Même problème que juu

sévy -  
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
Bonjour,





bonjour j ai le même virus....je ne comprends pas trop......j ai suivie la première étape et j ai reçu un "rapport" mais je dois le poster ici????

par contre je n ai trouvé aucun programme ds mon pc se nommant PCtuto!!!
pourtant je suis bien touours dirigée suur LO.ST et des pubs incessantes qui s ouvrent tout le temps....pfffffffftttttt je ne sais pas comment faire.....

7 réponses

Réponse 1 / 7
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Salut,


Bienvenue.
Voici la procédure à suivre.
Prière de lire attentivement les instructions pour les suivre correctement surtout en respectant l'ordre des étapes et attendre d'avoir fini chaque étape pour passer à la suivante.
Bien poster les rapports comme demandés aafin de pouvoir les analyser.

La procédure doit être suivi l'un après l'un et PAS faire les étapes en même temps.

Télécharge AD-Remover : http://www.teamxscript.org/adremoverTelechargement.html
Lance le en mode nettoyage
Poste le rapport ici.

ensuite :

Télécharge et installe Malwarebyte : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Mets le à jour, fais un scan rapide, supprime tout et poste le rapport ici.
!!! Malwarebyte doit être à jour avant de faire le scan !!!

ensuite :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sous Peronnalisation, copie-colle ce qu'il y a dans le cadre ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.
1
Réponse 2 / 7
sévy17 Messages postés 5 Statut Membre
 
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 11:15:46 le 13/08/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Basique Service Pack 2 (X86)
Sévy@PC-DE-SÉVY (Hewlett-Packard HP Compaq 6730s)

============== ACTION(S) ==============


Fichier supprimé: C:\windows\Downloaded Program Files\Popcaploader.dll
Fichier supprimé: C:\windows\Downloaded Program Files\Popcaploader.inf
Dossier supprimé: C:\Program Files\GamesBar
Dossier supprimé: C:\Users\Sévy\AppData\LocalLow\Smart-Shopper
Dossier supprimé: C:\ProgramData\Trymedia
Dossier supprimé: C:\Users\Sévy\AppData\Roaming\EoRezo

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Users\Sévy\AppData\Roaming\Mozilla\FireFox\Profiles\jkab98ol.default\Prefs.js --
/!\ Impossible d'ouvrir le fichier, nettoyage interrompu /!\
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\CLSID\{4CF088BD-BE95-40A5-BE9B-677F8683EDEA}
Clé supprimée: HKLM\Software\Classes\CLSID\{6FAC4823-815E-4361-836E-46D65ED2550B}
Clé supprimée: HKLM\Software\Classes\CLSID\{8BCB5337-EC01-4E38-840C-A964F174255B}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{8BCB5337-EC01-4E38-840C-A964F174255B}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8BCB5337-EC01-4E38-840C-A964F174255B}
Clé supprimée: HKLM\Software\Classes\CLSID\{911F251E-34FD-465E-B6CE-DF00FF49A6BE}
Clé supprimée: HKLM\Software\Classes\CLSID\{FE4F1649-8909-49C0-87BA-24D65120DB46}
Clé supprimée: HKLM\Software\Classes\PopCapLoader.PopCapLoaderCtrl2
Clé supprimée: HKLM\Software\Classes\PopCapLoader.PopCapLoaderCtrl2.1
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKLM\Software\Freeze.com
Clé supprimée: HKLM\Software\GamesBarSetup
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\Freeze.com
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
HKLM_Extensions|FFToolbar@bitdefender.com - C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\

-- C:\Users\Sévy\AppData\Roaming\Mozilla\FireFox\Profiles\jkab98ol.default --
Extensions\2020Player@2020Technologies.com (20-20 3D Viewer)
Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} (Forecastfox)
Extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66} (AvantGarde Rosepetal)
Searchplugins\sweetim.xml (?)
Prefs.js - browser.search.defaultenginename, Yahoo
Prefs.js - browser.search.defaulturl, hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://y.lo.st
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

========================================

**** Internet Explorer Version [8.0.6001.19120] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847} (x)
HKCU_Toolbar\WebBrowser|{DE9C389F-3316-41A7-809B-AA305ED9D922} (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)
HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
HKLM_Toolbar|{0BF43445-2F28-4351-9252-17FE6E806AA0} (x)
HKLM_Toolbar|{DE9C389F-3316-41A7-809B-AA305ED9D922} (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)
HKLM_Toolbar|{381FFDE8-2394-4f90-B10D-FC6124A40F8C} (C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll)
HKLM_ElevationPolicy\{1950F857-D7D8-4617-8A85-BF48A10483D8} - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197BE6} - C:\Program Files\BitDefender\BitDefender 2010\about.exe\about.ex (x)
HKLM_ElevationPolicy\{80B84A0A-EDA4-47fd-8BE1-6B49F4197BE7} - WindowsFolder\hh.exe (x)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{ADADAEE2-457A-4984-A57C-E01C3A2BA612} - c:\program files\aol\aol toolbar 5.0\AolTbServer.exe (AOL LLC)
HKLM_ElevationPolicy\{BB64A76C-9578-433f-949F-142997978A62} - c:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Bioscrypt Inc.)
HKLM_Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - "SmartShopper - Compare product prices" (C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll,203)
HKLM_Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - "SmartShopper - Compare travel rates" (C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll,201)
HKLM_Extensions\{53F6FCCD-9E22-4d71-86EA-6E43136192AB} - "?" (?)
HKLM_Extensions\{925DAB62-F9AC-4221-806A-057BFB1014AA} - "?" (?)
BHO\{3134413B-49B4-425C-98A5-893C1F195601} - "BHO_Startup Class" (C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll)
BHO\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - "AOL Toolbar BHO" (C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll)
BHO\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - "Skype Browser Helper" (C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll)
BHO\{DF21F1DB-80C6-11D3-9483-B03D0EC10000} - "Credential Manager for HP ProtectTools" (c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 26 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 13/08/2011 11:15:52 (7053 Octet(s))

Fin à: 11:19:00, 13/08/2011

============== E.O.F ==============
0
Réponse 3 / 7
sévy17 Messages postés 5 Statut Membre
 
deuxième étape effectuée

rapport;
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7454

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19120

13/08/2011 14:48:26
mbam-log-2011-08-13 (14-48-26).txt

Type d'examen: Examen complet (C:\|D:\|F:\|)
Elément(s) analysé(s): 336601
Temps écoulé: 2 heure(s), 25 minute(s), 47 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 15
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 7

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbAx (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbAx.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbInfoBand (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.HbInfoBand.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButton (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButton.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonA (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonA.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonB (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Smart-Shopper.IEButtonB.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
0
Réponse 4 / 7
sévy17 Messages postés 5 Statut Membre
 
voici le rapport OTL
je n'arrive pas à le poster sur le lien du site
j'ai fait Parcourir la base et je ne retrouve pas OTL.txt

est-ce que tout est terminé ? merci encore

OTL logfile created on: 13/08/2011 15:03:02 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Sévy\Desktop\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,93 Gb Total Physical Memory | 0,77 Gb Available Physical Memory | 39,77% Memory free
4,09 Gb Paging File | 2,50 Gb Available in Paging File | 60,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 69,89 Gb Free Space | 31,36% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,82 Gb Free Space | 20,20% Space Free | Partition Type: NTFS
Drive F: | 1021,00 Mb Total Space | 1018,75 Mb Free Space | 99,78% Space Free | Partition Type: FAT32

Computer Name: PC-DE-SÉVY | User Name: Sévy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011/08/13 14:51:40 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Sévy\Desktop\Downloads\OTL.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/25 19:13:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/14 22:40:52 | 001,198,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
PRC - [2011/05/14 22:39:34 | 001,118,232 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
PRC - [2011/03/13 22:22:10 | 000,310,856 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
PRC - [2010/12/09 11:52:54 | 000,684,032 | ---- | M] () -- C:\Program Files\cspep\cspep.exe
PRC - [2010/05/05 20:52:43 | 001,615,688 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/05/21 02:47:18 | 000,065,296 | ---- | M] (Bioscrypt Inc.) -- c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
PRC - [2008/05/14 22:41:38 | 000,034,184 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
PRC - [2008/05/14 02:35:40 | 000,256,512 | ---- | M] (SafeBoot International) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008/05/12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2008/05/02 22:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2008/04/18 15:54:02 | 000,354,840 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008/03/31 23:41:22 | 000,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2007/05/16 01:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2007/05/16 01:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2007/04/03 18:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011/08/13 14:51:40 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Sévy\Desktop\Downloads\OTL.exe
MOD - [2011/04/04 08:02:06 | 000,232,968 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_94\midas32.dll
MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2008/05/21 02:42:30 | 000,081,680 | ---- | M] (Bioscrypt Inc.) -- C:\Windows\System32\APSHook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- -- (rpcnetp)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/13 22:22:10 | 000,310,856 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV)
SRV - [2010/05/05 20:52:43 | 001,615,688 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV)
SRV - [2010/04/01 22:41:26 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan)
SRV - [2010/01/09 14:42:49 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2009/10/19 17:06:10 | 000,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV - [2008/05/21 02:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2008/05/21 02:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll -- (ASChannel)
SRV - [2008/05/14 22:41:38 | 000,034,184 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008/05/14 02:35:40 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008/05/12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008/05/02 22:17:44 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2008/04/18 15:54:02 | 000,354,840 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2008/04/07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/12/11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/10/19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007/05/16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007/01/05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/05/05 22:30:31 | 000,058,368 | ---- | M] (BitDefender) [Kernel | On_Demand | Stopped] -- C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys -- (BDSelfPr)
DRV - [2010/05/05 22:24:59 | 000,119,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2010/05/05 20:54:01 | 000,085,128 | ---- | M] (BitDefender) [Kernel | Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys -- (BDVEDISK)
DRV - [2010/05/05 20:49:41 | 000,072,784 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Windows\System32\drivers\bdfndisf6.sys -- (BdfNdisf)
DRV - [2010/04/01 22:41:43 | 000,291,352 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\windows\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010/02/10 15:17:12 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (BDFM)
DRV - [2009/08/27 17:28:44 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys -- (Profos)
DRV - [2009/05/07 04:22:06 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys -- (Trufos)
DRV - [2009/03/31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/05/14 02:36:26 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008/05/14 02:36:22 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008/05/14 02:36:20 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008/05/14 02:36:18 | 000,108,752 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008/04/14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008/04/10 19:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008/04/07 20:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008/04/07 20:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008/02/29 18:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/01/21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007/09/17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/06/19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "https://search.yahoo.com/web?fr=ytff-"
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://y.lo.st"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Sévy\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2011/06/06 07:29:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 19:13:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/20 13:36:15 | 000,000,000 | ---D | M]

[2009/06/29 19:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sévy\AppData\Roaming\mozilla\Extensions
[2011/07/17 10:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions
[2011/07/17 10:40:12 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/07/26 11:27:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/23 08:07:43 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/09/04 18:28:47 | 000,000,000 | ---D | M] (AvantGarde Rosepetal) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66}
[2010/12/30 15:39:50 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\Sévy\AppData\Roaming\mozilla\Firefox\Profiles\jkab98ol.default\extensions\2020Player@2020Technologies.com
[2009/08/05 13:02:17 | 000,003,915 | ---- | M] () -- C:\Users\Sévy\AppData\Roaming\Mozilla\Firefox\Profiles\jkab98ol.default\searchplugins\sweetim.xml
[2011/07/04 10:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/06/29 08:42:28 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/02/02 22:50:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/07/04 10:37:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\{0538E3E3-7E9B-4D49-8831-A227C80A7AD3}
File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\USERS\SéVY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JKAB98OL.DEFAULT\EXTENSIONS\2020PLAYER@2020TECHNOLOGIES.COM
[2011/06/25 19:13:15 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files\cspep\cspep.exe ()
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} file:///C:/Users/Sévy/AppData/Local/Oberon%20Media/Oberon%20Games%20Host/popcaploader_v10.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Sévy\Documents\Photos au 10 Août 2009\Année 2011\mai\IMG_0944.JPG
O24 - Desktop BackupWallPaper: C:\Users\Sévy\Documents\Photos au 10 Août 2009\Année 2011\mai\IMG_0944.JPG
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk - C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk - C:\PROGRA~1\INTERV~1\DVDCHE~1\DVDCheck.exe - (InterVideo Inc.)
MsConfig - StartUpReg: [b]BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
MsConfig - StartUpReg: [b]CognizanceTS[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]File Sanitizer[/b] - hkey= - key= - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]HP Health Check Scheduler[/b] - hkey= - key= - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]IAAnotif[/b] - hkey= - key= - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
MsConfig - StartUpReg: [b]LightScribe Control Panel[/b] - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NeroFilterCheck[/b] - hkey= - key= - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: [b]PTHOSTTR[/b] - hkey= - key= - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: [b]SweetIM[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]WatchDog[/b] - hkey= - key= - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {0231C6BF-08AC-A8C8-1F7C-667C3510B599} - Internet Explorer
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {1D29643E-CC84-8CD8-ADA1-4EB8556239D1} - Internet Explorer
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2DFB95B5-9A64-959A-76FE-CEF26B3930D5} - Internet Explorer
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4ECB6DEA-0147-6636-4D13-3B7A7682CCF3} -
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {579A15E5-3CB0-2B89-381F-37D953222098} - Internet Explorer
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7166DF90-0FDC-A955-752C-9A5746957C4D} - Java (Sun)
ActiveX: {71DA4590-E92D-C7BD-992D-9D89A04997E1} - Java (Sun)
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A6AE5E3-8D43-F882-6814-C2966396B2C4} - Internet Explorer
ActiveX: {AE3FA250-C5DB-A8BE-0CC9-DE2CFFC86721} -
ActiveX: {AF56DFD7-8BE7-6A44-C6DB-0C05949EF896} - Microsoft Windows Media Player
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E131B1BE-5894-2DE5-4587-EA0A6D7F3D30} - Java (Sun)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EFA5FD3E-9E7C-CE5D-06C5-476638186B2D} - Browser Customizations
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\windows\System32\rundll32.exe" "C:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3acm - C:\windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\windows\System32\lameACM.acm (http://www.mp3dev.org/
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\windows\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/08/13 12:16:38 | 000,000,000 | ---D | C] -- C:\Users\Sévy\AppData\Roaming\Malwarebytes
[2011/08/13 12:16:21 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/08/13 12:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/13 12:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/13 12:16:16 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/08/13 12:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/13 11:13:22 | 000,000,000 | ---D | C] -- C:\Users\Sévy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ad-Remover
[2011/08/13 11:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011/08/11 08:06:58 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2011/08/11 08:06:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2011/08/11 08:06:04 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2011/08/11 08:06:01 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2011/08/11 08:06:00 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011/08/11 08:05:59 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2011/08/11 08:05:59 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2011/08/11 08:05:58 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2011/08/11 08:05:57 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011/08/11 08:05:57 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011/08/11 08:05:57 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2011/08/11 08:05:56 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2011/08/11 08:05:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2011/08/11 08:05:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2011/08/11 08:05:55 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2011/08/11 08:05:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2011/08/11 08:05:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011/08/11 08:05:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2011/08/11 08:05:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2011/08/11 08:04:33 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2011/08/11 08:04:32 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2011/07/30 21:37:57 | 000,000,000 | ---D | C] -- C:\Users\Sévy\Documents\Secrete Arlette
[2009/06/20 12:41:16 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2007/07/05 10:28:52 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/08/13 15:06:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/08/13 14:55:37 | 000,000,416 | ---- | M] () -- C:\windows\tasks\PCConfidential.job
[2011/08/13 14:55:16 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/13 14:55:16 | 000,003,216 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/13 14:55:02 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/08/13 14:55:00 | 2070,196,224 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/13 14:54:03 | 000,000,052 | ---- | M] () -- C:\windows\System32\ashttpstats.csv
[2011/08/13 12:16:22 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/13 11:13:22 | 000,001,676 | ---- | M] () -- C:\Users\Sévy\Desktop\Ad-Remover.lnk
[2011/08/13 08:13:02 | 000,377,008 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/08/13 08:06:57 | 000,000,146 | ---- | M] () -- C:\windows\WININIT.INI
[2011/08/13 07:31:55 | 000,723,018 | ---- | M] () -- C:\windows\System32\perfh00C.dat
[2011/08/13 07:31:54 | 000,634,400 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/08/13 07:31:54 | 000,146,612 | ---- | M] () -- C:\windows\System32\perfc00C.dat
[2011/08/13 07:31:54 | 000,119,964 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/08/10 16:00:41 | 000,233,472 | ---- | M] () -- C:\Users\Sévy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/04 17:15:24 | 000,001,226 | ---- | M] () -- C:\Users\Public\Desktop\Encore plus de jeux.lnk
[2011/07/30 20:50:02 | 020,038,942 | ---- | M] () -- C:\Users\Sévy\Documents\Fiches-techniques-SA-2011.pdf
[2011/07/28 11:35:06 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2011/07/23 13:04:18 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2011/07/23 13:01:07 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2011/07/23 13:00:36 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011/07/23 13:00:36 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2011/07/23 13:00:05 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2011/07/23 12:59:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2011/07/23 12:59:52 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2011/07/23 12:59:35 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2011/07/23 12:59:34 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011/07/23 12:59:34 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2011/07/23 12:59:34 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2011/07/23 12:59:34 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2011/07/23 12:59:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2011/07/23 12:03:47 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011/07/23 11:27:04 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2011/07/23 11:26:52 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2011/07/23 11:26:12 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2011/07/23 11:25:38 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011/07/19 08:30:27 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/07/19 08:30:27 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/08/13 15:06:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/08/13 12:16:22 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/13 11:13:22 | 000,001,676 | ---- | C] () -- C:\Users\Sévy\Desktop\Ad-Remover.lnk
[2011/08/13 08:06:57 | 000,000,146 | ---- | C] () -- C:\windows\WININIT.INI
[2011/07/30 20:50:00 | 020,038,942 | ---- | C] () -- C:\Users\Sévy\Documents\Fiches-techniques-SA-2011.pdf
[2011/07/19 08:30:27 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/07/19 08:30:27 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/01/27 01:02:22 | 000,110,592 | ---- | C] () -- C:\windows\System32\FsUsbExDevice.Dll
[2011/01/27 01:02:22 | 000,036,608 | ---- | C] () -- C:\windows\System32\FsUsbExDisk.Sys
[2010/11/29 16:38:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/03/26 09:01:26 | 000,000,025 | ---- | C] () -- C:\Users\Sévy\AppData\Roaming\bdfvconp.ini
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\phar_unmip.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\phar_histprot.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_webproxy.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_video.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_tabloids.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_socialnetworks.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_searchengines.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_regionaltlds.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_pornography.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlineshop.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlinepay.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlinedating.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_news.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_im.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_illegal.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_hate.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_games.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_gambling.dat
[2010/02/11 04:35:22 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_drugs.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\wsbl.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_white.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_summ.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\ph_black.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\pcwords2.dat
[2010/01/23 10:55:26 | 000,000,000 | ---- | C] () -- C:\windows\System32\pcwords.dat
[2010/01/20 10:45:11 | 000,000,016 | ---- | C] () -- C:\windows\System32\asdict.dat
[2010/01/20 10:45:11 | 000,000,004 | ---- | C] () -- C:\windows\System32\aspdict-en.dat
[2010/01/20 00:48:02 | 000,000,132 | ---- | C] () -- C:\windows\System32\rezumatenoi.dat
[2010/01/11 20:26:07 | 000,000,680 | ---- | C] () -- C:\Users\Sévy\AppData\Local\d3d9caps.dat
[2009/08/12 16:22:22 | 000,168,448 | ---- | C] () -- C:\windows\System32\unrar.dll
[2009/08/12 16:22:22 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2009/08/12 16:22:19 | 000,881,664 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2009/08/12 16:22:19 | 000,205,824 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2009/08/12 16:22:18 | 003,596,288 | ---- | C] () -- C:\windows\System32\qt-dx331.dll
[2009/08/12 16:22:16 | 000,085,504 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2009/08/01 13:53:12 | 000,017,408 | ---- | C] () -- C:\windows\System32\rpcnetp.dll
[2009/07/31 00:35:08 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2009/07/31 00:35:07 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
[2009/07/09 22:51:24 | 000,000,296 | ---- | C] () -- C:\Users\Sévy\AppData\Roaming\bbbconfig.dat
[2009/06/30 19:00:38 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2009/06/29 19:55:31 | 000,081,984 | ---- | C] () -- C:\windows\System32\bdod.bin
[2009/06/23 09:21:15 | 000,233,472 | ---- | C] () -- C:\Users\Sévy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/21 15:54:08 | 000,000,571 | ---- | C] () -- C:\windows\HBCIKRNL.INI
[2009/06/20 16:43:29 | 000,024,064 | ---- | C] () -- C:\Users\Sévy\AppData\Roaming\UserTile.png
[2009/01/15 13:45:34 | 000,181,248 | ---- | C] () -- C:\windows\System32\txmlutil.dll
[2008/10/10 08:36:28 | 000,003,584 | ---- | C] () -- C:\windows\System32\wceprv.dll
[2008/07/12 08:38:11 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll
[2008/07/12 08:38:11 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll
[2008/07/12 08:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll
[2008/07/12 08:38:11 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll
[2008/07/12 08:38:11 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll
[2008/07/12 08:38:11 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll
[2008/07/12 08:18:16 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2008/05/21 16:20:22 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1489.dll
[2008/05/21 16:06:30 | 000,492,496 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2008/05/21 16:06:28 | 002,192,024 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2008/05/21 16:06:28 | 000,146,596 | ---- | C] () -- C:\windows\System32\igfcg550.bin
[2008/05/14 02:36:18 | 000,108,752 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2008/04/16 16:18:01 | 000,723,018 | ---- | C] () -- C:\windows\System32\perfh00C.dat
[2008/04/16 16:18:01 | 000,340,236 | ---- | C] () -- C:\windows\System32\perfi00C.dat
[2008/04/16 16:18:01 | 000,146,612 | ---- | C] () -- C:\windows\System32\perfc00C.dat
[2008/04/16 16:18:01 | 000,037,390 | ---- | C] () -- C:\windows\System32\perfd00C.dat
[2008/04/10 19:27:34 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\windows\System32\drivers\StarOpen.sys
[2007/05/10 08:16:40 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\windows\System32\xreglib.dll
[2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2006/11/02 14:44:53 | 000,377,008 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2006/11/02 12:33:01 | 000,634,400 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,119,964 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006/05/20 04:39:58 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2006/03/09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2005/04/04 00:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
[2000/07/15 00:00:00 | 000,030,720 | ---- | C] () -- C:\windows\regtlib.exe
[1998/05/07 05:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll

[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2010/12/10 22:15:54 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Adobe
[2009/09/01 18:09:05 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Ahead
[2010/08/27 16:58:15 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Apple Computer
[2010/04/15 22:14:10 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Bigfish 3 Days Zoo Mystery
[2010/06/17 21:42:30 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\BigFish DressUpRush
[2010/01/20 00:37:43 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\BitDefender
[2009/08/06 21:31:23 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Boolat Games
[2011/07/14 00:20:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\dvdcss
[2009/08/11 11:41:25 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\EleFun Games
[2010/06/04 20:51:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Facebook
[2010/04/16 16:45:24 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Farm Mania
[2010/10/14 13:11:28 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Farm Mania 2
[2010/11/17 18:04:04 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\freshgames
[2010/05/15 20:47:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Game Mill Entertainment
[2009/08/08 23:09:37 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\GameInvest
[2009/11/01 21:37:34 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Gamenauts
[2009/06/21 15:57:28 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Hewlett Packard
[2009/06/21 15:47:41 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Hewlett-Packard
[2010/10/10 13:27:17 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Hotdog Hotshot
[2009/06/20 13:15:51 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\HPQLOG
[2011/05/13 18:06:09 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\HpUpdate
[2009/06/20 13:15:32 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Identities
[2009/06/20 12:36:20 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\InstallShield
[2009/06/20 12:44:50 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Macromedia
[2011/08/13 12:16:38 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Malwarebytes
[2009/10/16 21:54:44 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Mean Hamster
[2009/08/12 16:56:59 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Media Player Classic
[2010/01/08 22:20:06 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Merscom
[2011/02/12 14:51:46 | 000,000,000 | --SD | M] -- C:\Users\Sévy\AppData\Roaming\Microsoft
[2009/06/29 19:14:07 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Mozilla
[2009/08/05 22:06:39 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\MysteryStudio
[2010/05/05 16:47:18 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Oberon Games
[2011/03/10 20:15:01 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\PC Suite
[2009/06/20 16:43:28 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\PeerNetworking
[2011/05/18 21:06:18 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\PlayFirst
[2009/11/02 10:02:40 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\RobinsonCrusoeBFGFR
[2011/08/13 07:36:47 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Samsung
[2011/08/13 14:58:22 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\Skype
[2011/06/29 08:09:15 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\skypePM
[2009/10/29 18:10:38 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\SprillRichiEng
[2010/09/22 20:56:01 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\SulusGames
[2009/06/21 15:56:23 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\TMP
[2009/11/02 11:02:11 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\ViquaSoft
[2009/06/29 20:09:21 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\vlc
[2009/10/27 21:23:46 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\WinRAR
[2010/10/01 10:01:59 | 000,000,000 | ---D | M] -- C:\Users\Sévy\AppData\Roaming\YoudaGames

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2010/06/04 20:51:22 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Sévy\AppData\Roaming\Facebook\uninstall.exe
[2010/08/23 23:01:34 | 002,788,816 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Sévy\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2008/01/22 11:28:00 | 017,853,808 | ---- | M] (Marvell ) -- C:\Users\Sévy\AppData\Roaming\TMP\setup.exe

[color=#A23BEC]< %temp%\.exe /s >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\windows\system32\dxtmsft.dll
[2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\windows\system32\dxtrans.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[2010/02/10 15:17:12 | 000,153,448 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA)[b] Unable to obtain MD5[/b] -- C:\windows\system32\drivers\bdfm.sys
[2010/04/01 22:41:43 | 000,291,352 | ---- | M] (BitDefender)[b] Unable to obtain MD5[/b] -- C:\windows\system32\drivers\bdfsfltr.sys
[2008/05/14 02:36:18 | 000,108,752 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\windows\system32\drivers\SafeBoot.sys

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2008/01/21 05:31:11 | 015,716,352 | ---- | M] () -- C:\windows\System32\config\COMPONENTS.SAV
[2008/01/21 05:31:01 | 000,102,400 | ---- | M] () -- C:\windows\System32\config\DEFAULT.SAV
[2008/01/21 05:31:12 | 000,020,480 | ---- | M] () -- C:\windows\System32\config\SECURITY.SAV
[2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\windows\System32\config\SOFTWARE.SAV
[2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\windows\System32\config\SYSTEM.SAV


[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_3
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Sur pjjoint le rapport stp.
relire la procédure.
0
Réponse 6 / 7
sévy17 Messages postés 5 Statut Membre
 
ça y est je viens d'y arriver
voici le lien
https://pjjoint.malekal.com/files.php?id=8f3fcc61b1z11b15u9e14j10n11w11u10w10q8t7k13v5s8s6c14f14e12h12e13

et maintenant que dois-je faire svp
encore merci
0
Réponse 7 / 7
Malekal_morte- Messages postés 184347 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 689
 
Je vois pas trop ce qui t'empeche de changer la page de démarrage lo.st par une autre dans la configuration de Firefox ?!

Mais bon fais ça :

Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l'operation que tu conserveras sur clé usb par exemple afin d'en coller le resultat:

:OTL
FF - prefs.js..browser.startup.homepage: http://y.lo.st
[2009/08/05 13:02:17 | 000,003,915 | ---- | M] () -- C:\Users\Sévy\AppData\Roaming\Mozilla\Firefox\Profiles\jkab98ol.default\searchplugins\sweetim.xml

* redemarre le pc sous windows et poste le rapport ici
0