Stéphanie\AppData\Local\Temp\ZKT{6D964A3F-ABBF-48FB-B484-6C7B52C07EE9}.tmp not found! File\Folder C:\Windows\temp\ZKT{C42BB8E9-5E75-4AD8-9A50-A6D8F068188A}.tmp not found! C:\Windows\temp\ZKT{E622AAC3-A6C8-405B-970F-4D1728CACC58}.tmp moved successfully. Registry entries deleted on Reboot...

Code: Tout sélectionner: OTL logfile created on: 2011-09-04 10:37:46 - Run 2 OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Stéphanie\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd 894,45 Mb Total Physical Memory | 89,15 Mb Available Physical Memory | 9,97% Memory free 2,01 Gb Paging File | 0,43 Gb Available in Paging File | 21,42% Paging File free Paging file location(s): d:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 53,74 Gb Total Space | 0,44 Gb Free Space | 0,81% Space Free | Partition Type: NTFS Drive D: | 80,65 Gb Total Space | 54,44 Gb Free Space | 67,50% Space Free | Partition Type: NTFS Drive E: | 702,31 Mb Total Space | 612,24 Mb Free Space | 87,17% Space Free | Partition Type: UDF Drive I: | 1,89 Gb Total Space | 0,24 Gb Free Space | 12,59% Space Free | Partition Type: FAT Drive J: | 7,65 Gb Total Space | 0,05 Gb Free Space | 0,61% Space Free | Partition Type: FAT32 Computer Name: PC-DE-STÉPHANIE | User Name: Stéphanie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Users\Stéphanie\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Users\Stéphanie\Desktop\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) PRC - C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe (Radialpoint Inc.) PRC - C:\Program Files\Videotron\Videotron Service Agent\VideotronSA.exe (Vidéotron) PRC - C:\Program Files\Videotron\Videotron Service Agent\VideotronSAComHandler.exe (Radialpoint Inc.) PRC - C:\Users\Stéphanie\Desktop\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices) PRC - C:\Program Files\Videotron\Services de sécurité Vidéotron\RpsSecurityAwareR.exe (Vidéotron) PRC - C:\Program Files\Videotron\Services de sécurité Vidéotron\rps.exe (Vidéotron) PRC - C:\Program Files\Videotron\Services de sécurité Vidéotron\Fws.exe (Vidéotron) PRC - C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Acer\Empowering Technology\SysMonitor.exe () PRC - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe () PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe () PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - C:\Program Files\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4117485024b0f652b9fbb66ff5025896\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll () MOD - C:\Program Files\Videotron\Videotron Service Agent\Windows7Features.dll () MOD - C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\boost_log-vc71-mt-1_32.dll () MOD - C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\boost_thread-vc71-mt-1_32.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3009.0__739b31b1908c49e5\Framework.UIComponent.dll () MOD - C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll () MOD - C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll () MOD - C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll () MOD - C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll () MOD - C:\Program Files\Acer\Empowering Technology\SysMonitor.exe () MOD - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe () MOD - C:\Program Files\Acer\Empowering Technology\Framework.Presenter.dll () MOD - C:\Program Files\Acer\Empowering Technology\fr\Framework.AppBar.resources.dll () MOD - C:\Program Files\Acer\Empowering Technology\Framework.AppBar.dll () MOD - C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.QuickMenu.dll () MOD - C:\Windows\System32\atitmmxx.dll () MOD - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll () [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AMD FUEL Service) -- C:\Users\Stéphanie\Desktop\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft) SRV - (ServicepointService) -- C:\Program Files\Videotron\Videotron Service Agent\ServicepointService.exe (Radialpoint Inc.) SRV - (scan) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\BitDefender\scan.dll (S.C. BitDefender S.R.L) SRV - (AMD Reservation Manager) -- C:\Users\Stéphanie\Desktop\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices) SRV - (Radialpoint Security Services) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\RpsSecurityAwareR.exe (Vidéotron) SRV - (RP_FWS) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\Fws.exe (Vidéotron) SRV - (RadialpointIDSAgent) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) SRV - (PDEngine) -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (Raxco Software, Inc.) SRV - (PDAgent) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.) SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe () SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft) DRV - (RPSKT) Security Services Driver (x86) -- C:\Windows\System32\drivers\rp_skt32.sys (Radialpoint Inc.) DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices) DRV - (Trufos) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\BitDefender\trufos.sys (BitDefender S.R.L.) DRV - (Profos) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\BitDefender\profos.sys (BitDefender S.R.L.) DRV - (RadialpointIDSDriver) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys (AVG Technologies ) DRV - (RadialpointIDSFilter) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSFilter.sys (AVG Technologies ) DRV - (RadialpointIDSShim) -- C:\Program Files\Videotron\Services de sécurité Vidéotron\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys (AVG Technologies ) DRV - (RadialpointIDSEH) -- C:\Windows\system32\drivers\AVGIDSEH.sys (AVG Technologies ) DRV - (bdfsfltr) -- C:\Windows\system32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV - (DefragFS) -- C:\Windows\System32\drivers\DefragFs.sys (Raxco Software, Inc.) DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (tvicport) -- C:\Windows\System32\drivers\TVicPort.sys (EnTech Taiwan) DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio) DRV - (ahcix86s) -- C:\Windows\system32\drivers\ahcix86s.sys (AMD Technologies Inc.) DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.foxtab.com/?s=0&chnl=dcom&cd=2XzutBtN2Y1L1QzutDtDtC0F0EtByDzz0EtBtA0EtA0C0DtAtBtN0D0TzutBtDtCtCtDzztCtB&cr=28429302 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.foxtab.com/?s=0&chnl=dcom&cd=2XzutBtN2Y1L1QzutDtDtC0F0EtByDzz0EtBtA0EtA0C0DtAtBtN0D0TzutBtDtCtCtDzztCtB&cr=28429302 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/defaultf.aspx?lang=fr-ca&OCID=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ca IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 F3 7C D0 0C C6 CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Foxtab Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://search.foxtab.com/?s=0&chnl=dcom&cd=2XzutBtN2Y1L1QzutDtDtC0F0EtByDzz0EtBtA0EtA0C0DtAtBtN0D0TzutBtDtCtCtDzztCtB&cr=28429302" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Videotron\Videotron Service Agent\nprpspa.dll (Vidéotron) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-09-01 07:23:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-05-31 19:17:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stéphanie\AppData\Roaming\mozilla\Extensions [2011-08-30 10:44:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stéphanie\AppData\Roaming\mozilla\Firefox\Profiles\2nfwlaal.default\extensions [2011-08-30 10:44:12 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Stéphanie\AppData\Roaming\mozilla\Firefox\Profiles\2nfwlaal.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011-07-09 19:10:23 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Stéphanie\AppData\Roaming\mozilla\Firefox\Profiles\2nfwlaal.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011-08-12 08:28:55 | 000,005,421 | ---- | M] () -- C:\Users\Stéphanie\AppData\Roaming\Mozilla\Firefox\Profiles\2nfwlaal.default\searchplugins\Foxtab Web Search.xml [2011-06-14 09:30:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2011-06-14 09:30:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- C:\USERS\STÃ©PHANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2NFWLAAL.DEFAULT\EXTENSIONS\{1018E4D6-728F-4B20-AD56-37578A4DE76B} File not found (No name found) -- C:\USERS\STÃ©PHANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2NFWLAAL.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7} File not found (No name found) -- C:\USERS\STÃ©PHANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2NFWLAAL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI File not found (No name found) -- C:\USERS\STÃ©PHANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2NFWLAAL.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI File not found (No name found) -- C:\USERS\STÃ©PHANIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2NFWLAAL.DEFAULT\EXTENSIONS\TRACKERBLOCK@PRIVACYCHOICE.ORG.XPI [2009-10-07 16:13:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011-09-01 07:23:11 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-08-19 07:44:18 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011-08-19 07:44:18 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011-08-19 07:44:18 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011-08-19 07:44:18 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011-08-19 07:44:18 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011-08-19 07:44:18 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011-02-06 10:29:04 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe () O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe () O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer\Acer Registration\ACE1.exe (Leader Technologies) O4 - HKLM..\Run: [EmpoweringTechnology] File not found O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Users\Stéphanie\Desktop\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [VideotronSA.exe] C:\Program Files\Videotron\Videotron Service Agent\VideotronSA.exe (Vidéotron) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Domains: live.com ([by111w.bay111.mail] https in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C8CEFB3-EFDC-4798-B651-FA38ECEAD82E}: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: D:\Créations 2\Fond d'écran\fleur rouge2.jpg O24 - Desktop BackupWallPaper: D:\Créations 2\Fond d'écran\fleur rouge2.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-09-04 10:33:23 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{5C6F723F-F13D-455E-B6AC-55F8623E09B9} [2011-09-04 10:29:25 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD [2011-09-04 10:23:34 | 000,000,000 | ---D | C] -- C:\_OTL [2011-09-04 09:57:05 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{88E347CD-0279-4256-ABC1-3DBEC5875019} [2011-09-04 07:12:52 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Stéphanie\Desktop\OTL.exe [2011-09-04 07:02:07 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{22C03D8C-A31E-471C-9D5D-34F26A2CFABB} [2011-09-04 07:01:45 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{69FF3E08-DA9C-4E38-ADD7-476A33E6D47B} [2011-09-03 18:32:24 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{BEF6EB16-098F-46F7-932D-59F484BE5157} [2011-09-03 18:31:59 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{60C3D888-8B32-485C-A9A5-A85E24F8839F} [2011-09-03 07:12:21 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{7537439D-645A-448A-85C7-C9048FA3073D} [2011-09-03 07:09:57 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{977FDFDF-60E4-42FB-B37A-1D5160214519} [2011-09-02 07:04:20 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{E3CE9E74-C60B-4F5C-8AA5-9E4DCF12F1DA} [2011-09-01 07:09:05 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{679ACB3C-32B0-4D1E-8998-834F60E31766} [2011-09-01 07:08:14 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{430CEEE3-9489-45F0-9A1C-036BD8B94352} [2011-08-31 16:10:20 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{7ED00A1F-328F-4A07-ADAA-BA9933F0D7A5} [2011-08-31 16:05:58 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{E871B70F-C8C4-46D9-87E2-710F80DD0D71} [2011-08-31 07:00:15 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{3A79FAB7-5EBA-46FC-871E-AA6B2F1ECF03} [2011-08-31 06:59:38 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{8CDBCAFF-0330-42D9-8818-5EE8DBB7A3AD} [2011-08-30 06:52:48 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{B187BA6E-6CC2-4C49-960A-A0E24F6D612E} [2011-08-29 07:29:38 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{404E0F87-AF2C-432F-B1D5-E52543DEBD64} [2011-08-29 07:29:15 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{365C2B9D-B457-4856-9384-4658922FCBF9} [2011-08-28 08:37:12 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{176F1E50-4F2F-4213-AA10-C59CAE4B846D} [2011-08-28 08:34:27 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{04E61F90-C2B6-4919-97E5-42B3A3CF4BB1} [2011-08-27 12:07:01 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{84CAAFFE-BEA8-4420-A451-F1C8D62504DC} [2011-08-27 12:06:16 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{CF91CDC5-10E4-4007-85AB-5C88E1350157} [2011-08-27 07:30:18 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{1DD0BECE-6911-4F5B-9591-29635FF4E969} [2011-08-26 08:48:24 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{9436CEBA-6CDC-4A1C-8C27-66A02CF64B47} [2011-08-26 08:44:34 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{0C99EF56-FCBB-47E3-AC90-DD516BD5750E} [2011-08-25 09:23:45 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{21EEC1B0-DA41-456B-99A1-4510ACB51E67} [2011-08-25 07:16:06 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{46B55D33-7A38-4105-863B-337766B650E4} [2011-08-25 07:15:47 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{27498015-729B-431A-A375-258F3A291F04} [2011-08-24 07:26:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011-08-21 07:19:20 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{F1A0FE82-BBD2-43A0-8A6A-EBF6E88EB2A3} [2011-08-21 07:17:51 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{02F2F48A-2DC1-4C44-8AEE-4639EC648143} [2011-08-17 20:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media [2011-08-17 20:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Oberon Media [2011-08-17 20:48:15 | 000,427,872 | ---- | C] (Oberon Media Inc.) -- C:\Users\Stéphanie\Desktop\Backspin_Billards-setup.s111543617.c110005373.uBA6A21AFD5A62635.dl.exe [2011-08-16 14:53:43 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{5BBDBB1D-E476-408F-AB57-4B8F8052426C} [2011-08-16 14:53:05 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{A8473ACB-CA7B-42B1-BED8-1F7242071FB3} [2011-08-14 22:14:01 | 007,812,840 | ---- | C] (VS Revo Group ) -- C:\Users\Stéphanie\Desktop\RevoUninProSetup.exe [2011-08-14 19:20:18 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{9C2570F3-5F2D-4843-BF9F-001C256ECBF5} [2011-08-14 19:19:39 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{FEEA0B77-7EE4-4D23-8BEE-0215B95C8BCA} [2011-08-13 18:56:25 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{A6F3BBD0-F770-4D3B-824C-4E4022C83842} [2011-08-13 18:55:43 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{3DCECA6F-E116-4561-A55F-BCD3EE6AE37B} [2011-08-13 18:23:54 | 000,221,184 | ---- | C] (Prassi Software) -- C:\Windows\InZU31.exe [2011-08-13 18:22:36 | 006,116,660 | ---- | C] (Prassi Software) -- C:\Users\Stéphanie\Desktop\ONES Trial Setup (EFIGS).exe [2011-08-13 17:38:41 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP [2011-08-13 09:35:19 | 005,015,880 | ---- | C] (Canneverbe Limited ) -- C:\Users\Stéphanie\Desktop\cdburnerxp-pro_cdburnerxp_pro_4.3.8.2568_slim_francais_18424.exe [2011-08-12 08:19:19 | 000,454,120 | ---- | C] (CBS Interactive) -- C:\Users\Stéphanie\Desktop\cnet_pdr6free_exe.exe [2011-08-12 07:38:29 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{A71BCA82-CAFD-4E0E-B1E8-0D2E2978000E} [2011-08-11 22:47:54 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\Desktop\Users [2011-08-11 07:39:33 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{EDE2C3BD-997A-4F90-A958-959019B5EDEE} [2011-08-11 07:36:12 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{FB013424-B0F1-4941-A8B6-B23B0EFAD1ED} [2011-08-11 03:15:02 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011-08-11 03:15:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011-08-11 03:14:59 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011-08-11 03:14:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-08-11 03:14:54 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011-08-10 08:29:50 | 385,727,264 | ---- | C] (Nero AG) -- C:\Users\Stéphanie\Desktop\nero-10_nero_10.6.11300_francais_45172.exe [2011-08-10 08:15:05 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2011-08-10 08:13:29 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011-08-10 08:13:28 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011-08-09 13:47:32 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Roaming\DeepBurner [2011-08-09 13:47:06 | 000,000,000 | ---D | C] -- C:\Program Files\Astonsoft [2011-08-07 21:57:50 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{D333E317-20FC-4DEE-AEF8-134C93CEFCB2} [2011-08-07 21:57:28 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{B1CA7F99-2D88-4DE1-86CE-882C97B5A025} [2011-08-07 00:44:01 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\Option [2011-08-07 00:37:13 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{F233F9E8-E49D-4893-A21F-CFFC3262D9B0} [2011-08-06 20:14:39 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{0908650C-E61C-485D-AEE2-9DA60F00617F} [2011-08-06 20:14:24 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{D2ECC7D0-AF01-4556-A3B5-EDBEFBB30374} [2011-08-06 07:50:27 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{D228BE27-32C4-4DC3-9411-446ADF342BD7} [2011-08-06 07:48:42 | 000,000,000 | ---D | C] -- C:\Users\Stéphanie\AppData\Local\{815C933F-B40D-4A94-A33C-7899AD997A0B} [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-09-04 10:43:12 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-09-04 10:27:55 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2011-09-04 10:27:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-09-04 10:27:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-09-04 10:27:15 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-09-04 10:26:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-09-04 07:22:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011-09-04 07:13:12 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Stéphanie\Desktop\OTL.exe [2011-09-03 17:42:26 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011-09-03 17:42:26 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-09-03 17:42:26 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011-09-03 17:42:26 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-09-03 13:19:45 | 000,000,800 | ---- | M] () -- C:\Windows\System32\PDBootState [2011-08-31 07:35:52 | 000,035,318 | ---- | M] () -- C:\Users\Stéphanie\AppData\Roaming\wklnhst.dat [2011-08-25 09:51:59 | 265,947,971 | ---- | M] () -- C:\Users\Stéphanie\Documents\Ma sauvegarde.zip [2011-08-25 07:42:17 | 002,405,118 | ---- | M] () -- C:\Users\Stéphanie\Desktop\Musique majong.mp3 [2011-08-25 07:10:09 | 000,323,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-08-17 20:48:24 | 000,427,872 | ---- | M] (Oberon Media Inc.) -- C:\Users\Stéphanie\Desktop\Backspin_Billards-setup.s111543617.c110005373.uBA6A21AFD5A62635.dl.exe [2011-08-16 07:52:00 | 000,071,680 | ---- | M] () -- C:\Users\Stéphanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-08-14 22:14:32 | 007,812,840 | ---- | M] (VS Revo Group ) -- C:\Users\Stéphanie\Desktop\RevoUninProSetup.exe [2011-08-13 18:26:12 | 000,001,742 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2011-08-13 09:35:37 | 005,015,880 | ---- | M] (Canneverbe Limited ) -- C:\Users\Stéphanie\Desktop\cdburnerxp-pro_cdburnerxp_pro_4.3.8.2568_slim_francais_18424.exe [2011-08-12 08:19:42 | 000,454,120 | ---- | M] (CBS Interactive) -- C:\Users\Stéphanie\Desktop\cnet_pdr6free_exe.exe [2011-08-10 08:40:24 | 385,727,264 | ---- | M] (Nero AG) -- C:\Users\Stéphanie\Desktop\nero-10_nero_10.6.11300_francais_45172.exe [2011-08-07 23:59:41 | 000,114,023 | ---- | M] () -- C:\Users\Stéphanie\Documents\Couponmom.pdf [2011-08-07 23:56:20 | 000,114,023 | ---- | M] () -- C:\Users\Stéphanie\Documents\cf005a935662f44bd26e808ed7d033d9ea176f14.pdf [2011-08-07 23:52:13 | 000,114,022 | ---- | M] () -- C:\Users\Stéphanie\Documents\Coupon orthèses.pdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-09-04 07:22:57 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011-08-25 09:50:35 | 265,947,971 | ---- | C] () -- C:\Users\Stéphanie\Documents\Ma sauvegarde.zip [2011-08-13 17:38:48 | 000,001,742 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2011-08-13 17:38:46 | 000,001,688 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2011-08-11 22:46:18 | 135,855,986 | ---- | C] () -- C:\Users\Stéphanie\Desktop\Ma sauvegardemini.zip [2011-08-07 23:59:41 | 000,114,023 | ---- | C] () -- C:\Users\Stéphanie\Documents\Couponmom.pdf [2011-08-07 23:56:20 | 000,114,023 | ---- | C] () -- C:\Users\Stéphanie\Documents\cf005a935662f44bd26e808ed7d033d9ea176f14.pdf [2011-08-07 23:52:13 | 000,114,022 | ---- | C] () -- C:\Users\Stéphanie\Documents\Coupon orthèses.pdf [2011-07-23 17:00:39 | 000,323,544 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2011-05-31 19:17:05 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011-04-29 18:13:13 | 000,000,490 | ---- | C] () -- C:\Windows\wininit.ini [2011-03-21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2011-02-13 22:49:47 | 000,000,809 | ---- | C] () -- C:\Windows\NTIWVEDT.INI [2011-02-13 22:48:41 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI [2010-09-13 11:15:21 | 000,035,318 | ---- | C] () -- C:\Users\Stéphanie\AppData\Roaming\wklnhst.dat [2010-07-10 13:06:25 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-07-10 13:06:23 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-07-10 13:06:17 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-07-10 13:06:17 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-07-10 13:06:13 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-05-11 22:42:04 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat [2010-05-11 15:46:35 | 000,003,750 | ---- | C] () -- C:\Windows\cool.ini [2010-05-11 15:44:42 | 000,082,398 | ---- | C] () -- C:\Windows\c96unins.exe [2010-02-25 12:05:13 | 000,073,728 | ---- | C] () -- C:\Windows\unacev2.dll [2009-10-21 13:20:08 | 000,005,504 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen_x86.sys [2009-10-13 08:18:01 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009-10-09 18:13:42 | 158,905,632 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat [2009-10-07 16:48:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-10-07 16:48:50 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009-01-23 15:25:33 | 000,071,680 | ---- | C] () -- C:\Users\Stéphanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008-12-12 08:42:18 | 000,001,356 | ---- | C] () -- C:\Users\Stéphanie\AppData\Local\d3d9caps.dat [2008-12-06 21:32:08 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008-12-06 16:23:09 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini [2008-12-06 16:23:08 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini [2008-12-06 12:47:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2008-05-09 01:25:46 | 000,749,568 | ---- | C] () -- C:\Windows\AcerStore.exe [2008-04-09 02:14:46 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2008-04-09 02:14:45 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2008-04-09 02:14:43 | 000,168,886 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2008-04-09 02:14:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2008-03-16 17:59:35 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2008-03-16 17:59:35 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2008-03-16 17:23:17 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2008-03-16 17:20:40 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2008-03-16 17:20:40 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2008-03-16 17:20:40 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat [2008-01-21 03:23:37 | 000,678,804 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2008-01-21 03:23:37 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2008-01-21 03:23:37 | 000,126,420 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2008-01-21 03:23:37 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2006-11-02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 06:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 06:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001-12-26 11:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001-09-03 18:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001-07-30 11:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001-07-23 17:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.sys >[/color] [2006-09-18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2010-05-08 09:53:26 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-05-08 09:53:26 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [color=#E56717]========== Files - Unicode (All) ==========[/color] [2009-11-27 22:15:54 | 000,000,036 | ---- | M] ()(C:\Windows\System32\????????????????????????????????????????????g) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜摩潥牴湯卜牥楶散⁳敤猠揩牵瑩⃩楖瑯潲屮慓敦潃湮捥屴潃普杩塜楖睥挮湯楦g [2009-10-09 18:10:50 | 000,000,036 | ---- | C] ()(C:\Windows\System32\????????????????????????????????????????????g) -- C:\Windows\System32\㩃停潲牧浡䘠汩獥噜摩潥牴湯卜牥楶散⁳敤猠揩牵瑩⃩楖瑯潲屮慓敦潃湮捥屴潃普杩塜楖睥挮湯楦g < End of report >

jeanmimigab · le 04 Sep 2011 17:57

Très bien,

je ne vois pas le fichier "hiberfil.sys" normalement présent ici "C:\hiberfil.sys", est-ce que tu l'as aussi déplacé ?
C'est un fichier qui sert lors de la mise en veille et il grossis souvent à vue d’œil si la mise en veille n'est pas désactivée dans les options d'alimentations.
à moins que tu ais désactivés la mise en veille du PC, si c'est le cas, tant mieux car j'allais te la faire désactivé

Fais cette manip et dit moi si tu as récupéré de l'espace disque
tuto-oneclick2rp-laddy-vt-54573.html

Morgwen · le 04 Sep 2011 18:07

@jeanmimigab

Je ne sais pas si ça pourrait être ça mais parmi les (nombreuses) manips qu'on m'a conseillé de faire, il y a un truc qui était dans C qu'on m'a fait mettre dans D. Je suis désolée, j'ai oublié les détails, il faudrait que je fasse quelques fouilles archéologique sur les forums que j'ai fréquenté.

J'ignore comment comment désactiver la mise en veille de mon PC, j'ai je l'ai déjà fait et comment vérifier que je l'ai déjà fait!

Je ne peux pas réaliser la manip car lorsque je clique sur "Créer", il apparaît un message d'erreur:

Line 719 (File blablabla...)
Error: The requested action with this object has failed

:evil:

jeanmimigab · le 04 Sep 2011 18:23

il y a un truc qui était dans C qu'on m'a fait mettre dans D

il s'agit sûrement du fichier "pagefil.sys" qui est possible de déplacer..

Pour supprimer la mise en veille (et donc le fichier hiberfil.sys) tu fais cela...
http://www.zebulon.fr/astuces/222-desac ... ongee.html

jeanmimigab · le 04 Sep 2011 18:26

Morgwen a écrit:@jeanmimigab
Je ne peux pas réaliser la manip car lorsque je clique sur "Créer", il apparaît un message d'erreur:

pas grave, on fais ça manuellement comme cela...
http://forums.cnetfrance.fr/topic/55283 ... eme-vista/

ensuite tu devrais récupérer de la place :wink:

Morgwen · le 04 Sep 2011 18:38

Chaque fois que je valide la commande, (c'est bien en cliquant sur "Entrée"?), il ne se passe rien sinon que la ligne C:/Windows system32 machin apparaît de nouveau en attente d'une autre commande.

jeanmimigab · le 04 Sep 2011 18:49

Morgwen a écrit:Chaque fois que je valide la commande, (c'est bien en cliquant sur "Entrée"?), il ne se passe rien sinon que la ligne C:/Windows system32 machin apparaît de nouveau en attente d'une autre commande.

c'est tout bon, si tu n'as pas de message d'erreurs renvoyer après avoir validé avec entrée, c'est tout bon :wink:

tu peux désactiver la restauration maintenant comme cela
http://forums.cnetfrance.fr/topic/55283 ... eme-vista/

Morgwen · le 04 Sep 2011 19:02

La case du lecteur C était déjà décochée et la fenêtre s'est tout simplement fermée lorsque j'ai cliqué sur "Ok". Aucune fenêtre dotée d'un bouton "Désactiver restauration système" n'est apparue. J'ai déjà voulu supprimer les points de restauration, et il me semble vaguement que j'ai procédé à quelques manips en ce sens.

Dois-je effacer toutes les partitions?

Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Re: Dois-je effacer toutes les partitions?

Sujets similaires

Qui est en ligne