Sujet Précédent Sujet Suivant

Même problème que juu

Fermé
sévy - 13 août 2011 à 00:06
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 14 août 2011 à 01:11
Bonjour,





bonjour j ai le même virus....je ne comprends pas trop......j ai suivie la première étape et j ai reçu un "rapport" mais je dois le poster ici????

par contre je n ai trouvé aucun programme ds mon pc se nommant PCtuto!!!
pourtant je suis bien touours dirigée suur LO.ST et des pubs incessantes qui s ouvrent tout le temps....pfffffffftttttt je ne sais pas comment faire.....

7 réponses

Réponse 1 / 7
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
13 août 2011 à 00:23
Salut,


Bienvenue.
Voici la procédure à suivre.
Prière de lire attentivement les instructions pour les suivre correctement surtout en respectant l'ordre des étapes et attendre d'avoir fini chaque étape pour passer à la suivante.
Bien poster les rapports comme demandés aafin de pouvoir les analyser.

La procédure doit être suivi l'un après l'un et PAS faire les étapes en même temps.

Télécharge AD-Remover : http://www.teamxscript.org/adremoverTelechargement.html
Lance le en mode nettoyage
Poste le rapport ici.

ensuite :

Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
!!! Malwarebyte doit être à jour avant de faire le scan !!!

ensuite :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
1
Réponse 2 / 7
sévy17 Messages postés 4 Date d'inscription samedi 13 août 2011 Statut Membre Dernière intervention 13 août 2011
13 août 2011 à 11:46
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 11:15:46 le 13/08/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Basique Service Pack 2 (X86)
Sévy@PC-DE-SÉVY (Hewlett-Packard HP Compaq 6730s)

============== ACTION(S) ==============


Fichier supprimé: C:\windows\Downloaded Program Files\Popcaploader.dll
Fichier supprimé: C:\windows\Downloaded Program Files\Popcaploader.inf
Dossier supprimé: C:\Program Files\GamesBar
Dossier supprimé: C:\Users\Sévy\AppData\LocalLow\Smart-Shopper
Dossier supprimé: C:\ProgramData\Trymedia
Dossier supprimé: C:\Users\Sévy\AppData\Roaming\EoRezo

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Users\Sévy\AppData\Roaming\Mozilla\FireFox\Profiles\jkab98ol.default\Prefs.js --
/!\ Impossible d'ouvrir le fichier, nettoyage interrompu /!\
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\CLSID\{4CF088BD-BE95-40A5-BE9B-677F8683EDEA}
Clé supprimée: HKLM\Software\Classes\CLSID\{6FAC4823-815E-4361-836E-46D65ED2550B}
Clé supprimée: HKLM\Software\Classes\CLSID\{8BCB5337-EC01-4E38-840C-A964F174255B}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{8BCB5337-EC01-4E38-840C-A964F174255B}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BCB5337-EC01-4E38-840C-A964F174255B}
Clé supprimée: HKLM\Software\Classes\CLSID\{911F251E-34FD-465E-B6CE-DF00FF49A6BE}
Clé supprimée: HKLM\Software\Classes\CLSID\{FE4F1649-8909-49C0-87BA-24D65120DB46}
Clé supprimée: HKLM\Software\Classes\PopCapLoader.PopCapLoaderCtrl2
Clé supprimée: HKLM\Software\Classes\PopCapLoader.PopCapLoaderCtrl2.1
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKLM\Software\Freeze.com
Clé supprimée: HKLM\Software\GamesBarSetup
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\Freeze.com
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
HKLM_Extensions|FFToolbar@bitdefender.com - C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\

-- C:\Users\Sévy\AppData\Roaming\Mozilla\FireFox\Profiles\jkab98ol.default --
Extensions\2020Player@2020Technologies.com (20-20 3D Viewer)
Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} (Forecastfox)
Extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66} (AvantGarde Rosepetal)
Searchplugins\sweetim.xml (?)
Prefs.js - browser.search.defaultenginename, Yahoo
Prefs.js - browser.search.defaulturl, hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://y.lo.st
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

========================================

**** Internet Explorer Version [8.0.6001.19120] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847} (x)
HKCU_Toolbar\WebBrowser|{DE9C389F-3316-41A7-809B-AA305ED9D922} (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)
HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
HKLM_Toolbar|{0BF43445-2F28-4351-9252-17FE6E806AA0} (x)
HKLM_Toolbar|{DE9C389F-3316-41A7-809B-AA305ED9D922} (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)
HKLM_Toolbar|{381FFDE8-2394-4f90-B10D-FC6124A40F8C} (C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll)
HKLM_ElevationPolicy\{1950F857-D7D8-4617-8A85-BF48A10483D8} - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197BE6} - C:\Program Files\BitDefender\BitDefender 2010\about.exe\about.ex (x)
HKLM_ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197BE7} - WindowsFolder\hh.exe (x)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{ADADAEE2-457A-4984-A57C-E01C3A2BA612} - c:\program files\aol\aol toolbar 5.0\AolTbServer.exe (AOL LLC)
HKLM_ElevationPolicy\{BB64A76C-9578-433f-949F-142997978A62} - c:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Bioscrypt Inc.)
HKLM_Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - "SmartShopper - Compare product prices" (C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll,203)
HKLM_Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - "SmartShopper - Compare travel rates" (C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll,201)
HKLM_Extensions\{53F6FCCD-9E22-4d71-86EA-6E43136192AB} - "?" (?)
HKLM_Extensions\{925DAB62-F9AC-4221-806A-057BFB1014AA} - "?" (?)
BHO\{3134413B-49B4-425C-98A5-893C1F195601} - "BHO_Startup Class" (C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll)
BHO\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - "AOL Toolbar BHO" (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)
BHO\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - "Skype Browser Helper" (C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll)
BHO\{DF21F1DB-80C6-11D3-9483-B03D0EC10000} - "Credential Manager for HP ProtectTools" (c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 26 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 13/08/2011 11:15:52 (7053 Octet(s))

Fin à: 11:19:00, 13/08/2011

============== E.O.F ==============
0
Réponse 3 / 7
sévy17 Messages postés 4 Date d'inscription samedi 13 août 2011 Statut Membre Dernière intervention 13 août 2011
13 août 2011 à 14:49
deuxième étape effectuée

rapport;
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7454

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19120

13/08/2011 14:48:26
mbam-log-2011-08-13 (14-48-26).txt

Type d'examen: Examen complet (C:\|D:\|F:\|)
Elément(s) analysé(s): 336601
Temps écoulé: 2 heure(s), 25 minute(s), 47 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 15
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbAx (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbAx.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbInfoBand (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbInfoBand.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButton (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButton.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonA (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonA.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonB (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonB.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
0
Réponse 4 / 7
sévy17 Messages postés 4 Date d'inscription samedi 13 août 2011 Statut Membre Dernière intervention 13 août 2011
13 août 2011 à 19:56
voici le rapport OTL
je n'arrive pas à le poster sur le lien du site
j'ai fait Parcourir la base et je ne retrouve pas OTL.txt

est-ce que tout est terminé ? merci encore

OTL logfile created on: 13/08/2011 15:03:02 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Sévy\Desktop\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,93 Gb Total Physical Memory | 0,77 Gb Available Physical Memory | 39,77% Memory free
4,09 Gb Paging File | 2,50 Gb Available in Paging File | 60,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 69,89 Gb Free Space | 31,36% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,82 Gb Free Space | 20,20% Space Free | Partition Type: NTFS
Drive F: | 1021,00 Mb Total Space | 1018,75 Mb Free Space | 99,78% Space Free | Partition Type: FAT32

Computer Name: PC-DE-SÉVY | User Name: Sévy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011/08/13 14:51:40 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Sévy\Desktop\Downloads\OTL.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/25 19:13:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/14 22:40:52 | 001,198,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
PRC - [2011/05/14 22:39:34 | 001,118,232 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
PRC - [2011/03/13 22:22:10 | 000,310,856 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
PRC - [2010/12/09 11:52:54 | 000,684,032 | ---- | M] () -- C:\Program Files\cspep\cspep.exe
PRC - [2010/05/05 20:52:43 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/05/21 02:47:18 | 000,065,296 | ---- | M] (Bioscrypt Inc.) -- c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
PRC - [2008/05/14 22:41:38 | 000,034,184 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
PRC - [2008/05/14 02:35:40 | 000,256,512 | ---- | M] (SafeBoot International) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008/05/12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2008/05/02 22:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2008/04/18 15:54:02 | 000,354,840 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008/03/31 23:41:22 | 000,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2007/05/16 01:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2007/05/16 01:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2007/04/03 18:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011/08/13 14:51:40 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Sévy\Desktop\Downloads\OTL.exe
MOD - [2011/04/04 08:02:06 | 000,232,968 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_94\midas32.dll
MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2008/05/21 02:42:30 | 000,081,680 | ---- | M] (Bioscrypt Inc.) -- C:\Windows\System32\APSHook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (rpcnetp)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/13 22:22:10 | 000,310,856 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV - [2010/05/05 20:52:43 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
SRV - [2010/04/01 22:41:26 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV - [2010/01/09 14:42:49 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2009/10/19 17:06:10 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV - [2008/05/21 02:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2008/05/21 02:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll -- (ASChannel)
SRV - [2008/05/14 22:41:38 | 000,034,184 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008/05/14 02:35:40 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008/05/12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008/05/02 22:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2008/04/18 15:54:02 | 000,354,840 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/05/05 22:30:31 | 000,058,368 | ---- | M] (BitDefender) [Kernel | On_Demand | Stopped] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr)
DRV - [2010/05/05 22:24:59 | 000,119,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2010/05/05 20:54:01 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)
DRV - [2010/05/05 20:49:41 | 000,072,784 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Windows\System32\drivers\bdfndisf6.sys -- (BdfNdisf)
DRV - [2010/04/01 22:41:43 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\windows\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010/02/10 15:17:12 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (BDFM)
DRV - [2009/08/27 17:28:44 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - [2009/05/07 04:22:06 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - [2009/03/31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/05/14 02:36:26 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008/05/14 02:36:22 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008/05/14 02:36:20 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008/05/14 02:36:18 | 000,108,752 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008/04/14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008/04/10 19:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008/04/07 20:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008/04/07 20:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008/02/29 18:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/01/21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/06/19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "https://search.yahoo.com/web?fr=ytff-"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://y.lo.st"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Sévy\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2011/06/06 07:29:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 19:13:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/20 13:36:15 | 000,000,000 | ---D | M]

[2009/06/29 19:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sévy\AppData\Roaming\mozilla\Extensions
[2011/07/17 10:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions
[2011/07/17 10:40:12 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/07/26 11:27:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/23 08:07:43 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/09/04 18:28:47 | 000,000,000 | ---D | M] (AvantGarde Rosepetal) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
[2010/12/30 15:39:50 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\2020Player@2020Technologies.com
[2009/08/05 13:02:17 | 000,003,915 | ---- | M] () -- C:\Users\Sévy\AppData\Roaming\Mozilla\Firefox\Profiles\jkab98ol.default\searchplugins\sweetim.xml
[2011/07/04 10:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/06/29 08:42:28 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/02/02 22:50:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/07/04 10:37:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\{0538E3E3-7E9B-4D49-8831-A227C80A7AD3}
File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\2020PLAYER@2020TECHNOLOGIES.COM
[2011/06/25 19:13:15 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files\cspep\cspep.exe ()
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} file:///C:/Users/Sévy/AppData/Local/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v10.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Sévy\Documents\Photos au 10 Août 2009\Année 2011\mai\IMG_0944.JPG
O24 - Desktop BackupWallPaper: C:\Users\Sévy\Documents\Photos au 10 Août 2009\Année 2011\mai\IMG_0944.JPG
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk - C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk - C:\PROGRA~1\INTERV~1\DVDCHE~1\DVDCheck.exe - (InterVideo Inc.)
MsConfig - StartUpReg: [b]BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
MsConfig - StartUpReg: [b]CognizanceTS[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]File Sanitizer[/b] - hkey= - key= - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]HP Health Check Scheduler[/b] - hkey= - key= - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]IAAnotif[/b] - hkey= - key= - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
MsConfig - StartUpReg: [b]LightScribe Control Panel[/b] - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: [b]PTHOSTTR[/b] - hkey= - key= - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: [b]SweetIM[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]WatchDog[/b] - hkey= - key= - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {0231C6BF-08AC-A8C8-1F7C-667C3510B599} - Internet Explorer
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {1D29643E-CC84-8CD8-ADA1-4EB8556239D1} - Internet Explorer
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2DFB95B5-9A64-959A-76FE-CEF26B3930D5} - Internet Explorer
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4ECB6DEA-0147-6636-4D13-3B7A7682CCF3} -
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {579A15E5-3CB0-2B89-381F-37D953222098} - Internet Explorer
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7166DF90-0FDC-A955-752C-9A5746957C4D} - Java (Sun)
ActiveX: {71DA4590-E92D-C7BD-992D-9D89A04997E1} - Java (Sun)
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A6AE5E3-8D43-F882-6814-C2966396B2C4} - Internet Explorer
ActiveX: {AE3FA250-C5DB-A8BE-0CC9-DE2CFFC86721} -
ActiveX: {AF56DFD7-8BE7-6A44-C6DB-0C05949EF896} - Microsoft Windows Media Player
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E131B1BE-5894-2DE5-4587-EA0A6D7F3D30} - Java (Sun)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EFA5FD3E-9E7C-CE5D-06C5-476638186B2D} - Browser Customizations
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\windows\System32\rundll32.exe" "C:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3acm - C:\windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\windows\System32\lameACM.acm (http://www.mp3dev.org/
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\windows\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/08/13 12:16:38 | 000,000,000 | ---D | C] -- C:\Users\Sévy\AppData\Roaming\Malwarebytes
[2011/08/13 12:16:21 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/08/13 12:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/13 12:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/13 12:16:16 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/08/13 12:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/13 11:13:22 | 000,000,000 | ---D | C] -- C:\Users\Sévy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ad-Remover
[2011/08/13 11:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/08/11 08:06:58 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2011/08/11 08:06:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2011/08/11 08:06:04 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2011/08/11 08:06:01 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2011/08/11 08:06:00 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011/08/11 08:05:59 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2011/08/11 08:05:59 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2011/08/11 08:05:58 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2011/08/11 08:05:57 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011/08/11 08:05:57 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011/08/11 08:05:57 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2011/08/11 08:05:56 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2011/08/11 08:05:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2011/08/11 08:05:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2011/08/11 08:05:55 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2011/08/11 08:05:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2011/08/11 08:05:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011/08/11 08:05:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2011/08/11 08:05:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2011/08/11 08:04:33 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2011/08/11 08:04:32 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2011/07/30 21:37:57 | 000,000,000 | ---D | C] -- C:\Users\Sévy\Documents\Secrete Arlette
[2009/06/20 12:41:16 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2007/07/05 10:28:52 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/08/13 15:06:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/08/13 14:55:37 | 000,000,416 | ---- | M] () -- C:\windows\tasks\PCConfidential.job
[2011/08/13 14:55:16 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/13 14:55:16 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/13 14:55:02 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/08/13 14:55:00 | 2070,196,224 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/13 14:54:03 | 000,000,052 | ---- | M] () -- C:\windows\System32\ashttpstats.csv
[2011/08/13 12:16:22 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/13 11:13:22 | 000,001,676 | ---- | M] () -- C:\Users\Sévy\Desktop\Ad-Remover.lnk
[2011/08/13 08:13:02 | 000,377,008 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/08/13 08:06:57 | 000,000,146 | ---- | M] () -- C:\windows\WININIT.INI
[2011/08/13 07:31:55 | 000,723,018 | ---- | M] () -- C:\windows\System32\perfh00C.dat
[2011/08/13 07:31:54 | 000,634,400 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/08/13 07:31:54 | 000,146,612 | ---- | M] () -- C:\windows\System32\perfc00C.dat
[2011/08/13 07:31:54 | 000,119,964 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/08/10 16:00:41 | 000,233,472 | ---- | M] () -- C:\Users\Sévy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/04 17:15:24 | 000,001,226 | ---- | M] () -- C:\Users\Public\Desktop\Encore plus de jeux.lnk
[2011/07/30 20:50:02 | 020,038,942 | ---- | M] () -- C:\Users\Sévy\Documents\Fiches-techniques-SA-2011.pdf
[2011/07/28 11:35:06 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2011/07/23 13:04:18 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2011/07/23 13:01:07 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2011/07/23 13:00:36 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011/07/23 13:00:36 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2011/07/23 13:00:05 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2011/07/23 12:59:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2011/07/23 12:59:52 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2011/07/23 12:59:35 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2011/07/23 12:59:34 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011/07/23 12:59:34 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2011/07/23 12:59:34 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2011/07/23 12:59:34 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2011/07/23 12:59:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2011/07/23 12:03:47 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011/07/23 11:27:04 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2011/07/23 11:26:52 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2011/07/23 11:26:12 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2011/07/23 11:25:38 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011/07/19 08:30:27 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/07/19 08:30:27 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/08/13 15:06:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/08/13 12:16:22 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/13 11:13:22 | 000,001,676 | ---- | C] () -- C:\Users\Sévy\Desktop\Ad-Remover.lnk
[2011/08/13 08:06:57 | 000,000,146 | ---- | C] () -- C:\windows\WININIT.INI
[2011/07/30 20:50:00 | 020,038,942 | ---- | C] () -- C:\Users\Sévy\Documents\Fiches-techniques-SA-2011.pdf
[2011/07/19 08:30:27 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/07/19 08:30:27 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/01/27 01:02:22 | 000,110,592 | ---- | C] () -- C:\windows\System32\FsUsbExDevice.Dll
[2011/01/27 01:02:22 | 000,036,608 | ---- | C] () -- C:\windows\System32\FsUsbExDisk.Sys
[2010/11/29 16:38:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/26 09:01:26 | 000,000,025 | ---- | C] () -- C:\Users\Sévy\AppData\Roaming\bdfvconp.ini
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\phar_unmip.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\phar_histprot.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_webproxy.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_video.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_tabloids.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_socialnetworks.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_searchengines.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_regionaltlds.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_pornography.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlineshop.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlinepay.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlinedating.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_news.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_im.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_illegal.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_hate.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_games.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_gambling.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_drugs.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\wsbl.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_white.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_summ.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_black.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\pcwords2.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\pcwords.dat
[2010/01/20 10:45:11 | 000,000,016 | ---- | C] () -- C:\windows\System32\asdict.dat
[2010/01/20 10:45:11 | 000,000,004 | ---- | C] () -- C:\windows\System32\aspdict-en.dat
[2010/01/20 00:48:02 | 000,000,132 | ---- | C] () -- C:\windows\System32\rezumatenoi.dat
[2010/01/11 20:26:07 | 000,000,680 | ---- | C] () -- C:\Users\Sévy\AppData\Local\d3d9caps.dat
[2009/08/12 16:22:22 | 000,168,448 | ---- | C] () -- C:\windows\System32\unrar.dll
[2009/08/12 16:22:22 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2009/08/12 16:22:19 | 000,881,664 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2009/08/12 16:22:19 | 000,205,824 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2009/08/12 16:22:18 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2009/08/12 16:22:16 | 000,085,504 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2009/08/01 13:53:12 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll
[2009/07/31 00:35:08 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2009/07/31 00:35:07 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
[2009/07/09 22:51:24 | 000,000,296 | ---- | C] () -- C:\Users\Sévy\AppData\Roaming\bbbconfig.dat
[2009/06/30 19:00:38 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2009/06/29 19:55:31 | 000,081,984 | ---- | C] () -- C:\windows\System32\bdod.bin
[2009/06/23 09:21:15 | 000,233,472 | ---- | C] () -- C:\Users\Sévy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/21 15:54:08 | 000,000,571 | ---- | C] () -- C:\windows\HBCIKRNL.INI
[2009/06/20 16:43:29 | 000,024,064 | ---- | C] () -- C:\Users\Sévy\AppData\Roaming\UserTile.png
[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\windows\System32\txmlutil.dll
[2008/10/10 08:36:28 | 000,003,584 | ---- | C] () -- C:\windows\System32\wceprv.dll
[2008/07/12 08:38:11 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll
[2008/07/12 08:38:11 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll
[2008/07/12 08:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll
[2008/07/12 08:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll
[2008/07/12 08:38:11 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll
[2008/07/12 08:38:11 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll
[2008/07/12 08:18:16 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2008/05/21 16:20:22 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1489.dll
[2008/05/21 16:06:30 | 000,492,496 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2008/05/21 16:06:28 | 002,192,024 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2008/05/21 16:06:28 | 000,146,596 | ---- | C] () -- C:\windows\System32\igfcg550.bin
[2008/05/14 02:36:18 | 000,108,752 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2008/04/16 16:18:01 | 000,723,018 | ---- | C] () -- C:\windows\System32\perfh00C.dat
[2008/04/16 16:18:01 | 000,340,236 | ---- | C] () -- C:\windows\System32\perfi00C.dat
[2008/04/16 16:18:01 | 000,146,612 | ---- | C] () -- C:\windows\System32\perfc00C.dat
[2008/04/16 16:18:01 | 000,037,390 | ---- | C] () -- C:\windows\System32\perfd00C.dat
[2008/04/10 19:27:34 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\windows\System32\drivers\StarOpen.sys
[2007/05/10 08:16:40 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\windows\System32\xreglib.dll
[2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2006/11/02 14:44:53 | 000,377,008 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2006/11/02 12:33:01 | 000,634,400 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,119,964 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006/05/20 04:39:58 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2006/03/09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2005/04/04 00:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
[2000/07/15 00:00:00 | 000,030,720 | ---- | C] () -- C:\windows\regtlib.exe
[1998/05/07 05:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll

[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2010/12/10 22:15:54 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Adobe
[2009/09/01 18:09:05 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Ahead
[2010/08/27 16:58:15 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Apple Computer
[2010/04/15 22:14:10 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Bigfish 3 Days Zoo Mystery
[2010/06/17 21:42:30 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\BigFish DressUpRush
[2010/01/20 00:37:43 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\BitDefender
[2009/08/06 21:31:23 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Boolat Games
[2011/07/14 00:20:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\dvdcss
[2009/08/11 11:41:25 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\EleFun Games
[2010/06/04 20:51:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Facebook
[2010/04/16 16:45:24 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Farm Mania
[2010/10/14 13:11:28 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Farm Mania 2
[2010/11/17 18:04:04 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\freshgames
[2010/05/15 20:47:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Game Mill Entertainment
[2009/08/08 23:09:37 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\GameInvest
[2009/11/01 21:37:34 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Gamenauts
[2009/06/21 15:57:28 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Hewlett Packard
[2009/06/21 15:47:41 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Hewlett-Packard
[2010/10/10 13:27:17 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Hotdog Hotshot
[2009/06/20 13:15:51 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\HPQLOG
[2011/05/13 18:06:09 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\HpUpdate
[2009/06/20 13:15:32 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Identities
[2009/06/20 12:36:20 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\InstallShield
[2009/06/20 12:44:50 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Macromedia
[2011/08/13 12:16:38 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Malwarebytes
[2009/10/16 21:54:44 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Mean Hamster
[2009/08/12 16:56:59 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Media Player Classic
[2010/01/08 22:20:06 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Merscom
[2011/02/12 14:51:46 | 000,000,000 | --SD | M] -- C:\Users\Sévy\AppData\Roaming\Microsoft
[2009/06/29 19:14:07 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Mozilla
[2009/08/05 22:06:39 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\MysteryStudio
[2010/05/05 16:47:18 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Oberon Games
[2011/03/10 20:15:01 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\PC Suite
[2009/06/20 16:43:28 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\PeerNetworking
[2011/05/18 21:06:18 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\PlayFirst
[2009/11/02 10:02:40 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\RobinsonCrusoeBFGFR
[2011/08/13 07:36:47 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Samsung
[2011/08/13 14:58:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Skype
[2011/06/29 08:09:15 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\skypePM
[2009/10/29 18:10:38 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\SprillRichiEng
[2010/09/22 20:56:01 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\SulusGames
[2009/06/21 15:56:23 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\TMP
[2009/11/02 11:02:11 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\ViquaSoft
[2009/06/29 20:09:21 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\vlc
[2009/10/27 21:23:46 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\WinRAR
[2010/10/01 10:01:59 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\YoudaGames

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2010/06/04 20:51:22 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Sévy\AppData\Roaming\Facebook\uninstall.exe
[2010/08/23 23:01:34 | 002,788,816 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Sévy\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2008/01/22 11:28:00 | 017,853,808 | ---- | M] (Marvell ) -- C:\Users\Sévy\AppData\Roaming\TMP\setup.exe

[color=#A23BEC]< %temp%\.exe /s >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\windows\system32\dxtmsft.dll
[2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\windows\system32\dxtrans.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[2010/02/10 15:17:12 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA)[b] Unable to obtain MD5[/b] -- C:\windows\system32\drivers\bdfm.sys
[2010/04/01 22:41:43 | 000,291,352 | ---- | M] (BitDefender)[b] Unable to obtain MD5[/b] -- C:\windows\system32\drivers\bdfsfltr.sys
[2008/05/14 02:36:18 | 000,108,752 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\windows\system32\drivers\SafeBoot.sys

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2008/01/21 05:31:11 | 015,716,352 | ---- | M] () -- C:\windows\System32\config\COMPONENTS.SAV
[2008/01/21 05:31:01 | 000,102,400 | ---- | M] () -- C:\windows\System32\config\DEFAULT.SAV
[2008/01/21 05:31:12 | 000,020,480 | ---- | M] () -- C:\windows\System32\config\SECURITY.SAV
[2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\windows\System32\config\SOFTWARE.SAV
[2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\windows\System32\config\SYSTEM.SAV


[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_3
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
13 août 2011 à 19:57
Sur pjjoint le rapport stp.
relire la procédure.
0
Réponse 6 / 7
sévy17 Messages postés 4 Date d'inscription samedi 13 août 2011 Statut Membre Dernière intervention 13 août 2011
13 août 2011 à 20:13
ça y est je viens d'y arriver
voici le lien
https://pjjoint.malekal.com/files.php?id=8f3fcc61b1z11b15u9e14j10n11w11u10w10q8t7k13v5s8s6c14f14e12h12e13

et maintenant que dois-je faire svp
encore merci
0
Réponse 7 / 7
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 658
14 août 2011 à 01:11
Je vois pas trop ce qui t'empeche de changer la page de démarrage lo.st par une autre dans la configuration de Firefox ?!

Mais bon fais ça :

Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l'operation que tu conserveras sur clé usb par exemple afin d'en coller le resultat:

:OTL
FF - prefs.js..browser.startup.homepage: http://y.lo.st
[2009/08/05 13:02:17 | 000,003,915 | ---- | M] () -- C:\Users\Sévy\AppData\Roaming\Mozilla\Firefox\Profiles\jkab98ol.default\searchplugins\sweetim.xml

* redemarre le pc sous windows et poste le rapport ici
0