Même problème que juu

sévy -  
Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
Bonjour,



bonjour j ai le même virus....je ne comprends pas trop......j ai suivie la première étape et j ai reçu un "rapport" mais je dois le poster ici????

par contre je n ai trouvé aucun programme ds mon pc se nommant PCtuto!!!
pourtant je suis bien touours dirigée suur LO.ST et des pubs incessantes qui s ouvrent tout le temps....pfffffffftttttt je ne sais pas comment faire.....

7 réponses

  1. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    Salut,

    Bienvenue.
    Voici la procédure à suivre.
    Prière de lire attentivement les instructions pour les suivre correctement surtout en respectant l'ordre des étapes et attendre d'avoir fini chaque étape pour passer à la suivante.
    Bien poster les rapports comme demandés aafin de pouvoir les analyser.

    La procédure doit être suivi l'un après l'un et PAS faire les étapes en même temps.

    Télécharge AD-Remover : http://www.teamxscript.org/adremoverTelechargement.html
    Lance le en mode nettoyage
    Poste le rapport ici.

    ensuite :

    Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
    Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
    !!! Malwarebyte doit être à jour avant de faire le scan !!!

    ensuite :

    Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

    * Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

    * Lance OTL
    * Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %temp%\.exe /s
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
    CREATERESTOREPOINT
    nslookup www.google.fr /c
    SAVEMBR:0
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs

    * Clique sur le bouton Analyse.
    * Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
    Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
    1
  2. sévy17 Messages postés 5 Statut Membre
     
    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 11:15:46 le 13/08/2011, Mode normal

    Microsoft® Windows Vista(TM) Édition Familiale Basique Service Pack 2 (X86)
    Sévy@PC-DE-SÉVY (Hewlett-Packard HP Compaq 6730s)

    ============== ACTION(S) ==============

    Fichier supprimé: C:\windows\Downloaded Program Files\Popcaploader.dll
    Fichier supprimé: C:\windows\Downloaded Program Files\Popcaploader.inf
    Dossier supprimé: C:\Program Files\GamesBar
    Dossier supprimé: C:\Users\Sévy\AppData\LocalLow\Smart-Shopper
    Dossier supprimé: C:\ProgramData\Trymedia
    Dossier supprimé: C:\Users\Sévy\AppData\Roaming\EoRezo

    (!) -- Fichiers temporaires supprimés.

    -- Fichier ouvert: C:\Users\Sévy\AppData\Roaming\Mozilla\FireFox\Profiles\jkab98ol.default\Prefs.js --
    /!\ Impossible d'ouvrir le fichier, nettoyage interrompu /!\
    -- Fichier Fermé --

    Clé supprimée: HKLM\Software\Classes\CLSID\{4CF088BD-BE95-40A5-BE9B-677F8683EDEA}
    Clé supprimée: HKLM\Software\Classes\CLSID\{6FAC4823-815E-4361-836E-46D65ED2550B}
    Clé supprimée: HKLM\Software\Classes\CLSID\{8BCB5337-EC01-4E38-840C-A964F174255B}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{8BCB5337-EC01-4E38-840C-A964F174255B}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BCB5337-EC01-4E38-840C-A964F174255B}
    Clé supprimée: HKLM\Software\Classes\CLSID\{911F251E-34FD-465E-B6CE-DF00FF49A6BE}
    Clé supprimée: HKLM\Software\Classes\CLSID\{FE4F1649-8909-49C0-87BA-24D65120DB46}
    Clé supprimée: HKLM\Software\Classes\PopCapLoader.PopCapLoaderCtrl2
    Clé supprimée: HKLM\Software\Classes\PopCapLoader.PopCapLoaderCtrl2.1
    Clé supprimée: HKLM\Software\EoRezo
    Clé supprimée: HKLM\Software\Freeze.com
    Clé supprimée: HKLM\Software\GamesBarSetup
    Clé supprimée: HKCU\Software\EoRezo
    Clé supprimée: HKCU\Software\Freeze.com
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}

    Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo

    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [5.0 (fr)] ****

    HKLM_MozillaPlugins\Adobe Reader (x)
    Searchplugins\bing.xml ( hxxp://www.bing.com/search)
    Components\browsercomps.dll (Mozilla Foundation)
    Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
    HKLM_Extensions|FFToolbar@bitdefender.com - C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\

    -- C:\Users\Sévy\AppData\Roaming\Mozilla\FireFox\Profiles\jkab98ol.default --
    Extensions\2020Player@2020Technologies.com (20-20 3D Viewer)
    Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} (Forecastfox)
    Extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66} (AvantGarde Rosepetal)
    Searchplugins\sweetim.xml (?)
    Prefs.js - browser.search.defaultenginename, Yahoo
    Prefs.js - browser.search.defaulturl, hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
    Prefs.js - browser.search.selectedEngine, Google
    Prefs.js - browser.startup.homepage, hxxp://y.lo.st
    Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
    Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

    ========================================

    **** Internet Explorer Version [8.0.6001.19120] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847} (x)
    HKCU_Toolbar\WebBrowser|{DE9C389F-3316-41A7-809B-AA305ED9D922} (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)
    HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
    HKLM_Toolbar|{0BF43445-2F28-4351-9252-17FE6E806AA0} (x)
    HKLM_Toolbar|{DE9C389F-3316-41A7-809B-AA305ED9D922} (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)
    HKLM_Toolbar|{381FFDE8-2394-4f90-B10D-FC6124A40F8C} (C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll)
    HKLM_ElevationPolicy\{1950F857-D7D8-4617-8A85-BF48A10483D8} - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197BE6} - C:\Program Files\BitDefender\BitDefender 2010\about.exe\about.ex (x)
    HKLM_ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197BE7} - WindowsFolder\hh.exe (x)
    HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
    HKLM_ElevationPolicy\{ADADAEE2-457A-4984-A57C-E01C3A2BA612} - c:\program files\aol\aol toolbar 5.0\AolTbServer.exe (AOL LLC)
    HKLM_ElevationPolicy\{BB64A76C-9578-433f-949F-142997978A62} - c:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Bioscrypt Inc.)
    HKLM_Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - "SmartShopper - Compare product prices" (C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll,203)
    HKLM_Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - "SmartShopper - Compare travel rates" (C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll,201)
    HKLM_Extensions\{53F6FCCD-9E22-4d71-86EA-6E43136192AB} - "?" (?)
    HKLM_Extensions\{925DAB62-F9AC-4221-806A-057BFB1014AA} - "?" (?)
    BHO\{3134413B-49B4-425C-98A5-893C1F195601} - "BHO_Startup Class" (C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll)
    BHO\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - "AOL Toolbar BHO" (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)
    BHO\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - "Skype Browser Helper" (C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll)
    BHO\{DF21F1DB-80C6-11D3-9483-B03D0EC10000} - "Credential Manager for HP ProtectTools" (c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 26 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 13/08/2011 11:15:52 (7053 Octet(s))

    Fin à: 11:19:00, 13/08/2011

    ============== E.O.F ==============
    0
  3. sévy17 Messages postés 5 Statut Membre
     
    deuxième étape effectuée

    rapport;
    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Version de la base de données: 7454

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.19120

    13/08/2011 14:48:26
    mbam-log-2011-08-13 (14-48-26).txt

    Type d'examen: Examen complet (C:\|D:\|F:\|)
    Elément(s) analysé(s): 336601
    Temps écoulé: 2 heure(s), 25 minute(s), 47 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 15
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 7

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Smart-Shopper.HbAx (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Smart-Shopper.HbAx.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Smart-Shopper.HbInfoBand (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Smart-Shopper.HbInfoBand.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Smart-Shopper.IEButton (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Smart-Shopper.IEButton.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonA (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonA.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonB (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonB.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)
    0
  4. sévy17 Messages postés 5 Statut Membre
     
    voici le rapport OTL
    je n'arrive pas à le poster sur le lien du site
    j'ai fait Parcourir la base et je ne retrouve pas OTL.txt

    est-ce que tout est terminé ? merci encore

    OTL logfile created on: 13/08/2011 15:03:02 - Run 1
    OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Sévy\Desktop\Downloads
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.19120)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1,93 Gb Total Physical Memory | 0,77 Gb Available Physical Memory | 39,77% Memory free
    4,09 Gb Paging File | 2,50 Gb Available in Paging File | 60,99% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
    Drive C: | 222,88 Gb Total Space | 69,89 Gb Free Space | 31,36% Space Free | Partition Type: NTFS
    Drive D: | 9,00 Gb Total Space | 1,82 Gb Free Space | 20,20% Space Free | Partition Type: NTFS
    Drive F: | 1021,00 Mb Total Space | 1018,75 Mb Free Space | 99,78% Space Free | Partition Type: FAT32

    Computer Name: PC-DE-SÉVY | User Name: Sévy | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    [color=#E56717]========== Processes (SafeList) ==========[/color]

    PRC - [2011/08/13 14:51:40 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Sévy\Desktop\Downloads\OTL.exe
    PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2011/06/25 19:13:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2011/05/14 22:40:52 | 001,198,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
    PRC - [2011/05/14 22:39:34 | 001,118,232 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
    PRC - [2011/03/13 22:22:10 | 000,310,856 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    PRC - [2010/12/09 11:52:54 | 000,684,032 | ---- | M] () -- C:\Program Files\cspep\cspep.exe
    PRC - [2010/05/05 20:52:43 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
    PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2008/05/21 02:47:18 | 000,065,296 | ---- | M] (Bioscrypt Inc.) -- c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
    PRC - [2008/05/14 22:41:38 | 000,034,184 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
    PRC - [2008/05/14 02:35:40 | 000,256,512 | ---- | M] (SafeBoot International) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
    PRC - [2008/05/12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
    PRC - [2008/05/02 22:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
    PRC - [2008/04/18 15:54:02 | 000,354,840 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    PRC - [2008/03/31 23:41:22 | 000,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
    PRC - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
    PRC - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
    PRC - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe
    PRC - [2007/05/16 01:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe
    PRC - [2007/05/16 01:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
    PRC - [2007/04/03 18:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    PRC - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

    [color=#E56717]========== Modules (SafeList) ==========[/color]

    MOD - [2011/08/13 14:51:40 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Sévy\Desktop\Downloads\OTL.exe
    MOD - [2011/04/04 08:02:06 | 000,232,968 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_94\midas32.dll
    MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
    MOD - [2008/05/21 02:42:30 | 000,081,680 | ---- | M] (Bioscrypt Inc.) -- C:\Windows\System32\APSHook.dll

    [color=#E56717]========== Win32 Services (SafeList) ==========[/color]

    SRV - File not found [Auto | Stopped] -- -- (rpcnetp)
    SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/03/13 22:22:10 | 000,310,856 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
    SRV - [2010/05/05 20:52:43 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
    SRV - [2010/04/01 22:41:26 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
    SRV - [2010/01/09 14:42:49 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
    SRV - [2009/10/19 17:06:10 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
    SRV - [2008/05/21 02:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
    SRV - [2008/05/21 02:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll -- (ASChannel)
    SRV - [2008/05/14 22:41:38 | 000,034,184 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
    SRV - [2008/05/14 02:35:40 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
    SRV - [2008/05/12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
    SRV - [2008/05/02 22:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
    SRV - [2008/04/18 15:54:02 | 000,354,840 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
    SRV - [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
    SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
    SRV - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
    SRV - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
    SRV - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

    [color=#E56717]========== Driver Services (SafeList) ==========[/color]

    DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
    DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2010/05/05 22:30:31 | 000,058,368 | ---- | M] (BitDefender) [Kernel | On_Demand | Stopped] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr)
    DRV - [2010/05/05 22:24:59 | 000,119,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)
    DRV - [2010/05/05 20:54:01 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)
    DRV - [2010/05/05 20:49:41 | 000,072,784 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Windows\System32\drivers\bdfndisf6.sys -- (BdfNdisf)
    DRV - [2010/04/01 22:41:43 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\windows\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
    DRV - [2010/02/10 15:17:12 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (BDFM)
    DRV - [2009/08/27 17:28:44 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
    DRV - [2009/05/07 04:22:06 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
    DRV - [2009/03/31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
    DRV - [2008/05/14 02:36:26 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
    DRV - [2008/05/14 02:36:22 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
    DRV - [2008/05/14 02:36:20 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
    DRV - [2008/05/14 02:36:18 | 000,108,752 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
    DRV - [2008/04/14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
    DRV - [2008/04/10 19:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
    DRV - [2008/04/07 20:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
    DRV - [2008/04/07 20:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
    DRV - [2008/02/29 18:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2008/01/21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
    DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
    DRV - [2007/06/19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

    [color=#E56717]========== Standard Registry (SafeList) ==========[/color]

    [color=#E56717]========== Internet Explorer ==========[/color]

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    [color=#E56717]========== FireFox ==========[/color]

    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.defaulturl: "https://search.yahoo.com/web?fr=ytff-"
    FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
    FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.startup.homepage: "http://y.lo.st"

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Sévy\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2011/06/06 07:29:08 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 19:13:16 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/20 13:36:15 | 000,000,000 | ---D | M]

    [2009/06/29 19:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sévy\AppData\Roaming\mozilla\Extensions
    [2011/07/17 10:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions
    [2011/07/17 10:40:12 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
    [2010/07/26 11:27:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/06/23 08:07:43 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2009/09/04 18:28:47 | 000,000,000 | ---D | M] (AvantGarde Rosepetal) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
    [2010/12/30 15:39:50 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\2020Player@2020Technologies.com
    [2009/08/05 13:02:17 | 000,003,915 | ---- | M] () -- C:\Users\Sévy\AppData\Roaming\Mozilla\Firefox\Profiles\jkab98ol.default\searchplugins\sweetim.xml
    [2011/07/04 10:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
    [2011/06/29 08:42:28 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2011/02/02 22:50:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    [2011/07/04 10:37:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
    File not found (No name found) --
    File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\{0538E3E3-7E9B-4D49-8831-A227C80A7AD3}
    File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
    File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
    File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\2020PLAYER@2020TECHNOLOGIES.COM
    [2011/06/25 19:13:15 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
    O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
    O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
    O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
    O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
    O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
    O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
    O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
    O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
    O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files\cspep\cspep.exe ()
    O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html ()
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
    O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} file:///C:/Users/Sévy/AppData/Local/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v10.cab (PopCapLoader Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Sévy\Documents\Photos au 10 Août 2009\Année 2011\mai\IMG_0944.JPG
    O24 - Desktop BackupWallPaper: C:\Users\Sévy\Documents\Photos au 10 Août 2009\Année 2011\mai\IMG_0944.JPG
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found

    MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk - C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE - (Adobe Systems, Inc.)
    MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk - C:\PROGRA~1\INTERV~1\DVDCHE~1\DVDCheck.exe - (InterVideo Inc.)
    MsConfig - StartUpReg: [b]BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
    MsConfig - StartUpReg: [b]CognizanceTS[/b] - hkey= - key= - File not found
    MsConfig - StartUpReg: [b]File Sanitizer[/b] - hkey= - key= - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
    MsConfig - StartUpReg: [b]HP Health Check Scheduler[/b] - hkey= - key= - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
    MsConfig - StartUpReg: [b]IAAnotif[/b] - hkey= - key= - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
    MsConfig - StartUpReg: [b]LightScribe Control Panel[/b] - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
    MsConfig - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - File not found
    MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
    MsConfig - StartUpReg: [b]PTHOSTTR[/b] - hkey= - key= - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
    MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
    MsConfig - StartUpReg: [b]SweetIM[/b] - hkey= - key= - File not found
    MsConfig - StartUpReg: [b]WatchDog[/b] - hkey= - key= - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
    MsConfig - State: "startup" - 2

    SafeBootMin: AppMgmt - Service
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: HelpSvc - Service
    SafeBootMin: NTDS - File not found
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: sacsvr - Service
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    SafeBootNet: AppMgmt - Service
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: HelpSvc - Service
    SafeBootNet: Messenger - Service
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: NTDS - File not found
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: rdsessmgr - Service
    SafeBootNet: sacsvr - Service
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SafeBootNet: WudfPf - Driver
    SafeBootNet: WudfUsbccidDriver - Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
    SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
    SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

    ActiveX: {0231C6BF-08AC-A8C8-1F7C-667C3510B599} - Internet Explorer
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
    ActiveX: {1D29643E-CC84-8CD8-ADA1-4EB8556239D1} - Internet Explorer
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
    ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {2DFB95B5-9A64-959A-76FE-CEF26B3930D5} - Internet Explorer
    ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4ECB6DEA-0147-6636-4D13-3B7A7682CCF3} -
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
    ActiveX: {579A15E5-3CB0-2B89-381F-37D953222098} - Internet Explorer
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7166DF90-0FDC-A955-752C-9A5746957C4D} - Java (Sun)
    ActiveX: {71DA4590-E92D-C7BD-992D-9D89A04997E1} - Java (Sun)
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {9A6AE5E3-8D43-F882-6814-C2966396B2C4} - Internet Explorer
    ActiveX: {AE3FA250-C5DB-A8BE-0CC9-DE2CFFC86721} -
    ActiveX: {AF56DFD7-8BE7-6A44-C6DB-0C05949EF896} - Microsoft Windows Media Player
    ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E131B1BE-5894-2DE5-4587-EA0A6D7F3D30} - Java (Sun)
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {EFA5FD3E-9E7C-CE5D-06C5-476638186B2D} - Browser Customizations
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\windows\System32\rundll32.exe" "C:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

    Drivers32: msacm.ac3acm - C:\windows\System32\ac3acm.acm (fccHandler)
    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.lameacm - C:\windows\System32\lameACM.acm (http://www.mp3dev.org/
    Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
    Drivers32: VIDC.DIVX - C:\windows\System32\divx.dll (DivX, Inc.)
    Drivers32: VIDC.FFDS - C:\windows\System32\ff_vfw.dll ()
    Drivers32: VIDC.XVID - C:\windows\System32\xvidvfw.dll ()
    Drivers32: VIDC.YV12 - C:\windows\System32\yv12vfw.dll (www.helixcommunity.org)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point
    PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

    [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

    [2011/08/13 12:16:38 | 000,000,000 | ---D | C] -- C:\Users\Sévy\AppData\Roaming\Malwarebytes
    [2011/08/13 12:16:21 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
    [2011/08/13 12:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/08/13 12:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2011/08/13 12:16:16 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
    [2011/08/13 12:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/08/13 11:13:22 | 000,000,000 | ---D | C] -- C:\Users\Sévy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ad-Remover
    [2011/08/13 11:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
    [2011/08/11 08:06:58 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
    [2011/08/11 08:06:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
    [2011/08/11 08:06:04 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
    [2011/08/11 08:06:01 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
    [2011/08/11 08:06:00 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
    [2011/08/11 08:05:59 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
    [2011/08/11 08:05:59 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
    [2011/08/11 08:05:58 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
    [2011/08/11 08:05:57 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
    [2011/08/11 08:05:57 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
    [2011/08/11 08:05:57 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
    [2011/08/11 08:05:56 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
    [2011/08/11 08:05:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
    [2011/08/11 08:05:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
    [2011/08/11 08:05:55 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
    [2011/08/11 08:05:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
    [2011/08/11 08:05:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
    [2011/08/11 08:05:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
    [2011/08/11 08:05:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
    [2011/08/11 08:04:33 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
    [2011/08/11 08:04:32 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
    [2011/07/30 21:37:57 | 000,000,000 | ---D | C] -- C:\Users\Sévy\Documents\Secrete Arlette
    [2009/06/20 12:41:16 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
    [2007/07/05 10:28:52 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll

    [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

    [2011/08/13 15:06:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
    [2011/08/13 14:55:37 | 000,000,416 | ---- | M] () -- C:\windows\tasks\PCConfidential.job
    [2011/08/13 14:55:16 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/08/13 14:55:16 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/08/13 14:55:02 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
    [2011/08/13 14:55:00 | 2070,196,224 | -HS- | M] () -- C:\hiberfil.sys
    [2011/08/13 14:54:03 | 000,000,052 | ---- | M] () -- C:\windows\System32\ashttpstats.csv
    [2011/08/13 12:16:22 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/08/13 11:13:22 | 000,001,676 | ---- | M] () -- C:\Users\Sévy\Desktop\Ad-Remover.lnk
    [2011/08/13 08:13:02 | 000,377,008 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
    [2011/08/13 08:06:57 | 000,000,146 | ---- | M] () -- C:\windows\WININIT.INI
    [2011/08/13 07:31:55 | 000,723,018 | ---- | M] () -- C:\windows\System32\perfh00C.dat
    [2011/08/13 07:31:54 | 000,634,400 | ---- | M] () -- C:\windows\System32\perfh009.dat
    [2011/08/13 07:31:54 | 000,146,612 | ---- | M] () -- C:\windows\System32\perfc00C.dat
    [2011/08/13 07:31:54 | 000,119,964 | ---- | M] () -- C:\windows\System32\perfc009.dat
    [2011/08/10 16:00:41 | 000,233,472 | ---- | M] () -- C:\Users\Sévy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/08/04 17:15:24 | 000,001,226 | ---- | M] () -- C:\Users\Public\Desktop\Encore plus de jeux.lnk
    [2011/07/30 20:50:02 | 020,038,942 | ---- | M] () -- C:\Users\Sévy\Documents\Fiches-techniques-SA-2011.pdf
    [2011/07/28 11:35:06 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
    [2011/07/23 13:04:18 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\url.dll
    [2011/07/23 13:01:07 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
    [2011/07/23 13:00:36 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
    [2011/07/23 13:00:36 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
    [2011/07/23 13:00:05 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
    [2011/07/23 12:59:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
    [2011/07/23 12:59:52 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
    [2011/07/23 12:59:35 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
    [2011/07/23 12:59:34 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
    [2011/07/23 12:59:34 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
    [2011/07/23 12:59:34 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
    [2011/07/23 12:59:34 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
    [2011/07/23 12:59:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
    [2011/07/23 12:03:47 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\html.iec
    [2011/07/23 11:27:04 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
    [2011/07/23 11:26:52 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
    [2011/07/23 11:26:12 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
    [2011/07/23 11:25:38 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
    [2011/07/19 08:30:27 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2011/07/19 08:30:27 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

    [color=#E56717]========== Files Created - No Company Name ==========[/color]

    [2011/08/13 15:06:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
    [2011/08/13 12:16:22 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/08/13 11:13:22 | 000,001,676 | ---- | C] () -- C:\Users\Sévy\Desktop\Ad-Remover.lnk
    [2011/08/13 08:06:57 | 000,000,146 | ---- | C] () -- C:\windows\WININIT.INI
    [2011/07/30 20:50:00 | 020,038,942 | ---- | C] () -- C:\Users\Sévy\Documents\Fiches-techniques-SA-2011.pdf
    [2011/07/19 08:30:27 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
    [2011/07/19 08:30:27 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
    [2011/01/27 01:02:22 | 000,110,592 | ---- | C] () -- C:\windows\System32\FsUsbExDevice.Dll
    [2011/01/27 01:02:22 | 000,036,608 | ---- | C] () -- C:\windows\System32\FsUsbExDisk.Sys
    [2010/11/29 16:38:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010/03/26 09:01:26 | 000,000,025 | ---- | C] () -- C:\Users\Sévy\AppData\Roaming\bdfvconp.ini
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\phar_unmip.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\phar_histprot.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_webproxy.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_video.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_tabloids.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_socialnetworks.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_searchengines.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_regionaltlds.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_pornography.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlineshop.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlinepay.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlinedating.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_news.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_im.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_illegal.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_hate.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_games.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_gambling.dat
    [2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_drugs.dat
    [2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\wsbl.dat
    [2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_white.dat
    [2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_summ.dat
    [2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_black.dat
    [2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\pcwords2.dat
    [2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\pcwords.dat
    [2010/01/20 10:45:11 | 000,000,016 | ---- | C] () -- C:\windows\System32\asdict.dat
    [2010/01/20 10:45:11 | 000,000,004 | ---- | C] () -- C:\windows\System32\aspdict-en.dat
    [2010/01/20 00:48:02 | 000,000,132 | ---- | C] () -- C:\windows\System32\rezumatenoi.dat
    [2010/01/11 20:26:07 | 000,000,680 | ---- | C] () -- C:\Users\Sévy\AppData\Local\d3d9caps.dat
    [2009/08/12 16:22:22 | 000,168,448 | ---- | C] () -- C:\windows\System32\unrar.dll
    [2009/08/12 16:22:22 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
    [2009/08/12 16:22:19 | 000,881,664 | ---- | C] () -- C:\windows\System32\xvidcore.dll
    [2009/08/12 16:22:19 | 000,205,824 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
    [2009/08/12 16:22:18 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
    [2009/08/12 16:22:16 | 000,085,504 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
    [2009/08/01 13:53:12 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll
    [2009/07/31 00:35:08 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
    [2009/07/31 00:35:07 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
    [2009/07/09 22:51:24 | 000,000,296 | ---- | C] () -- C:\Users\Sévy\AppData\Roaming\bbbconfig.dat
    [2009/06/30 19:00:38 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
    [2009/06/29 19:55:31 | 000,081,984 | ---- | C] () -- C:\windows\System32\bdod.bin
    [2009/06/23 09:21:15 | 000,233,472 | ---- | C] () -- C:\Users\Sévy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/06/21 15:54:08 | 000,000,571 | ---- | C] () -- C:\windows\HBCIKRNL.INI
    [2009/06/20 16:43:29 | 000,024,064 | ---- | C] () -- C:\Users\Sévy\AppData\Roaming\UserTile.png
    [2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\windows\System32\txmlutil.dll
    [2008/10/10 08:36:28 | 000,003,584 | ---- | C] () -- C:\windows\System32\wceprv.dll
    [2008/07/12 08:38:11 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll
    [2008/07/12 08:38:11 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll
    [2008/07/12 08:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll
    [2008/07/12 08:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll
    [2008/07/12 08:38:11 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll
    [2008/07/12 08:38:11 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll
    [2008/07/12 08:18:16 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
    [2008/05/21 16:20:22 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1489.dll
    [2008/05/21 16:06:30 | 000,492,496 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
    [2008/05/21 16:06:28 | 002,192,024 | ---- | C] () -- C:\windows\System32\igkrng500.bin
    [2008/05/21 16:06:28 | 000,146,596 | ---- | C] () -- C:\windows\System32\igfcg550.bin
    [2008/05/14 02:36:18 | 000,108,752 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
    [2008/04/16 16:18:01 | 000,723,018 | ---- | C] () -- C:\windows\System32\perfh00C.dat
    [2008/04/16 16:18:01 | 000,340,236 | ---- | C] () -- C:\windows\System32\perfi00C.dat
    [2008/04/16 16:18:01 | 000,146,612 | ---- | C] () -- C:\windows\System32\perfc00C.dat
    [2008/04/16 16:18:01 | 000,037,390 | ---- | C] () -- C:\windows\System32\perfd00C.dat
    [2008/04/10 19:27:34 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
    [2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\windows\System32\drivers\StarOpen.sys
    [2007/05/10 08:16:40 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
    [2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\windows\System32\xreglib.dll
    [2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
    [2006/11/02 14:44:53 | 000,377,008 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
    [2006/11/02 12:33:01 | 000,634,400 | ---- | C] () -- C:\windows\System32\perfh009.dat
    [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
    [2006/11/02 12:33:01 | 000,119,964 | ---- | C] () -- C:\windows\System32\perfc009.dat
    [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
    [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
    [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
    [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
    [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
    [2006/05/20 04:39:58 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
    [2006/03/09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
    [2005/04/04 00:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
    [2000/07/15 00:00:00 | 000,030,720 | ---- | C] () -- C:\windows\regtlib.exe
    [1998/05/07 05:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll

    [color=#E56717]========== Custom Scans ==========[/color]

    [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

    [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

    [color=#A23BEC]< %APPDATA%\*. >[/color]
    [2010/12/10 22:15:54 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Adobe
    [2009/09/01 18:09:05 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Ahead
    [2010/08/27 16:58:15 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Apple Computer
    [2010/04/15 22:14:10 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Bigfish 3 Days Zoo Mystery
    [2010/06/17 21:42:30 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\BigFish DressUpRush
    [2010/01/20 00:37:43 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\BitDefender
    [2009/08/06 21:31:23 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Boolat Games
    [2011/07/14 00:20:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\dvdcss
    [2009/08/11 11:41:25 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\EleFun Games
    [2010/06/04 20:51:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Facebook
    [2010/04/16 16:45:24 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Farm Mania
    [2010/10/14 13:11:28 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Farm Mania 2
    [2010/11/17 18:04:04 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\freshgames
    [2010/05/15 20:47:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Game Mill Entertainment
    [2009/08/08 23:09:37 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\GameInvest
    [2009/11/01 21:37:34 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Gamenauts
    [2009/06/21 15:57:28 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Hewlett Packard
    [2009/06/21 15:47:41 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Hewlett-Packard
    [2010/10/10 13:27:17 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Hotdog Hotshot
    [2009/06/20 13:15:51 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\HPQLOG
    [2011/05/13 18:06:09 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\HpUpdate
    [2009/06/20 13:15:32 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Identities
    [2009/06/20 12:36:20 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\InstallShield
    [2009/06/20 12:44:50 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Macromedia
    [2011/08/13 12:16:38 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Malwarebytes
    [2009/10/16 21:54:44 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Mean Hamster
    [2009/08/12 16:56:59 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Media Player Classic
    [2010/01/08 22:20:06 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Merscom
    [2011/02/12 14:51:46 | 000,000,000 | --SD | M] -- C:\Users\Sévy\AppData\Roaming\Microsoft
    [2009/06/29 19:14:07 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Mozilla
    [2009/08/05 22:06:39 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\MysteryStudio
    [2010/05/05 16:47:18 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Oberon Games
    [2011/03/10 20:15:01 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\PC Suite
    [2009/06/20 16:43:28 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\PeerNetworking
    [2011/05/18 21:06:18 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\PlayFirst
    [2009/11/02 10:02:40 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\RobinsonCrusoeBFGFR
    [2011/08/13 07:36:47 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Samsung
    [2011/08/13 14:58:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Skype
    [2011/06/29 08:09:15 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\skypePM
    [2009/10/29 18:10:38 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\SprillRichiEng
    [2010/09/22 20:56:01 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\SulusGames
    [2009/06/21 15:56:23 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\TMP
    [2009/11/02 11:02:11 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\ViquaSoft
    [2009/06/29 20:09:21 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\vlc
    [2009/10/27 21:23:46 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\WinRAR
    [2010/10/01 10:01:59 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\YoudaGames

    [color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
    [2010/06/04 20:51:22 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Sévy\AppData\Roaming\Facebook\uninstall.exe
    [2010/08/23 23:01:34 | 002,788,816 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Sévy\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
    [2008/01/22 11:28:00 | 017,853,808 | ---- | M] (Marvell ) -- C:\Users\Sévy\AppData\Roaming\TMP\setup.exe

    [color=#A23BEC]< %temp%\.exe /s >[/color]

    [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

    [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

    [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
    [2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\windows\system32\dxtmsft.dll
    [2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\windows\system32\dxtrans.dll

    [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

    [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
    [2010/02/10 15:17:12 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA)[b] Unable to obtain MD5[/b] -- C:\windows\system32\drivers\bdfm.sys
    [2010/04/01 22:41:43 | 000,291,352 | ---- | M] (BitDefender)[b] Unable to obtain MD5[/b] -- C:\windows\system32\drivers\bdfsfltr.sys
    [2008/05/14 02:36:18 | 000,108,752 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\windows\system32\drivers\SafeBoot.sys

    [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
    [2008/01/21 05:31:11 | 015,716,352 | ---- | M] () -- C:\windows\System32\config\COMPONENTS.SAV
    [2008/01/21 05:31:01 | 000,102,400 | ---- | M] () -- C:\windows\System32\config\DEFAULT.SAV
    [2008/01/21 05:31:12 | 000,020,480 | ---- | M] () -- C:\windows\System32\config\SECURITY.SAV
    [2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\windows\System32\config\SOFTWARE.SAV
    [2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\windows\System32\config\SYSTEM.SAV

    [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
    [2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
    [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
    [2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
    [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
    [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
    [2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
    [2008/01/21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_3
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    Sur pjjoint le rapport stp.
    relire la procédure.
    0
  7. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    Je vois pas trop ce qui t'empeche de changer la page de démarrage lo.st par une autre dans la configuration de Firefox ?!

    Mais bon fais ça :

    Relance OTL.
    o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l'operation que tu conserveras sur clé usb par exemple afin d'en coller le resultat:

    :OTL
    FF - prefs.js..browser.startup.homepage: http://y.lo.st
    [2009/08/05 13:02:17 | 000,003,915 | ---- | M] () -- C:\Users\Sévy\AppData\Roaming\Mozilla\Firefox\Profiles\jkab98ol.default\searchplugins\sweetim.xml


    * redemarre le pc sous windows et poste le rapport ici
    0