Http://search.certified-toolbar.com/?si=41460&st=shortcut&tid=32
Résolu/Fermé
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
-
20 janv. 2013 à 09:36
loumax91 Messages postés 3183 Date d'inscription mardi 14 juin 2011 Statut Contributeur sécurité Dernière intervention 14 avril 2019 - 24 janv. 2013 à 14:47
loumax91 Messages postés 3183 Date d'inscription mardi 14 juin 2011 Statut Contributeur sécurité Dernière intervention 14 avril 2019 - 24 janv. 2013 à 14:47
A voir également:
- Http://search.certified-toolbar.com/?si=41460&st=shortcut&tid=32
- Protocole http - Guide
- Http //zh.ui.vmall.com/emotiondownload.php mod=restore - Forum Huawei
- Http //my.canalbox.africa ✓ - Forum Box et Streaming vidéo
- Http //cast2tv.net/ - Forum TV & Vidéo
- Http //easywifi.config - Forum WiFi
78 réponses
loumax91
Messages postés
3183
Date d'inscription
mardi 14 juin 2011
Statut
Contributeur sécurité
Dernière intervention
14 avril 2019
478
20 janv. 2013 à 10:24
20 janv. 2013 à 10:24
Bonjour,
On va commencer par ceci, dans l'ordre :
1) A désinstaller (si présent dans la liste) via > menu démarrer > panneau de configuration > ajout/suppression programmes (ou programmes et fonctionnalités Vista/7):
-search.certified-toolbar
2) Utilise cet outil de désinfection spécifique aux logiciels publicitaires :
*Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
*Lance le puis clique sur [Suppression]. Sauvegarde tout travail en cours puis accepte la fermeture des programmes en cours d'exécution.
*Patiente le temps du nettoyage.
*Une fois le scan fini, il te sera proposé de redémarrer.
*Au redémarrage du PC, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
*Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
3) Utilise ce logiciel de désinfection généraliste :
¶ Télécharge et installe Malwarebytes' Anti-Malware
¶ A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
¶ Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
¶ Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
¶ Sélectionne tes disques durs" puis clique sur "Lancer l'examen"
¶ A la fin de l'analyse, clique sur Afficher les résultats
¶ Coche tous les éléments détectés puis clique sur Supprimer la sélection
¶ Enregistre le rapport
¶ S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
¶ Poste dans ta prochaine réponse le rapport apparaissant après la suppression
J'attends les rapports.
On va commencer par ceci, dans l'ordre :
1) A désinstaller (si présent dans la liste) via > menu démarrer > panneau de configuration > ajout/suppression programmes (ou programmes et fonctionnalités Vista/7):
-search.certified-toolbar
2) Utilise cet outil de désinfection spécifique aux logiciels publicitaires :
*Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
*Lance le puis clique sur [Suppression]. Sauvegarde tout travail en cours puis accepte la fermeture des programmes en cours d'exécution.
*Patiente le temps du nettoyage.
*Une fois le scan fini, il te sera proposé de redémarrer.
*Au redémarrage du PC, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
*Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
3) Utilise ce logiciel de désinfection généraliste :
¶ Télécharge et installe Malwarebytes' Anti-Malware
¶ A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
¶ Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
¶ Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
¶ Sélectionne tes disques durs" puis clique sur "Lancer l'examen"
¶ A la fin de l'analyse, clique sur Afficher les résultats
¶ Coche tous les éléments détectés puis clique sur Supprimer la sélection
¶ Enregistre le rapport
¶ S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
¶ Poste dans ta prochaine réponse le rapport apparaissant après la suppression
J'attends les rapports.
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 11:06
20 janv. 2013 à 11:06
je ne le vois pas dans la liste des programmes
loumax91
Messages postés
3183
Date d'inscription
mardi 14 juin 2011
Statut
Contributeur sécurité
Dernière intervention
14 avril 2019
478
20 janv. 2013 à 11:07
20 janv. 2013 à 11:07
Pas grave fais le reste 2 et 3.
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 11:28
20 janv. 2013 à 11:28
# AdwCleaner v2.106 - Rapport créé le 20/01/2013 à 11:18:03
# Mis à jour le 17/01/2013 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Nom d'utilisateur : JCD - PC-DE-JCD
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\JCD\Desktop\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
***** [Fichiers / Dossiers] *****
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v7.0.6002.18005
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v18.0.1 (fr)
Fichier : C:\Users\JCD\AppData\Roaming\Mozilla\Firefox\Profiles\q8awk63x.default\prefs.js
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [25637 octets] - [20/01/2013 08:36:46]
AdwCleaner[R2].txt - [1021 octets] - [20/01/2013 11:17:50]
AdwCleaner[S1].txt - [25687 octets] - [20/01/2013 08:37:27]
AdwCleaner[S2].txt - [956 octets] - [20/01/2013 11:18:03]
########## EOF - C:\AdwCleaner[S2].txt - [1015 octets] ##########
# Mis à jour le 17/01/2013 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Nom d'utilisateur : JCD - PC-DE-JCD
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\JCD\Desktop\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
***** [Fichiers / Dossiers] *****
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v7.0.6002.18005
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v18.0.1 (fr)
Fichier : C:\Users\JCD\AppData\Roaming\Mozilla\Firefox\Profiles\q8awk63x.default\prefs.js
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [25637 octets] - [20/01/2013 08:36:46]
AdwCleaner[R2].txt - [1021 octets] - [20/01/2013 11:17:50]
AdwCleaner[S1].txt - [25687 octets] - [20/01/2013 08:37:27]
AdwCleaner[S2].txt - [956 octets] - [20/01/2013 11:18:03]
########## EOF - C:\AdwCleaner[S2].txt - [1015 octets] ##########
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 11:30
20 janv. 2013 à 11:30
il est toujours la :-((((((
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 11:37
20 janv. 2013 à 11:37
alwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Version de la base de données: v2013.01.20.03
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
JCD :: PC-DE-JCD [administrateur]
20/01/2013 11:30:04
mbam-log-2013-01-20 (11-30-04).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 201502
Temps écoulé: 4 minute(s), 32 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
www.malwarebytes.org
Version de la base de données: v2013.01.20.03
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
JCD :: PC-DE-JCD [administrateur]
20/01/2013 11:30:04
mbam-log-2013-01-20 (11-30-04).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 201502
Temps écoulé: 4 minute(s), 32 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
loumax91
Messages postés
3183
Date d'inscription
mardi 14 juin 2011
Statut
Contributeur sécurité
Dernière intervention
14 avril 2019
478
20 janv. 2013 à 11:45
20 janv. 2013 à 11:45
Trouve ce rapport d'AdwCleaner et poste le: AdwCleaner[S1].txt - [25687 octets] - [20/01/2013 08:37:27]
Tu le trouveras à la racine :
menu démarrer > ordinateur > disque local C: > AdwCleaner[S1].txt
A suivre:
¶ Télécharge OTL sur ton Bureau.
¶ Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur).
¶ Sous Personnalisation, copie-colle ce script :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE\%Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32drivers\*.sys /lockedfiles
%systemroot%\System32config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
¶ Coche la case "tous les utilisateurs" puis clique sur le bouton "Analyse"
¶ Patiente pendant l'analyse jusqu'à l'apparition des deux rapports OTL.txt et Extras.txt
¶ Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de OTL et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
Tu le trouveras à la racine :
menu démarrer > ordinateur > disque local C: > AdwCleaner[S1].txt
A suivre:
¶ Télécharge OTL sur ton Bureau.
¶ Lance le (si tu es sous Windows Vista ou Windows 7, fais le par un clic-droit --> Exécuter en temps qu'administrateur).
¶ Sous Personnalisation, copie-colle ce script :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE\%Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32drivers\*.sys /lockedfiles
%systemroot%\System32config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
¶ Coche la case "tous les utilisateurs" puis clique sur le bouton "Analyse"
¶ Patiente pendant l'analyse jusqu'à l'apparition des deux rapports OTL.txt et Extras.txt
¶ Rends toi sur ce site, clique sur "Parcourir", sélectionne le rapport de OTL et clique sur Envoyer le fichier. Patiente pendant l'envoi du fichier, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 12:04
20 janv. 2013 à 12:04
# AdwCleaner v2.106 - Rapport créé le 20/01/2013 à 11:58:20
# Mis à jour le 17/01/2013 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Nom d'utilisateur : JCD - PC-DE-JCD
# Mode de démarrage : Normal
# Exécuté depuis : D:\SOFTWARES\ANTISPYWARE\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
***** [Fichiers / Dossiers] *****
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v7.0.6002.18005
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v18.0.1 (fr)
Fichier : C:\Users\JCD\AppData\Roaming\Mozilla\Firefox\Profiles\q8awk63x.default\prefs.js
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [903 octets] - [20/01/2013 11:57:49]
AdwCleaner[S1].txt - [837 octets] - [20/01/2013 11:58:20]
########## EOF - C:\AdwCleaner[S1].txt - [896 octets] ##########
# Mis à jour le 17/01/2013 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Nom d'utilisateur : JCD - PC-DE-JCD
# Mode de démarrage : Normal
# Exécuté depuis : D:\SOFTWARES\ANTISPYWARE\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
***** [Fichiers / Dossiers] *****
***** [Registre] *****
***** [Navigateurs] *****
-\\ Internet Explorer v7.0.6002.18005
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v18.0.1 (fr)
Fichier : C:\Users\JCD\AppData\Roaming\Mozilla\Firefox\Profiles\q8awk63x.default\prefs.js
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [903 octets] - [20/01/2013 11:57:49]
AdwCleaner[S1].txt - [837 octets] - [20/01/2013 11:58:20]
########## EOF - C:\AdwCleaner[S1].txt - [896 octets] ##########
loumax91
Messages postés
3183
Date d'inscription
mardi 14 juin 2011
Statut
Contributeur sécurité
Dernière intervention
14 avril 2019
478
20 janv. 2013 à 12:54
20 janv. 2013 à 12:54
J'attends le rapport OTL :)
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 12:57
20 janv. 2013 à 12:57
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 12:59
20 janv. 2013 à 12:59
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 13:09
20 janv. 2013 à 13:09
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 13:24
20 janv. 2013 à 13:24
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Version de la base de données: v2013.01.20.03
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
JCD :: PC-DE-JCD [administrateur]
20/01/2013 12:11:36
mbam-log-2013-01-20 (12-11-36).txt
Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 340883
Temps écoulé: 58 minute(s),
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
www.malwarebytes.org
Version de la base de données: v2013.01.20.03
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
JCD :: PC-DE-JCD [administrateur]
20/01/2013 12:11:36
mbam-log-2013-01-20 (12-11-36).txt
Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 340883
Temps écoulé: 58 minute(s),
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
loumax91
Messages postés
3183
Date d'inscription
mardi 14 juin 2011
Statut
Contributeur sécurité
Dernière intervention
14 avril 2019
478
20 janv. 2013 à 14:50
20 janv. 2013 à 14:50
*Télécharger sur le bureau RogueKiller (par tigzy)
*Quitter tous les programmes en cours
*Lancer RogueKiller.exe
* Attendre la fin du Prescan ...
*Cliquer sur Scan.
*A la fin du scan Cliquer sur Rapport et copier coller le contenu du notepad dans ta réponse
Pour t'aider
*Quitter tous les programmes en cours
*Lancer RogueKiller.exe
* Attendre la fin du Prescan ...
*Cliquer sur Scan.
*A la fin du scan Cliquer sur Rapport et copier coller le contenu du notepad dans ta réponse
Pour t'aider
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 16:29
20 janv. 2013 à 16:29
RogueKiller V8.4.3 [Jan 10 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : https://www.luanagames.com/index.fr.html
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : JCD [Droits d'admin]
Mode : Recherche -- Date : 20/01/2013 16:26:43
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 15 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp://hxxp=127.0.0.1:50370) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRun (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> TROUVÉ
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> TROUVÉ
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> TROUVÉ
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: WDC WD3200AAKS-00L9A0 ATA Device +++++
--- User ---
[MBR] 3c3d717c8ec9223bc5ba59b6d15d1de3
[BSP] 31d56d9af64a29d5a7b559801e9d6eb3 : Legit3 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49865 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 102125205 | Size: 255377 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[1]_S_20012013_162643.txt >>
RKreport[1]_S_20012013_162643.txt
mail : tigzyRK<at>gmail<dot>com
Remontees : https://www.luanagames.com/index.fr.html
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : JCD [Droits d'admin]
Mode : Recherche -- Date : 20/01/2013 16:26:43
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 15 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp://hxxp=127.0.0.1:50370) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowHelp (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRun (0) -> TROUVÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> TROUVÉ
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> TROUVÉ
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> TROUVÉ
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [CHARGE] ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: WDC WD3200AAKS-00L9A0 ATA Device +++++
--- User ---
[MBR] 3c3d717c8ec9223bc5ba59b6d15d1de3
[BSP] 31d56d9af64a29d5a7b559801e9d6eb3 : Legit3 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49865 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 102125205 | Size: 255377 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[1]_S_20012013_162643.txt >>
RKreport[1]_S_20012013_162643.txt
loumax91
Messages postés
3183
Date d'inscription
mardi 14 juin 2011
Statut
Contributeur sécurité
Dernière intervention
14 avril 2019
478
20 janv. 2013 à 16:49
20 janv. 2013 à 16:49
---------------1--------------
*Quitter tous les programmes en cours
*Lancer RogueKiller.exe
* Attendre la fin du Prescan ...
*Cliquer sur Suppression. Cliquer sur Rapport et copier coller le contenu du notepad dans ta réponse
---------------2--------------
*Cliquer sur Proxy RAZ. Cliquer sur Rapport et copier coller le contenu du notepad dans ta réponse
Pour t'aider
*Quitter tous les programmes en cours
*Lancer RogueKiller.exe
* Attendre la fin du Prescan ...
*Cliquer sur Suppression. Cliquer sur Rapport et copier coller le contenu du notepad dans ta réponse
---------------2--------------
*Cliquer sur Proxy RAZ. Cliquer sur Rapport et copier coller le contenu du notepad dans ta réponse
Pour t'aider
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 19:20
20 janv. 2013 à 19:20
RogueKiller V8.4.3 [Jan 10 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : https://www.luanagames.com/index.fr.html
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : JCD [Droits d'admin]
Mode : Proxy RAZ -- Date : 20/01/2013 19:18:22
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 1 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp://hxxp=127.0.0.1:50370) -> NON SELECTIONNÉ
¤¤¤ Driver : [CHARGE] ¤¤¤
Termine : << RKreport[6]_PR_20012013_191822.txt >>
RKreport[1]_S_20012013_162643.txt ; RKreport[2]_S_20012013_191635.txt ; RKreport[3]_D_20012013_191712.txt ; RKreport[4]_PR_20012013_191730.txt ; RKreport[5]_H_20012013_191818.txt ;
RKreport[6]_PR_20012013_191822.txt
mail : tigzyRK<at>gmail<dot>com
Remontees : https://www.luanagames.com/index.fr.html
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : JCD [Droits d'admin]
Mode : Proxy RAZ -- Date : 20/01/2013 19:18:22
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 1 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp://hxxp=127.0.0.1:50370) -> NON SELECTIONNÉ
¤¤¤ Driver : [CHARGE] ¤¤¤
Termine : << RKreport[6]_PR_20012013_191822.txt >>
RKreport[1]_S_20012013_162643.txt ; RKreport[2]_S_20012013_191635.txt ; RKreport[3]_D_20012013_191712.txt ; RKreport[4]_PR_20012013_191730.txt ; RKreport[5]_H_20012013_191818.txt ;
RKreport[6]_PR_20012013_191822.txt
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 19:24
20 janv. 2013 à 19:24
et il est toujours la le salaud
loumax91
Messages postés
3183
Date d'inscription
mardi 14 juin 2011
Statut
Contributeur sécurité
Dernière intervention
14 avril 2019
478
20 janv. 2013 à 19:45
20 janv. 2013 à 19:45
Tu as passé combien de fois RogueKiller ?
Refais une analyse OTL comme expliqué Ici, n'oublies pas d'héberger le rapport.
Refais une analyse OTL comme expliqué Ici, n'oublies pas d'héberger le rapport.
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 21:42
20 janv. 2013 à 21:42
plusieurs fois voici le dernier rapport
RogueKiller V8.4.3 [Jan 10 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : https://www.luanagames.com/index.fr.html
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : JCD [Droits d'admin]
Mode : Proxy RAZ -- Date : 20/01/2013 20:49:04
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 1 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp://hxxp=127.0.0.1:50370) -> NON SELECTIONNÉ
¤¤¤ Driver : [CHARGE] ¤¤¤
Termine : << RKreport[3]_PR_20012013_204904.txt >>
RKreport[1]_S_20012013_204825.txt ; RKreport[2]_D_20012013_204857.txt ; RKreport[3]_PR_20012013_204904.txt
RogueKiller V8.4.3 [Jan 10 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : https://www.luanagames.com/index.fr.html
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : JCD [Droits d'admin]
Mode : Proxy RAZ -- Date : 20/01/2013 20:49:04
¤¤¤ Processus malicieux : 0 ¤¤¤
¤¤¤ Entrees de registre : 1 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp://hxxp=127.0.0.1:50370) -> NON SELECTIONNÉ
¤¤¤ Driver : [CHARGE] ¤¤¤
Termine : << RKreport[3]_PR_20012013_204904.txt >>
RKreport[1]_S_20012013_204825.txt ; RKreport[2]_D_20012013_204857.txt ; RKreport[3]_PR_20012013_204904.txt
gerardd1945
Messages postés
58
Date d'inscription
samedi 19 janvier 2013
Statut
Membre
Dernière intervention
3 février 2013
20 janv. 2013 à 21:44
20 janv. 2013 à 21:44
OTL logfile created on: 20/01/2013 21:36:42 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JCD\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
3,00 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 65,81% Memory free
6,19 Gb Paging File | 5,36 Gb Available in Paging File | 86,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,70 Gb Total Space | 17,43 Gb Free Space | 35,79% Space Free | Partition Type: NTFS
Drive D: | 234,96 Gb Total Space | 62,88 Gb Free Space | 26,76% Space Free | Partition Type: NTFS
Computer Name: PC-DE-JCD | User Name: JCD | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2013/01/20 21:35:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JCD\Desktop\OTL.exe
PRC - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/31 09:19:52 | 000,403,416 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
PRC - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/03/24 00:29:04 | 000,804,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011/03/23 23:22:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/02/25 11:40:58 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010/02/25 11:38:42 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009/09/23 13:34:04 | 000,073,728 | ---- | M] (Tablet Driver) -- C:\Windows\System32\drivers\WTSrv.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/22 21:32:02 | 000,493,480 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2008/04/22 18:26:26 | 000,431,384 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2008/01/22 18:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- C:\Windows\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - File not found [Auto | Stopped] -- C:\Windows\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2013/01/20 07:41:27 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/16 06:52:28 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/10 06:26:19 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/31 09:19:52 | 000,403,416 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/23 23:22:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/12 05:47:48 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/02/25 11:38:42 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/02/25 11:34:42 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/09/23 13:34:04 | 000,073,728 | ---- | M] (Tablet Driver) [Auto | Running] -- C:\Windows\System32\drivers\WTSrv.exe -- (WinTabService)
SRV - [2009/04/11 07:28:20 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/04/11 07:28:20 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/04/11 07:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008/04/22 21:32:02 | 000,493,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2008/04/22 18:26:26 | 000,431,384 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008/01/22 18:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/11/02 13:35:03 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Tablet2k.sys -- (Tablet2k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VTGKModeDX32.sys -- (S3GIGP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ACTLwana.sys -- (itexadsla2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avfsfilter.sys -- (AVFSFilter)
DRV - [2013/01/20 20:48:11 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D165C716-6680-4641-89FB-8953BD6E47F5}\MpKsl40c621bf.sys -- (MpKsl40c621bf)
DRV - [2012/11/01 15:35:20 | 000,068,272 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pctplsm.sys -- (pctplsm)
DRV - [2012/11/01 15:35:14 | 000,202,280 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\PCTSD.sys -- (PCTSD)
DRV - [2012/10/25 01:02:14 | 000,035,592 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss6.sys -- (taphss6)
DRV - [2012/10/23 17:40:32 | 000,062,688 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCTBD.sys -- (PCTBD)
DRV - [2012/10/22 16:38:28 | 000,368,616 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2012/08/30 22:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/07/03 17:21:53 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/02/28 11:43:06 | 000,909,728 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\System32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2012/02/28 11:43:00 | 000,342,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pctDS.sys -- (pctDS)
DRV - [2011/11/09 14:53:56 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011/11/09 14:53:54 | 010,518,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/08/24 18:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/08/24 18:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/08/24 18:30:06 | 000,020,304 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2010/02/25 10:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/04 22:46:33 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2009/10/04 22:46:33 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/10/04 22:46:31 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2009/10/04 22:46:30 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2009/06/23 00:37:10 | 003,486,336 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008/10/03 18:17:24 | 000,133,120 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/09/08 13:10:22 | 000,014,848 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UCTblHid.sys -- (UCTblHid)
DRV - [2007/06/07 16:16:28 | 000,018,944 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PTSimBus.sys -- (PTSimBus)
DRV - [2007/04/23 14:28:56 | 000,018,432 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TClass2k.sys -- (TClass2k)
DRV - [2007/04/23 14:28:56 | 000,010,752 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTSimHid.sys -- (PTSimHid)
DRV - [2006/06/14 11:53:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms}
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\SearchScopes\Wikipedia.fr: "URL" = https://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http://http=127.0.0.1:50370
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "https://translate.google.fr/"
FF - prefs.js..extensions.enabledAddons: ietab%40ip.cn:2.0.0.0
FF - prefs.js..extensions.enabledAddons: %7B1BC9BA34-1EED-42ca-A505-6D2F1A935BBB%7D:4.12.22.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: belgiumeid%40eid.belgium.be:1.0.18
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\JCD\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\JCD\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\JCD\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\JCD\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/17 13:41:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/20 07:41:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/20 07:40:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 10:52:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files\AddLyrics\FF\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/20 07:41:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/20 07:40:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 10:52:22 | 000,000,000 | ---D | M]
[2012/12/04 13:05:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JCD\AppData\Roaming\mozilla\Extensions
[2010/09/05 08:47:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JCD\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/01/19 15:15:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions
[2012/12/26 07:29:26 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/04/27 09:15:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/01/11 12:43:23 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/01/15 19:38:51 | 000,000,000 | ---D | M] ("SecretHelper") -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\{eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c58}
[2011/10/18 08:04:06 | 000,000,000 | ---D | M] (IE Tab +) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\coralietab@mozdev.org
[2012/05/06 05:46:07 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\ietab@ip.cn
[2012/01/08 10:44:19 | 000,011,125 | ---- | M] () (No name found) -- C:\Users\JCD\AppData\Roaming\mozilla\firefox\profiles\q8awk63x.default\extensions\admin@youtubeplayer.com.xpi
[2011/12/20 10:22:52 | 000,003,679 | ---- | M] () (No name found) -- C:\Users\JCD\AppData\Roaming\mozilla\firefox\profiles\q8awk63x.default\extensions\{eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c58}\chrome\secrethelper\content\expiry.xml
[2012/03/14 13:58:04 | 000,002,023 | ---- | M] () -- C:\Users\JCD\AppData\Roaming\mozilla\firefox\profiles\q8awk63x.default\searchplugins\badoo.xml
[2013/01/19 14:15:19 | 000,005,401 | ---- | M] () -- C:\Users\JCD\AppData\Roaming\mozilla\firefox\profiles\q8awk63x.default\searchplugins\searchcanvas.xml
[2013/01/20 07:40:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013/01/20 07:40:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/01/19 15:12:46 | 000,020,959 | ---- | M] () (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\BELGIUMEID@EID.BELGIUM.BE.XPI
[2013/01/20 07:41:28 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/01/11 08:04:05 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/08/29 08:59:05 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/21 08:39:55 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2013/01/11 08:04:05 | 000,001,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2013/01/17 08:52:56 | 000,003,265 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Web Search.xml
[2013/01/11 08:04:05 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/11/21 08:39:55 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2013/01/20 19:23:59 | 000,000,724 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\Toolbar\WebBrowser: (no name) - {147D6308-0614-4112-89B1-31402F9B82C4} - No CLSID value found.
O3 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found
O7 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O7 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..Trusted Domains: rencontreshard.com ([]http in Intranet local)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 10.11.2)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5553A265-F6A9-4BAF-B0FA-AE1AF4246552}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: D:\DOC PERSO\DOCUMENTS JC\0 0 witch1.jpg
O24 - Desktop BackupWallPaper: D:\DOC PERSO\DOCUMENTS JC\0 0 witch1.jpg
O28 - HKLM ShellExecuteHooks: {67C4682D-5AED-48DB-83CB-2B53270E9BCB} - No CLSID value found.
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013/01/20 21:35:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\JCD\Desktop\OTL.exe
[2013/01/20 20:51:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\WCID
[2013/01/20 16:26:07 | 000,000,000 | ---D | C] -- C:\Users\JCD\Desktop\RK_Quarantine
[2013/01/20 07:45:21 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{B39310C6-681A-4D85-BDB0-2070D2790D31}
[2013/01/20 07:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/19 20:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/01/19 19:51:18 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/01/19 15:07:37 | 000,062,688 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTBD.sys
[2013/01/19 15:07:33 | 000,150,648 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2013/01/19 15:07:31 | 002,280,568 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2013/01/19 15:07:31 | 001,690,744 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2013/01/19 15:06:43 | 000,260,760 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2013/01/19 15:06:43 | 000,178,584 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2013/01/19 15:06:30 | 000,019,464 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctBTFix.sys
[2013/01/19 15:06:18 | 000,071,752 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2013/01/19 15:06:18 | 000,068,272 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsm.sys
[2013/01/19 15:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2013/01/19 15:03:07 | 000,909,728 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2013/01/19 15:03:07 | 000,342,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2013/01/19 15:03:03 | 000,368,616 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2013/01/19 15:03:03 | 000,163,288 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2013/01/19 15:02:59 | 000,202,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2013/01/19 15:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2013/01/19 14:25:36 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{EAC4255C-BC12-4A3C-B3E1-0EA6D0353276}
[2013/01/19 14:21:24 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/01/19 14:21:24 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/01/19 14:21:24 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/01/19 14:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/01/17 10:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2013/01/17 09:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel Painter 12.1 Hot Fix 1
[2013/01/17 08:53:36 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\DownTango
[2013/01/17 08:39:31 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Roaming\GoforFiles
[2013/01/17 07:44:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2013/01/17 07:26:10 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{B18E8091-CBDD-4523-B599-39E8C250594C}
[2013/01/16 06:55:31 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{3653E8A3-A02B-4BA7-B4C0-23099F394484}
[2013/01/15 09:07:45 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{16707225-CDDE-4124-89F8-A5D818BF6150}
[2013/01/14 11:20:17 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Roaming\Corel
[2013/01/14 09:26:39 | 000,000,000 | ---D | C] -- D:\My Extracted Files
[2013/01/14 09:25:40 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\BitZipper
[2013/01/14 08:31:21 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{F65F90D1-23E7-4629-8306-56A7E2989783}
[2013/01/13 08:13:06 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{6247D15A-BD29-4570-BBB9-45D953CA136B}
[2013/01/12 07:45:40 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{B9AF1B89-4C1B-4B0B-B33A-0E8E2F041008}
[2013/01/11 08:09:21 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{8B568122-C6A0-4515-B788-57BCF7CD63EA}
[2013/01/10 07:51:36 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{3D494B45-7832-4977-AE7D-BE6F370358E7}
[2013/01/09 10:52:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013/01/09 08:19:59 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{3E6DBFDA-E783-404A-B08C-31BBFF167ACB}
[2013/01/08 12:01:41 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{A3A922A7-097A-41CA-B045-F7D3C681F852}
[2013/01/06 09:23:10 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{C802A164-61A3-4A0F-BDB4-26076CDFDDE8}
[2013/01/05 12:11:50 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\annoncelibertine
[2013/01/05 10:37:14 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{A73E9AAC-5029-4AF7-9BEC-4EEBCE5BC584}
[2013/01/04 14:47:10 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{F3192ABC-DDE2-4DBA-9F1A-98D9B9768B50}
[2013/01/03 10:10:13 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{F5AFA62F-01C9-4DE8-92C5-754C5A7FED2D}
[2013/01/02 11:10:58 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{0A61C501-01C3-43B3-B8AD-DE5A453E6C61}
[2013/01/02 10:37:04 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\annoncesdesexe
[2013/01/01 09:07:02 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{B43CDC91-A4EF-4008-A726-86F1E60D86C8}
[2012/12/31 12:41:15 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{C69DA125-B5D1-47C7-9474-B0FDCAE9CC96}
[2012/12/30 10:32:11 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{97ECC5E6-98C9-4196-804E-33A2E9A1F8A8}
[2012/12/29 09:58:18 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\tchat-libertin
[2012/12/29 08:43:18 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{AB67B886-7C34-4EE6-8AAA-C1504F75D221}
[2012/12/28 15:43:37 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{D057C542-6A94-496B-B83A-8DC2B39D0B8F}
[2012/12/27 14:52:57 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{692DC461-DD5A-4B3D-B558-D0EB44EC5CC8}
[2012/12/26 10:30:37 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{19F26F1B-11BB-4B00-B87B-0CE565545E1B}
[2012/12/25 10:46:16 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{A2454915-E555-43A7-AA38-203F38416F41}
[2012/12/25 10:40:19 | 000,000,000 | ---D | C] -- D:\My Weblog Posts
[2012/12/25 10:40:18 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Roaming\Windows Live Writer
[2012/12/25 10:40:18 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\Windows Live Writer
[2012/12/25 07:56:16 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{FC26300D-01C7-425C-817E-48C9068F4727}
[2012/12/24 09:51:33 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{D15A6E96-C378-4A4D-B610-F858C0D6B562}
[2012/12/23 06:49:17 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{F7BD4276-C97C-42BE-AD8B-E467B6D61789}
[2003/11/09 03:33:12 | 000,091,136 | ---- | C] (Litestep Development Team) -- C:\Program Files\litestep.exe
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013/01/20 21:35:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JCD\Desktop\OTL.exe
[2013/01/20 20:55:08 | 000,012,310 | ---- | M] () -- C:\Users\JCD\Desktop\cc_20130120_205458.reg
[2013/01/20 20:51:39 | 000,023,888 | ---- | M] () -- C:\LDB_20121105001
[2013/01/20 20:41:35 | 000,004,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/20 20:41:35 | 000,004,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/20 20:41:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/20 19:22:29 | 000,002,827 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\WORD.lnk
[2013/01/20 18:07:57 | 000,000,228 | ---- | M] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance.job
[2013/01/20 12:28:45 | 000,172,032 | ---- | M] () -- C:\Users\JCD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/20 05:59:16 | 000,000,863 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/19 15:58:11 | 000,001,900 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/01/19 15:35:19 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/01/19 15:03:53 | 001,565,580 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2013/01/19 14:20:50 | 000,001,882 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Painter 12.lnk
[2013/01/17 14:09:40 | 000,002,803 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\FrontPage.lnk
[2013/01/17 11:05:47 | 000,001,882 | ---- | M] () -- C:\Users\JCD\Desktop\Painter 12.lnk
[2013/01/17 10:12:40 | 000,760,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/17 09:13:12 | 000,000,969 | ---- | M] () -- C:\Users\JCD\Desktop\j1g.jpg.lnk
[2013/01/17 08:52:58 | 000,002,879 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Paint Shop Pro.lnk
[2013/01/17 08:52:58 | 000,002,053 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Reader X.lnk
[2013/01/17 08:52:58 | 000,001,819 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Notepad.lnk
[2013/01/17 08:52:58 | 000,001,795 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\JCD.lnk
[2013/01/17 08:52:58 | 000,001,752 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2013/01/17 08:52:58 | 000,001,109 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Photoshop.lnk
[2013/01/17 08:52:58 | 000,000,889 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\XnView.lnk
[2013/01/17 08:52:58 | 000,000,513 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\ADRESSES.lnk
[2013/01/17 07:44:56 | 000,001,157 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2013/01/16 10:47:58 | 000,000,848 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2013/01/16 06:57:37 | 012,208,038 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/01/16 06:57:36 | 005,136,800 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/16 06:57:36 | 004,085,176 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/01/16 06:57:36 | 004,001,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/16 06:52:28 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/16 06:52:27 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/16 06:52:27 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/14 14:06:11 | 000,000,918 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013/01/12 12:05:58 | 000,000,088 | RHS- | M] () -- C:\Windows\System32\17B84C4445.sys
[2013/01/12 10:53:30 | 000,001,531 | ---- | M] () -- C:\Users\JCD\Desktop\CAPOR.jpg.lnk
[2013/01/12 03:30:20 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/01/12 03:26:19 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/01/12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/01/12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/01/03 07:18:52 | 000,015,360 | ---- | M] () -- C:\Windows\Launcher.exe
[2012/12/26 13:28:41 | 000,002,339 | ---- | M] () -- C:\Users\JCD\Desktop\Movie Maker.lnk
[2012/12/22 09:45:56 | 000,000,590 | ---- | M] () -- C:\Users\JCD\Desktop\RODRIC.lnk
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013/01/20 20:55:06 | 000,012,310 | ---- | C] () -- C:\Users\JCD\Desktop\cc_20130120_205458.reg
[2013/01/20 20:51:39 | 000,023,888 | ---- | C] () -- C:\LDB_20121105001
[2013/01/20 05:59:16 | 000,000,863 | ---- | C] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/19 15:58:11 | 000,001,900 | ---- | C] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/01/19 15:07:34 | 000,769,144 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2013/01/19 15:07:33 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip
[2013/01/19 15:07:33 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2013/01/19 15:07:33 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2013/01/19 15:07:33 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2013/01/19 14:20:50 | 000,001,882 | ---- | C] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Painter 12.lnk
[2013/01/19 14:18:14 | 000,000,863 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/17 11:05:47 | 000,001,882 | ---- | C] () -- C:\Users\JCD\Desktop\Painter 12.lnk
[2013/01/17 10:24:01 | 000,001,882 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Painter 12.lnk
[2013/01/17 09:13:12 | 000,000,969 | ---- | C] () -- C:\Users\JCD\Desktop\j1g.jpg.lnk
[2013/01/17 08:53:02 | 000,015,360 | ---- | C] () -- C:\Windows\Launcher.exe
[2013/01/17 07:58:28 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FileOps.exe
[2013/01/17 07:44:56 | 000,001,157 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2013/01/14 09:44:35 | 000,000,918 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013/01/12 12:03:42 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2013/01/12 12:03:42 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\17B84C4445.sys
[2013/01/11 10:55:50 | 000,001,531 | ---- | C] () -- C:\Users\JCD\Desktop\CAPOR.jpg.lnk
[2012/12/22 09:45:56 | 000,000,590 | ---- | C] () -- C:\Users\JCD\Desktop\RODRIC.lnk
[2012/12/04 07:25:03 | 000,000,097 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/02/18 08:54:07 | 000,000,088 | RHS- | C] () -- C:\ProgramData\17B84C4445.sys
[2012/02/18 08:54:06 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012/02/18 08:49:58 | 000,000,104 | ---- | C] () -- C:\Users\JCD\Réseau - Raccourci.lnk
[2011/11/08 10:52:32 | 000,000,552 | ---- | C] () -- C:\Users\JCD\AppData\Local\d3d8caps.dat
[2011/11/04 15:16:27 | 000,000,680 | ---- | C] () -- C:\Users\JCD\AppData\Local\d3d9caps.dat
[2011/09/20 06:59:19 | 000,000,075 | ---- | C] () -- C:\Windows\rencontreshard.ini
[2011/01/27 12:43:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/14 05:01:47 | 000,005,113 | ---- | C] () -- C:\ProgramData\bdkaqbdl.qzl
[2009/10/14 05:01:47 | 000,005,078 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik
[2009/10/02 09:07:24 | 000,000,844 | ---- | C] () -- C:\Users\JCD\.recently-used.xbel
[2009/09/28 13:19:24 | 000,000,091 | ---- | C] () -- C:\Users\JCD\AppData\Local\fusioncache.dat
[2009/09/15 03:55:44 | 000,015,351 | ---- | C] () -- C:\Users\JCD\AppData\Roaming\UserTile.png
[2009/09/15 03:51:29 | 000,172,032 | ---- | C] () -- C:\Users\JCD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/11 09:39:58 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2003/03/19 23:38:18 | 000,102,400 | ---- | C] () -- C:\Program Files\libpng13.dll
[2003/03/19 23:38:10 | 000,053,248 | ---- | C] () -- C:\Program Files\zlib.dll
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2006/11/02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/04/11 07:28:24 | 011,584,000 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:63238B95
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JCD\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
3,00 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 65,81% Memory free
6,19 Gb Paging File | 5,36 Gb Available in Paging File | 86,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48,70 Gb Total Space | 17,43 Gb Free Space | 35,79% Space Free | Partition Type: NTFS
Drive D: | 234,96 Gb Total Space | 62,88 Gb Free Space | 26,76% Space Free | Partition Type: NTFS
Computer Name: PC-DE-JCD | User Name: JCD | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2013/01/20 21:35:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JCD\Desktop\OTL.exe
PRC - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/31 09:19:52 | 000,403,416 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
PRC - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/03/24 00:29:04 | 000,804,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011/03/23 23:22:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2010/02/25 11:40:58 | 000,716,616 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010/02/25 11:38:42 | 001,047,880 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009/09/23 13:34:04 | 000,073,728 | ---- | M] (Tablet Driver) -- C:\Windows\System32\drivers\WTSrv.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/22 21:32:02 | 000,493,480 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2008/04/22 18:26:26 | 000,431,384 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2008/01/22 18:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- C:\Windows\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - File not found [Auto | Stopped] -- C:\Windows\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2013/01/20 07:41:27 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/16 06:52:28 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/10 06:26:19 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/31 09:19:52 | 000,403,416 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2012/09/12 17:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/23 23:22:08 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/12 05:47:48 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/02/25 11:38:42 | 001,047,880 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/02/25 11:34:42 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009/09/23 13:34:04 | 000,073,728 | ---- | M] (Tablet Driver) [Auto | Running] -- C:\Windows\System32\drivers\WTSrv.exe -- (WinTabService)
SRV - [2009/04/11 07:28:20 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/04/11 07:28:20 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/04/11 07:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008/04/22 21:32:02 | 000,493,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2008/04/22 18:26:26 | 000,431,384 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008/01/22 18:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2006/11/02 19:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/11/02 13:35:03 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Tablet2k.sys -- (Tablet2k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VTGKModeDX32.sys -- (S3GIGP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ACTLwana.sys -- (itexadsla2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\avfsfilter.sys -- (AVFSFilter)
DRV - [2013/01/20 20:48:11 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D165C716-6680-4641-89FB-8953BD6E47F5}\MpKsl40c621bf.sys -- (MpKsl40c621bf)
DRV - [2012/11/01 15:35:20 | 000,068,272 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pctplsm.sys -- (pctplsm)
DRV - [2012/11/01 15:35:14 | 000,202,280 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\PCTSD.sys -- (PCTSD)
DRV - [2012/10/25 01:02:14 | 000,035,592 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss6.sys -- (taphss6)
DRV - [2012/10/23 17:40:32 | 000,062,688 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCTBD.sys -- (PCTBD)
DRV - [2012/10/22 16:38:28 | 000,368,616 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2012/08/30 22:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/07/03 17:21:53 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/02/28 11:43:06 | 000,909,728 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\System32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2012/02/28 11:43:00 | 000,342,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pctDS.sys -- (pctDS)
DRV - [2011/11/09 14:53:56 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011/11/09 14:53:54 | 010,518,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/08/24 18:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/08/24 18:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/08/24 18:30:06 | 000,020,304 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2010/02/25 10:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/04 22:46:33 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2009/10/04 22:46:33 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/10/04 22:46:31 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2009/10/04 22:46:30 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2009/06/23 00:37:10 | 003,486,336 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008/10/03 18:17:24 | 000,133,120 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/09/08 13:10:22 | 000,014,848 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UCTblHid.sys -- (UCTblHid)
DRV - [2007/06/07 16:16:28 | 000,018,944 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PTSimBus.sys -- (PTSimBus)
DRV - [2007/04/23 14:28:56 | 000,018,432 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TClass2k.sys -- (TClass2k)
DRV - [2007/04/23 14:28:56 | 000,010,752 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTSimHid.sys -- (PTSimHid)
DRV - [2006/06/14 11:53:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms}
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\SearchScopes\Wikipedia.fr: "URL" = https://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
IE - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http://http=127.0.0.1:50370
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "https://translate.google.fr/"
FF - prefs.js..extensions.enabledAddons: ietab%40ip.cn:2.0.0.0
FF - prefs.js..extensions.enabledAddons: %7B1BC9BA34-1EED-42ca-A505-6D2F1A935BBB%7D:4.12.22.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: belgiumeid%40eid.belgium.be:1.0.18
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\JCD\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\JCD\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\JCD\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\JCD\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/17 13:41:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/20 07:41:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/20 07:40:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 10:52:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files\AddLyrics\FF\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/20 07:41:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/20 07:40:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/09 10:52:22 | 000,000,000 | ---D | M]
[2012/12/04 13:05:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JCD\AppData\Roaming\mozilla\Extensions
[2010/09/05 08:47:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JCD\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/01/19 15:15:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions
[2012/12/26 07:29:26 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/04/27 09:15:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/01/11 12:43:23 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/01/15 19:38:51 | 000,000,000 | ---D | M] ("SecretHelper") -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\{eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c58}
[2011/10/18 08:04:06 | 000,000,000 | ---D | M] (IE Tab +) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\coralietab@mozdev.org
[2012/05/06 05:46:07 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\JCD\AppData\Roaming\mozilla\Firefox\Profiles\q8awk63x.default\extensions\ietab@ip.cn
[2012/01/08 10:44:19 | 000,011,125 | ---- | M] () (No name found) -- C:\Users\JCD\AppData\Roaming\mozilla\firefox\profiles\q8awk63x.default\extensions\admin@youtubeplayer.com.xpi
[2011/12/20 10:22:52 | 000,003,679 | ---- | M] () (No name found) -- C:\Users\JCD\AppData\Roaming\mozilla\firefox\profiles\q8awk63x.default\extensions\{eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c58}\chrome\secrethelper\content\expiry.xml
[2012/03/14 13:58:04 | 000,002,023 | ---- | M] () -- C:\Users\JCD\AppData\Roaming\mozilla\firefox\profiles\q8awk63x.default\searchplugins\badoo.xml
[2013/01/19 14:15:19 | 000,005,401 | ---- | M] () -- C:\Users\JCD\AppData\Roaming\mozilla\firefox\profiles\q8awk63x.default\searchplugins\searchcanvas.xml
[2013/01/20 07:40:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013/01/20 07:40:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/01/19 15:12:46 | 000,020,959 | ---- | M] () (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\BELGIUMEID@EID.BELGIUM.BE.XPI
[2013/01/20 07:41:28 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/01/11 08:04:05 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/08/29 08:59:05 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/21 08:39:55 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2013/01/11 08:04:05 | 000,001,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2013/01/17 08:52:56 | 000,003,265 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Web Search.xml
[2013/01/11 08:04:05 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/11/21 08:39:55 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2013/01/20 19:23:59 | 000,000,724 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\Toolbar\WebBrowser: (no name) - {147D6308-0614-4112-89B1-31402F9B82C4} - No CLSID value found.
O3 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found
O7 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = [binary data]
O7 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1373295836-3335714588-2401245204-1000\..Trusted Domains: rencontreshard.com ([]http in Intranet local)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 10.11.2)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5553A265-F6A9-4BAF-B0FA-AE1AF4246552}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: D:\DOC PERSO\DOCUMENTS JC\0 0 witch1.jpg
O24 - Desktop BackupWallPaper: D:\DOC PERSO\DOCUMENTS JC\0 0 witch1.jpg
O28 - HKLM ShellExecuteHooks: {67C4682D-5AED-48DB-83CB-2B53270E9BCB} - No CLSID value found.
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013/01/20 21:35:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\JCD\Desktop\OTL.exe
[2013/01/20 20:51:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\WCID
[2013/01/20 16:26:07 | 000,000,000 | ---D | C] -- C:\Users\JCD\Desktop\RK_Quarantine
[2013/01/20 07:45:21 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{B39310C6-681A-4D85-BDB0-2070D2790D31}
[2013/01/20 07:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/19 20:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/01/19 19:51:18 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/01/19 15:07:37 | 000,062,688 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTBD.sys
[2013/01/19 15:07:33 | 000,150,648 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2013/01/19 15:07:31 | 002,280,568 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2013/01/19 15:07:31 | 001,690,744 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2013/01/19 15:06:43 | 000,260,760 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2013/01/19 15:06:43 | 000,178,584 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2013/01/19 15:06:30 | 000,019,464 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctBTFix.sys
[2013/01/19 15:06:18 | 000,071,752 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2013/01/19 15:06:18 | 000,068,272 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsm.sys
[2013/01/19 15:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2013/01/19 15:03:07 | 000,909,728 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2013/01/19 15:03:07 | 000,342,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2013/01/19 15:03:03 | 000,368,616 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2013/01/19 15:03:03 | 000,163,288 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2013/01/19 15:02:59 | 000,202,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2013/01/19 15:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2013/01/19 14:25:36 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{EAC4255C-BC12-4A3C-B3E1-0EA6D0353276}
[2013/01/19 14:21:24 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/01/19 14:21:24 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/01/19 14:21:24 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/01/19 14:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/01/17 10:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2013/01/17 09:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel Painter 12.1 Hot Fix 1
[2013/01/17 08:53:36 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\DownTango
[2013/01/17 08:39:31 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Roaming\GoforFiles
[2013/01/17 07:44:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe PDF
[2013/01/17 07:26:10 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{B18E8091-CBDD-4523-B599-39E8C250594C}
[2013/01/16 06:55:31 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{3653E8A3-A02B-4BA7-B4C0-23099F394484}
[2013/01/15 09:07:45 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{16707225-CDDE-4124-89F8-A5D818BF6150}
[2013/01/14 11:20:17 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Roaming\Corel
[2013/01/14 09:26:39 | 000,000,000 | ---D | C] -- D:\My Extracted Files
[2013/01/14 09:25:40 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\BitZipper
[2013/01/14 08:31:21 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{F65F90D1-23E7-4629-8306-56A7E2989783}
[2013/01/13 08:13:06 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{6247D15A-BD29-4570-BBB9-45D953CA136B}
[2013/01/12 07:45:40 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{B9AF1B89-4C1B-4B0B-B33A-0E8E2F041008}
[2013/01/11 08:09:21 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{8B568122-C6A0-4515-B788-57BCF7CD63EA}
[2013/01/10 07:51:36 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{3D494B45-7832-4977-AE7D-BE6F370358E7}
[2013/01/09 10:52:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013/01/09 08:19:59 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{3E6DBFDA-E783-404A-B08C-31BBFF167ACB}
[2013/01/08 12:01:41 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{A3A922A7-097A-41CA-B045-F7D3C681F852}
[2013/01/06 09:23:10 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{C802A164-61A3-4A0F-BDB4-26076CDFDDE8}
[2013/01/05 12:11:50 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\annoncelibertine
[2013/01/05 10:37:14 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{A73E9AAC-5029-4AF7-9BEC-4EEBCE5BC584}
[2013/01/04 14:47:10 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{F3192ABC-DDE2-4DBA-9F1A-98D9B9768B50}
[2013/01/03 10:10:13 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{F5AFA62F-01C9-4DE8-92C5-754C5A7FED2D}
[2013/01/02 11:10:58 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{0A61C501-01C3-43B3-B8AD-DE5A453E6C61}
[2013/01/02 10:37:04 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\annoncesdesexe
[2013/01/01 09:07:02 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{B43CDC91-A4EF-4008-A726-86F1E60D86C8}
[2012/12/31 12:41:15 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{C69DA125-B5D1-47C7-9474-B0FDCAE9CC96}
[2012/12/30 10:32:11 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{97ECC5E6-98C9-4196-804E-33A2E9A1F8A8}
[2012/12/29 09:58:18 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\tchat-libertin
[2012/12/29 08:43:18 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{AB67B886-7C34-4EE6-8AAA-C1504F75D221}
[2012/12/28 15:43:37 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{D057C542-6A94-496B-B83A-8DC2B39D0B8F}
[2012/12/27 14:52:57 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{692DC461-DD5A-4B3D-B558-D0EB44EC5CC8}
[2012/12/26 10:30:37 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{19F26F1B-11BB-4B00-B87B-0CE565545E1B}
[2012/12/25 10:46:16 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{A2454915-E555-43A7-AA38-203F38416F41}
[2012/12/25 10:40:19 | 000,000,000 | ---D | C] -- D:\My Weblog Posts
[2012/12/25 10:40:18 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Roaming\Windows Live Writer
[2012/12/25 10:40:18 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\Windows Live Writer
[2012/12/25 07:56:16 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{FC26300D-01C7-425C-817E-48C9068F4727}
[2012/12/24 09:51:33 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{D15A6E96-C378-4A4D-B610-F858C0D6B562}
[2012/12/23 06:49:17 | 000,000,000 | ---D | C] -- C:\Users\JCD\AppData\Local\{F7BD4276-C97C-42BE-AD8B-E467B6D61789}
[2003/11/09 03:33:12 | 000,091,136 | ---- | C] (Litestep Development Team) -- C:\Program Files\litestep.exe
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013/01/20 21:35:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JCD\Desktop\OTL.exe
[2013/01/20 20:55:08 | 000,012,310 | ---- | M] () -- C:\Users\JCD\Desktop\cc_20130120_205458.reg
[2013/01/20 20:51:39 | 000,023,888 | ---- | M] () -- C:\LDB_20121105001
[2013/01/20 20:41:35 | 000,004,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/20 20:41:35 | 000,004,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/20 20:41:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/20 19:22:29 | 000,002,827 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\WORD.lnk
[2013/01/20 18:07:57 | 000,000,228 | ---- | M] () -- C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance.job
[2013/01/20 12:28:45 | 000,172,032 | ---- | M] () -- C:\Users\JCD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/20 05:59:16 | 000,000,863 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/19 15:58:11 | 000,001,900 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/01/19 15:35:19 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/01/19 15:03:53 | 001,565,580 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2013/01/19 14:20:50 | 000,001,882 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Painter 12.lnk
[2013/01/17 14:09:40 | 000,002,803 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\FrontPage.lnk
[2013/01/17 11:05:47 | 000,001,882 | ---- | M] () -- C:\Users\JCD\Desktop\Painter 12.lnk
[2013/01/17 10:12:40 | 000,760,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/17 09:13:12 | 000,000,969 | ---- | M] () -- C:\Users\JCD\Desktop\j1g.jpg.lnk
[2013/01/17 08:52:58 | 000,002,879 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Paint Shop Pro.lnk
[2013/01/17 08:52:58 | 000,002,053 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Reader X.lnk
[2013/01/17 08:52:58 | 000,001,819 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Notepad.lnk
[2013/01/17 08:52:58 | 000,001,795 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\JCD.lnk
[2013/01/17 08:52:58 | 000,001,752 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2013/01/17 08:52:58 | 000,001,109 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Photoshop.lnk
[2013/01/17 08:52:58 | 000,000,889 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\XnView.lnk
[2013/01/17 08:52:58 | 000,000,513 | ---- | M] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\ADRESSES.lnk
[2013/01/17 07:44:56 | 000,001,157 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2013/01/16 10:47:58 | 000,000,848 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2013/01/16 06:57:37 | 012,208,038 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/01/16 06:57:36 | 005,136,800 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/16 06:57:36 | 004,085,176 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/01/16 06:57:36 | 004,001,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/16 06:52:28 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/16 06:52:27 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/16 06:52:27 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/14 14:06:11 | 000,000,918 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013/01/12 12:05:58 | 000,000,088 | RHS- | M] () -- C:\Windows\System32\17B84C4445.sys
[2013/01/12 10:53:30 | 000,001,531 | ---- | M] () -- C:\Users\JCD\Desktop\CAPOR.jpg.lnk
[2013/01/12 03:30:20 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/01/12 03:26:19 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/01/12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/01/12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/01/03 07:18:52 | 000,015,360 | ---- | M] () -- C:\Windows\Launcher.exe
[2012/12/26 13:28:41 | 000,002,339 | ---- | M] () -- C:\Users\JCD\Desktop\Movie Maker.lnk
[2012/12/22 09:45:56 | 000,000,590 | ---- | M] () -- C:\Users\JCD\Desktop\RODRIC.lnk
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013/01/20 20:55:06 | 000,012,310 | ---- | C] () -- C:\Users\JCD\Desktop\cc_20130120_205458.reg
[2013/01/20 20:51:39 | 000,023,888 | ---- | C] () -- C:\LDB_20121105001
[2013/01/20 05:59:16 | 000,000,863 | ---- | C] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/19 15:58:11 | 000,001,900 | ---- | C] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/01/19 15:07:34 | 000,769,144 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2013/01/19 15:07:33 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip
[2013/01/19 15:07:33 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2013/01/19 15:07:33 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2013/01/19 15:07:33 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2013/01/19 14:20:50 | 000,001,882 | ---- | C] () -- C:\Users\JCD\Application Data\Microsoft\Internet Explorer\Quick Launch\Painter 12.lnk
[2013/01/19 14:18:14 | 000,000,863 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/17 11:05:47 | 000,001,882 | ---- | C] () -- C:\Users\JCD\Desktop\Painter 12.lnk
[2013/01/17 10:24:01 | 000,001,882 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Painter 12.lnk
[2013/01/17 09:13:12 | 000,000,969 | ---- | C] () -- C:\Users\JCD\Desktop\j1g.jpg.lnk
[2013/01/17 08:53:02 | 000,015,360 | ---- | C] () -- C:\Windows\Launcher.exe
[2013/01/17 07:58:28 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FileOps.exe
[2013/01/17 07:44:56 | 000,001,157 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
[2013/01/14 09:44:35 | 000,000,918 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013/01/12 12:03:42 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2013/01/12 12:03:42 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\17B84C4445.sys
[2013/01/11 10:55:50 | 000,001,531 | ---- | C] () -- C:\Users\JCD\Desktop\CAPOR.jpg.lnk
[2012/12/22 09:45:56 | 000,000,590 | ---- | C] () -- C:\Users\JCD\Desktop\RODRIC.lnk
[2012/12/04 07:25:03 | 000,000,097 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/02/18 08:54:07 | 000,000,088 | RHS- | C] () -- C:\ProgramData\17B84C4445.sys
[2012/02/18 08:54:06 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012/02/18 08:49:58 | 000,000,104 | ---- | C] () -- C:\Users\JCD\Réseau - Raccourci.lnk
[2011/11/08 10:52:32 | 000,000,552 | ---- | C] () -- C:\Users\JCD\AppData\Local\d3d8caps.dat
[2011/11/04 15:16:27 | 000,000,680 | ---- | C] () -- C:\Users\JCD\AppData\Local\d3d9caps.dat
[2011/09/20 06:59:19 | 000,000,075 | ---- | C] () -- C:\Windows\rencontreshard.ini
[2011/01/27 12:43:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/14 05:01:47 | 000,005,113 | ---- | C] () -- C:\ProgramData\bdkaqbdl.qzl
[2009/10/14 05:01:47 | 000,005,078 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik
[2009/10/02 09:07:24 | 000,000,844 | ---- | C] () -- C:\Users\JCD\.recently-used.xbel
[2009/09/28 13:19:24 | 000,000,091 | ---- | C] () -- C:\Users\JCD\AppData\Local\fusioncache.dat
[2009/09/15 03:55:44 | 000,015,351 | ---- | C] () -- C:\Users\JCD\AppData\Roaming\UserTile.png
[2009/09/15 03:51:29 | 000,172,032 | ---- | C] () -- C:\Users\JCD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/11 09:39:58 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2003/03/19 23:38:18 | 000,102,400 | ---- | C] () -- C:\Program Files\libpng13.dll
[2003/03/19 23:38:10 | 000,053,248 | ---- | C] () -- C:\Program Files\zlib.dll
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2006/11/02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/04/11 07:28:24 | 011,584,000 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:63238B95
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
< End of report >
loumax91
Messages postés
3183
Date d'inscription
mardi 14 juin 2011
Statut
Contributeur sécurité
Dernière intervention
14 avril 2019
478
20 janv. 2013 à 21:51
20 janv. 2013 à 21:51
Le rapport est trop volumineux pour tenir sur le forum, il faut l'héberger !
https://www.commentcamarche.net/faq/33244-pjjoint-analyse-optimisation-desinfection-autonome
https://www.commentcamarche.net/faq/33244-pjjoint-analyse-optimisation-desinfection-autonome
