Pubs intempestives

Résolu/Fermé
globe56 Messages postés 9 Date d'inscription lundi 16 mai 2011 Statut Membre Dernière intervention 17 mai 2011 - 16 mai 2011 à 09:27
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 17 mai 2011 à 12:18
Bonjour,
depuis deux jours,j'ai des pubs qui s'affiches sur mon écran,des jeux,sites de rencontre, j'en reçois une toutes les 5 minutes environ.
j'utilise google chrome,je suis sous windows 7,mon anti virus AVG gratuis.
merci pour toutes vos réponses.

13 réponses

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
16 mai 2011 à 09:39
Salut,


Bienvenue.
Voici la procédure à suivre.
Prière de lire attentivement les instructions pour les suivre correctement.
Bien poster les rapports comme demandés aafin de pouvoir les analyser.


Télécharge AD-Remover : http://www.teamxscript.org/adremoverTelechargement.html
Lance le en mode nettoyage
Poste le rapport ici.

ensuite :

Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
!!! Malwarebyte doit être à jour avant de faire le scan !!!

ensuite :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
CREATERESTOREPOINT
nslookup www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs

* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
Yes, no, maybe
I don't know
Can you repeat the question?
You're not the boss of me now
0
globe56 Messages postés 9 Date d'inscription lundi 16 mai 2011 Statut Membre Dernière intervention 17 mai 2011
16 mai 2011 à 11:38
bonjour
merci pour votre aide

voci le rapport d'AD REMOVER.


======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 11:23:28 le 16/05/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium (X86)
mikael@PC-DE-MIKAEL (Packard Bell EasyNote TJ65)

============== ACTION(S) ==============


Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
Fichier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk
Dossier supprimé: C:\Users\mikael\AppData\Roaming\PCtuto
Dossier supprimé: C:\Users\mikael\AppData\LocalLow\Automated Content Enhancer
Dossier supprimé: C:\Users\mikael\AppData\LocalLow\Customized Platform Advancer
Dossier supprimé: C:\Users\mikael\AppData\Roaming\DesktopIcon
Dossier supprimé: C:\Users\mikael\AppData\Roaming\OpenCandy
Dossier supprimé: C:\Users\mikael\AppData\Local\PCTuto
Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto
Dossier supprimé: C:\Program Files\PCTuto
Dossier supprimé: C:\Users\mikael\AppData\Roaming\OfferBox
Dossier supprimé: C:\Program Files\OfferBox
Dossier supprimé: C:\Users\mikael\AppData\LocalLow\Kiwee Toolbar

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{2EECCC1A-4CA0-492F-838D-AC1FC26CB327}
Clé supprimée: HKLM\Software\Classes\Interface\{2EECCC1A-4CA0-492F-838D-AC1FC26CB327}
Clé supprimée: HKLM\Software\Classes\CLSID\{65f0de9c-0ac1-416b-b8b6-b3d68dc76ea3}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{65f0de9c-0ac1-416b-b8b6-b3d68dc76ea3}
Clé supprimée: HKLM\Software\Classes\CLSID\{703740c1-0f1a-4cec-a4df-d78db0158477}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{703740c1-0f1a-4cec-a4df-d78db0158477}
Clé supprimée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé supprimée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Clé supprimée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé supprimée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Clé supprimée: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Clé supprimée: HKLM\Software\Classes\TypeLib\{9D7233B0-0CC0-4938-8208-5B3F9D643873}
Clé supprimée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé supprimée: HKLM\Software\Classes\Offerbox.SpointerAdProvider
Clé supprimée: HKLM\Software\Classes\Offerbox.SpointerAdProvider.5
Clé supprimée: HKLM\Software\Classes\Offerbox.SpointerWebDisp
Clé supprimée: HKLM\Software\Classes\AppID\BandooCore.EXE
Clé supprimée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Clé supprimée: HKLM\Software\bandoo
Clé supprimée: HKLM\Software\OfferBox
Clé supprimée: HKLM\Software\AppDataLow\Software\Automated Content Enhancer
Clé supprimée: HKLM\Software\AppDataLow\Software\Customized Platform Advancer
Clé supprimée: HKLM\Software\AppDataLow\Software\Web Search Operator
Clé supprimée: HKCU\Software\Ask.com
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\OfferBox
Clé supprimée: HKCU\Software\AppDataLow\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}
Clé supprimée: HKCU\Software\AppDataLow\AskBarDis
Clé supprimée: HKCU\Software\AppDataLow\Software\AskToolbar
Clé supprimée: HKCU\Software\AppDataLow\Software\Automated Content Enhancer
Clé supprimée: HKCU\Software\AppDataLow\Software\CMW
Clé supprimée: HKCU\Software\AppDataLow\Software\Customized Platform Advancer
Clé supprimée: HKCU\Software\AppDataLow\Software\Media Access Startup
Clé supprimée: HKCU\Software\AppDataLow\Software\Web Search Operator
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{#EVAT_GUID}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{da8002cf-2914-493a-b7e8-79740e2e15db}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerbox@spointer.com
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [4.0.1 (fr)] ****

Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
HKLM_Extensions|{1E73965B-8B48-48be-9C8D-68B920ABC1C4} - C:\Program Files\AVG\AVG10\Firefox4\

-- C:\Users\mikael\AppData\Roaming\Mozilla\FireFox\Profiles\h513e961.default --
Prefs.js - browser.startup.homepage, hxxp://www.sfr.fr/accueil/adsl.html
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1

========================================

**** Google Chrome Version [11.0.696.68] ****

Extension\dpicnlijpdlebkhpegfenfjpglinfdhm (C:\Program Files\OfferBox\extensions-3.1.3878.129\offerbox_air_chrome.crx) (x)
Extension\ojpijjmpahflnipadmlpgbjmagmjchkk (C:\Users\mikael\AppData\Local\Temp\Vuze_Toolbar.crx) (x)

-- C:\Users\mikael\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Conduit" (Activé: true) (hxxp://search.conduit.com/Results.aspx?q={searchTerms}&hl=en&SelfSearch=1&SearchSource=49&ctid=CT2504091)
Preferences - homepage: hxxp://www.google.com
Preferences - homepage_is_newtabpage: true
Preferences - urls_to_restore_on_startup: hxxp://www.sfr.fr/accueil/adsl.html

========================================

**** Internet Explorer Version [9.0.8080.16413] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x)
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2EAA} - "Search" (hxxp://www.pucuy.com/google?q={searchTerms}&sa=Search&cx=partner-pub-35468619388...)
HKCU_Toolbar\WebBrowser|{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} (x)
HKLM_Toolbar|{9421DD08-935F-4701-A9CA-22DF90AC4EA6} (C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll)
HKLM_ElevationPolicy\caf7971b-8973-4fd2-a72c-8c8e0e8b5110 - C:\Program Files\Eazel-FR\Eazel-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\system32\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\system32\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (x)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{B2321D2F-1154-4d97-AD3E-2FE0BAE2897B} - C:\Program Files\SFR\Kit\9launch.exe (SFR)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - "Objet d'aide à la navigation SFR" (C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll)
BHO\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - "Easy Photo Print" (C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 137 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 16/05/2011 11:23:39 (9055 Octet(s))

Fin à: 11:24:35, 16/05/2011

============== E.O.F ==============
0
globe56 Messages postés 9 Date d'inscription lundi 16 mai 2011 Statut Membre Dernière intervention 17 mai 2011
16 mai 2011 à 11:45
re
voici le rapport MBAM

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6587

Windows 6.1.7600
Internet Explorer 9.0.8080.16413

16/05/2011 11:43:30
mbam-log-2011-05-16 (11-43-30).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 150533
Temps écoulé: 4 minute(s), 3 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
globe56 Messages postés 9 Date d'inscription lundi 16 mai 2011 Statut Membre Dernière intervention 17 mai 2011
16 mai 2011 à 12:00
re
voici le rapport d'OTL


merci.


OTL logfile created on: 16/05/2011 11:51:27 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\mikael\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8080.16413)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,32 Gb Total Space | 206,38 Gb Free Space | 71,58% Space Free | Partition Type: NTFS

Computer Name: PC-DE-MIKAEL | User Name: mikael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011/05/16 11:45:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\mikael\Downloads\OTL.exe
PRC - [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/07 02:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 02:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/07 02:22:12 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/01/06 16:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 17:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 17:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 05:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/03/24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/10/15 10:53:54 | 000,959,808 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe
PRC - [2009/08/26 21:07:24 | 000,698,912 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTray.exe
PRC - [2009/08/26 21:07:22 | 000,690,720 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
PRC - [2009/08/26 21:07:20 | 000,469,536 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerEvent.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/04/23 11:11:32 | 002,742,840 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
PRC - [2009/04/02 08:31:34 | 001,552,497 | ---- | M] (Suyin) -- C:\Program Files\VideoWebCamera\VideoWebCamera.exe
PRC - [2009/03/18 10:46:30 | 001,160,736 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
PRC - [2009/03/10 00:53:08 | 000,250,624 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2009/03/10 00:53:02 | 000,044,800 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2009/03/05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/19 05:42:50 | 000,866,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/12/12 08:31:10 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008/11/06 05:53:58 | 000,474,168 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
PRC - [2008/10/17 10:44:58 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011/05/16 11:45:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\mikael\Downloads\OTL.exe
MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/08/26 21:07:46 | 000,215,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\SysHook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (OfferBox update service)
SRV - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/06/15 18:25:48 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/08/26 21:07:22 | 000,690,720 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009/03/24 20:15:06 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/10 00:53:02 | 000,044,800 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/02/03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010/12/08 05:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 14:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 17:27:54 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 04:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 04:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 22:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 22:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 22:42:36 | 000,021,072 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/07/26 15:15:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/04/27 04:25:20 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2010/04/27 04:25:20 | 000,100,352 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssceserd.sys -- (ssceserd) SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM)
DRV - [2010/04/27 04:25:20 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2010/04/27 04:25:20 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2009/07/28 00:26:00 | 009,791,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Pilote de carte de liaison WiFi sans fil Intel(R)
DRV - [2009/07/14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
DRV - [2009/04/30 15:43:34 | 000,064,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/04/08 04:47:00 | 000,452,096 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/11/20 14:29:00 | 000,038,656 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Capt905c.sys -- (SQTECH905C)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "https://www.sfr.fr/"

FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/03/30 17:16:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/16 11:24:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/23 15:28:45 | 000,000,000 | ---D | M]

[2011/03/16 10:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mikael\AppData\Roaming\mozilla\Extensions
[2009/09/05 18:32:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mikael\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011/04/08 09:45:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/11 22:24:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/20 22:51:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/16 20:35:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/25 16:06:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/05 20:40:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011/03/30 17:16:42 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
File not found (No name found) -- C:\PROGRAM FILES\OFFERBOX\EXTENSIONS-3.1.3878.129\OFFERBOX@SPOINTER.COM
[2009/11/27 16:19:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/05/09 17:30:00 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] c:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RemoteControl8] c:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VideoWebCamera] C:\Program Files\VideoWebCamera\VideoWebCamera.exe (Suyin)
O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)
O4 - HKCU..\Run: [Epson Stylus SX420W(Réseau)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPSON SX420W Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [SmAudio] C:\Program Files\Conexant\SmartAudio\SmAudio.exe (Conexant Systems, Inc.)
O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Acer Incorporated)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\mikael\AppData\Roaming\Mozilla\Firefox\Fond d'écran.bmp
O24 - Desktop BackupWallPaper: C:\Users\mikael\AppData\Roaming\Mozilla\Firefox\Fond d'écran.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{c433ca5f-be47-11df-8f20-001f16a00745}\Shell - "" = AutoRun
O33 - MountPoints2\{c433ca5f-be47-11df-8f20-001f16a00745}\Shell\AutoRun\command - "" = E:\ICM_ML.exe
O33 - MountPoints2\{f2430abd-6f32-11df-b6dd-001f16a00745}\Shell - "" = AutoRun
O33 - MountPoints2\{f2430abd-6f32-11df-b6dd-001f16a00745}\Shell\AutoRun\command - "" = E:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Reg Error: Value error.
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/05/16 11:26:16 | 000,000,000 | R--D | C] -- C:\Users\mikael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2011/05/16 11:24:21 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Roaming\OfferBox
[2011/05/16 11:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/05/16 08:43:53 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Local\{31C6E62C-AC48-4E89-A1B1-8D5CF7A39CAA}
[2011/05/16 08:43:29 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Local\{973A1778-952D-4EB9-A9CB-FECD11C17A3A}
[2011/05/14 18:51:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/05/14 18:51:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/05/14 18:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/05/14 14:30:38 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Roaming\WinRAR
[2011/05/14 13:15:59 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011/05/13 11:28:43 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Local\{5CBBEBEB-76EB-4875-A6CA-20989B0BDDCB}
[2011/05/12 23:01:32 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
[2011/05/12 23:01:24 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011/05/12 10:07:24 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Local\{0457EFF8-AFFA-47B4-A128-662FE919B941}
[2011/05/11 21:11:56 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2011/05/11 21:11:55 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2011/05/11 21:11:50 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/05/11 21:11:49 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/05/11 17:51:02 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Roaming\MAGIX
[2011/05/11 17:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2011/05/10 22:02:44 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Roaming\PhotoFiltre
[2011/05/10 22:02:38 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
[2011/05/10 22:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
[2011/05/10 22:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre
[2011/05/07 16:15:44 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Roaming\Epson
[2011/05/07 16:12:16 | 000,135,168 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBAPI.dll
[2011/05/07 16:12:16 | 000,110,592 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBDSCVR.dll
[2011/05/07 16:12:16 | 000,077,824 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EBAPI.dll
[2011/05/07 16:12:16 | 000,065,536 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBUtil.dll
[2011/05/07 16:12:16 | 000,055,808 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBSDKIF.dll
[2011/05/07 16:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2011/05/07 16:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2011/05/07 16:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2011/05/07 16:03:50 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Local\ABBYY
[2011/05/07 16:03:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
[2011/05/07 16:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 9.0 Sprint
[2011/05/07 16:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY
[2011/05/07 16:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ABBYY
[2011/05/07 16:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2011/05/07 15:59:54 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL
[2011/05/07 15:59:48 | 000,093,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBGCE.DLL
[2011/05/07 15:59:45 | 000,063,488 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BGCE.DLL
[2011/05/07 15:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2011/05/07 15:59:09 | 000,341,504 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esw2ud.dll
[2011/05/07 15:59:09 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esdevapp.exe
[2011/05/07 15:59:09 | 000,015,872 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\escdev.dll
[2011/05/07 15:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2011/05/07 15:58:58 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2011/05/07 15:56:01 | 000,457,611 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppui.dll
[2011/05/07 15:56:01 | 000,251,392 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enspres.dll
[2011/05/07 15:56:00 | 000,474,892 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppmon.dll
[2011/05/07 15:56:00 | 000,474,892 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppmon.dll
[2011/05/07 15:56:00 | 000,457,611 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppui.dll
[2011/05/07 15:56:00 | 000,251,392 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enpres.dll
[2011/05/07 15:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet
[2011/05/05 23:25:55 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Local\{4532E936-1455-4D0B-9FBA-D001EF093BE3}
[2011/04/28 22:08:06 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Local\{9B02A6BB-2598-4917-B7B8-24269539DF44}
[2011/04/28 09:34:33 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Local\{22291E61-FAAE-492E-B46C-51C1869FD39B}
[2011/04/27 23:07:52 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011/04/27 23:07:49 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2011/04/27 23:07:49 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2011/04/27 23:07:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2011/04/27 23:07:45 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/04/27 23:07:44 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/23 16:41:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INLOADER.DLL
[2011/04/23 16:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\PCFriendly
[2011/04/23 16:40:51 | 000,298,496 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\uninst.exe
[2011/04/22 23:52:37 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Local\{B324875C-3D53-4EB9-A44E-61C1D70FE04D}
[2011/04/21 16:27:42 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Local\{6FA9153C-CC43-4A6B-BEBC-5921C779BAD2}
[2011/04/20 19:49:16 | 000,000,000 | ---D | C] -- C:\Users\mikael\AppData\Local\{90673564-6753-4009-A109-7A5F3AEFD9DA}

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/05/16 11:52:10 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/05/16 11:33:15 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/16 11:33:15 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/16 11:25:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/16 11:25:53 | 2411,864,064 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/16 11:23:28 | 000,001,803 | ---- | M] () -- C:\Users\mikael\Desktop\AD-R.lnk
[2011/05/16 11:14:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3837133028-3071483866-1992023615-1000UA.job
[2011/05/16 08:34:09 | 115,146,070 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011/05/14 23:35:13 | 457,528,893 | ---- | M] () -- C:\Users\mikael\Documents\The Ring.mp4
[2011/05/14 20:14:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3837133028-3071483866-1992023615-1000Core.job
[2011/05/14 14:18:05 | 000,000,000 | ---- | M] () -- C:\Users\mikael\AppData\Local\prvlcl.dat
[2011/05/14 00:18:58 | 731,660,288 | ---- | M] () -- C:\Users\mikael\Documents\L.ILE.2011.FRENCH.DVDRiP.XViD-FiCTiON.avi
[2011/05/13 20:14:21 | 000,001,074 | ---- | M] () -- C:\Users\mikael\Documents - Raccourci.lnk
[2011/05/13 19:20:11 | 000,002,370 | ---- | M] () -- C:\Users\mikael\Desktop\Google Chrome.lnk
[2011/05/13 19:00:01 | 1469,770,938 | ---- | M] () -- C:\Users\mikael\Documents\Coursier 2010 FRENCH DVDRiP XViD AC3-FwD.avi
[2011/05/12 23:01:32 | 000,000,957 | ---- | M] () -- C:\Users\mikael\Desktop\JDownloader.lnk
[2011/05/12 17:57:13 | 000,216,064 | ---- | M] () -- C:\Users\mikael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/12 09:14:50 | 000,465,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/10 22:02:39 | 000,000,967 | ---- | M] () -- C:\Users\mikael\Desktop\PhotoFiltre.lnk
[2011/05/10 14:00:33 | 000,704,480 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/05/10 14:00:33 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/10 14:00:33 | 000,130,754 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/05/10 14:00:33 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/07 16:07:22 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
[2011/05/07 16:05:59 | 000,000,306 | ---- | M] () -- C:\Windows\setup.iss
[2011/05/07 16:00:19 | 000,002,222 | ---- | M] () -- C:\Users\Public\Desktop\Guide réseau pour EPSON SX420W Series.lnk
[2011/05/07 16:00:12 | 000,002,222 | ---- | M] () -- C:\Users\Public\Desktop\EPSON SX420W Series Manuel.lnk
[2011/05/07 15:59:09 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011/04/23 16:40:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/04/23 16:40:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/04/23 15:28:46 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/05/16 11:52:10 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/05/16 11:23:28 | 000,001,803 | ---- | C] () -- C:\Users\mikael\Desktop\AD-R.lnk
[2011/05/14 19:53:20 | 457,528,893 | ---- | C] () -- C:\Users\mikael\Documents\The Ring.mp4
[2011/05/13 23:38:46 | 731,660,288 | ---- | C] () -- C:\Users\mikael\Documents\L.ILE.2011.FRENCH.DVDRiP.XViD-FiCTiON.avi
[2011/05/13 20:14:21 | 000,001,074 | ---- | C] () -- C:\Users\mikael\Documents - Raccourci.lnk
[2011/05/13 18:00:12 | 1469,770,938 | ---- | C] () -- C:\Users\mikael\Documents\Coursier 2010 FRENCH DVDRiP XViD AC3-FwD.avi
[2011/05/12 23:01:32 | 000,000,957 | ---- | C] () -- C:\Users\mikael\Desktop\JDownloader.lnk
[2011/05/10 22:02:39 | 000,000,967 | ---- | C] () -- C:\Users\mikael\Desktop\PhotoFiltre.lnk
[2011/05/07 16:07:22 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk
[2011/05/07 16:05:47 | 000,000,306 | ---- | C] () -- C:\Windows\setup.iss
[2011/05/07 16:00:19 | 000,002,222 | ---- | C] () -- C:\Users\Public\Desktop\Guide réseau pour EPSON SX420W Series.lnk
[2011/05/07 16:00:12 | 000,002,222 | ---- | C] () -- C:\Users\Public\Desktop\EPSON SX420W Series Manuel.lnk
[2011/05/07 15:59:09 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011/04/23 16:40:41 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/04/23 16:40:41 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/10/25 19:23:45 | 000,000,032 | ---- | C] () -- C:\Windows\System32\use_atc.dat
[2010/04/16 01:31:17 | 000,007,634 | ---- | C] () -- C:\Users\mikael\AppData\Local\Resmon.ResmonCfg
[2010/03/25 22:09:46 | 000,000,000 | ---- | C] () -- C:\Users\mikael\AppData\Local\prvlcl.dat
[2010/02/26 14:58:11 | 000,306,688 | ---- | C] () -- C:\Windows\System32\Lffpx7.dll
[2010/02/26 14:58:11 | 000,095,232 | ---- | C] () -- C:\Windows\System32\Lfkodak.dll
[2010/02/21 00:02:18 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/02/14 15:47:40 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/11/27 20:58:26 | 000,216,064 | ---- | C] () -- C:\Users\mikael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/27 16:33:16 | 000,021,680 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2009/09/17 18:07:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/22 23:47:39 | 000,023,580 | ---- | C] () -- C:\Users\mikael\AppData\Roaming\UserTile.png
[2009/08/17 00:10:23 | 000,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2009/08/17 00:10:23 | 000,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2009/08/16 10:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/08/15 17:21:52 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2009/08/15 17:21:52 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009/08/13 23:39:24 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/08/07 19:33:49 | 000,000,204 | ---- | C] () -- C:\Users\mikael\AppData\Roaming\wklnhst.dat
[2009/08/07 19:20:35 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009/08/07 19:20:16 | 000,008,172 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2009/07/14 10:39:49 | 000,704,480 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2009/07/14 10:39:49 | 000,130,754 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 06:33:53 | 000,465,592 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/05/29 15:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/05/29 15:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/05/23 02:11:47 | 000,004,184 | ---- | C] () -- C:\Windows\System32\drivers\CDConfig.bin
[2009/05/22 17:51:05 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2009/03/24 20:12:55 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/03/04 21:35:58 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2009/03/04 21:35:58 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2009/03/04 21:35:53 | 000,000,059 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009/03/04 21:35:53 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007/02/05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[1998/10/11 00:07:38 | 000,088,576 | ---- | C] () -- C:\Windows\System32\Iticheck.dll
[1998/07/15 21:44:30 | 000,134,656 | ---- | C] () -- C:\Windows\System32\itijpg2.dll

[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2011/02/20 22:27:33 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Adobe
[2010/02/12 21:38:34 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Apple Computer
[2010/11/11 11:13:20 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\AVG10
[2009/11/28 12:13:02 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\AVS4YOU
[2011/04/01 10:50:56 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Azureus
[2009/11/27 16:27:46 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Big Fish Games
[2009/11/27 16:27:46 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\CyberLink
[2011/04/23 16:42:01 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\dvdcss
[2009/11/27 16:27:46 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\EleFun Games
[2011/05/09 13:40:07 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Epson
[2010/05/16 13:44:03 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Facebook
[2009/11/27 16:27:46 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Flood Light Games
[2010/10/09 23:51:53 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\FMZilla
[2009/11/27 16:27:46 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Google
[2010/11/11 01:03:32 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Identities
[2009/11/27 16:27:46 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\InstallShield
[2011/04/29 15:53:41 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Intelli-studio
[2009/11/27 16:27:49 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Macromedia
[2011/05/11 17:51:02 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\MAGIX
[2009/11/27 16:27:49 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Malwarebytes
[2009/07/14 11:00:22 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Media Center Programs
[2010/11/27 22:58:30 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Micro Application
[2010/12/11 21:57:45 | 000,000,000 | --SD | M] -- C:\Users\mikael\AppData\Roaming\Microsoft
[2009/11/27 16:27:54 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Mozilla
[2010/02/21 00:19:44 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Nero
[2009/11/27 16:27:55 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Oberonv1002
[2011/05/16 11:24:21 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\OfferBox
[2011/02/09 18:49:53 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Opera
[2009/11/27 16:27:55 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Packard Bell
[2009/11/27 16:27:55 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\PC Suite
[2009/08/22 23:47:39 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\PeerNetworking
[2011/05/10 22:03:28 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\PhotoFiltre
[2009/11/27 16:27:55 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Playrix Entertainment
[2010/01/23 13:25:15 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Publish Providers
[2009/11/27 16:27:55 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\RobinsonCrusoe
[2010/09/20 17:11:45 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Samsung
[2010/01/23 13:25:07 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Sony
[2010/06/30 22:22:22 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Sony Corporation
[2010/08/18 22:18:51 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Stellarium
[2009/11/27 16:27:56 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Template
[2011/04/23 16:43:16 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\vlc
[2010/09/30 20:03:12 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Win7codecs
[2011/03/17 20:20:24 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Windows Live Writer
[2011/05/14 14:30:38 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\WinRAR
[2009/11/27 16:27:56 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Zylom
[2009/11/27 16:27:56 | 000,000,000 | ---D | M] -- C:\Users\mikael\AppData\Roaming\Zylom 3 Days Zoo Mystery

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2011/04/01 09:08:40 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\mikael\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe
[2010/05/16 13:44:05 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\mikael\AppData\Roaming\Facebook\uninstall.exe
[2011/04/20 19:48:45 | 017,983,128 | ---- | M] () -- C:\Users\mikael\AppData\Roaming\Intelli-studio\iUpdate.exe
[2009/08/07 18:58:57 | 000,010,134 | R--- | M] () -- C:\Users\mikael\AppData\Roaming\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe

[color=#A23BEC]< %temp%\.exe /s >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\LocationApi.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]


[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

[color=#A23BEC]< nslookup www.google.fr /c >[/color]
Serveur : neufbox
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 209.85.229.104
209.85.229.99
209.85.229.147
Aliases: WWW.GOOGLE.FR
www.google.com

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/09 17:30:00 | 000,713,800 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/09 17:30:00 | 000,713,800 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/09 17:30:00 | 000,713,800 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/09 17:30:00 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/09 17:30:00 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/09 17:30:00 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\mikael\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/05/07 13:57:16 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\mikael\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/05/07 13:57:16 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\mikael\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/05/07 13:57:16 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\mikael\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/05/07 13:57:16 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/02/10 22:08:03 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/02/10 22:08:03 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/02/10 22:08:03 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
16 mai 2011 à 12:06
ton rapport OTL est incomplet et illisible car tu l'as c/c ici.
Faut l'envoyer sur pjjoint => suivre la procédure.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
globe56 Messages postés 9 Date d'inscription lundi 16 mai 2011 Statut Membre Dernière intervention 17 mai 2011
16 mai 2011 à 12:31
re

desolé our le rapport d'otx
je refais comme demandé.
0
globe56 Messages postés 9 Date d'inscription lundi 16 mai 2011 Statut Membre Dernière intervention 17 mai 2011
16 mai 2011 à 14:19
re
l'avez-vous reçut?
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
16 mai 2011 à 19:16
faut donner le lien sinon je peux pas le lire.
0
globe56 Messages postés 9 Date d'inscription lundi 16 mai 2011 Statut Membre Dernière intervention 17 mai 2011
16 mai 2011 à 19:47
re
vois pas comment faire!!
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
Modifié par Malekal_morte- le 16/05/2011 à 21:36
tu copies/colles le lien qui mène à ton rapport OTL que tu as envoyé sur pjjoint
Voir aide : https://www.malekal.com/tutorial-otl/

Yes, no, maybe
I don't know
Can you repeat the question?
You're not the boss of me now
0
globe56 Messages postés 9 Date d'inscription lundi 16 mai 2011 Statut Membre Dernière intervention 17 mai 2011
16 mai 2011 à 23:43
re
le rapport de correction


Error: Unable to interpret <https://pjjoint.malekal.com/files.php?id=b2bbcb66bf596> in the current context!

OTL by OldTimer - Version 3.2.22.3 log created on 05162011_234305
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
17 mai 2011 à 11:09
OK.

Supprime ce dossier : C:\Users\mikael\AppData\Roaming\OfferBox

Spybot est dépassé, désinstalle le.
AVG est pas à jour. Faut le mettre à jour

Mais AVG, c'est bof ; tu devrais mettre Avast! à la place : https://www.malekal.com/tutoriel-antivirus-avast/
Enfin à toi de voir.

Encore des pubs ?

0
globe56 Messages postés 9 Date d'inscription lundi 16 mai 2011 Statut Membre Dernière intervention 17 mai 2011
17 mai 2011 à 12:08
bonjour.

merci pour votre aide,je vire spybot,je remplace AVG par AVAST.
non,je n'ai plus aucunes pubs, offer box supprimé.

merci beaucoup et bonne continuation.
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 656
17 mai 2011 à 12:18
Fais plus attention à l'avenir....

Maintiens tes logiciel à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.

Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.

Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese

Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte :

https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14

https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9

Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1

Fonctionnement de quelques catégories de malwares :

https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen

https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus

Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.
0