Publicités intempestives

ninou48 Messages postés 33 Statut Membre -  
g3n-h@ckm@n Messages postés 14350 Statut Membre -
Bonjour,

Des pubs indésirables en tous genres à gogo autant sur firefox que sur FB....Que faire.....? C'est invivable........Virus????



21 réponses

  • 1
  • 2
Réponse 1 / 21
g3n-h@ckm@n Messages postés 14350 Statut Membre 948
 
salut

Télécharge et enregistre ADWCleaner sur ton bureau :

Lance le,(Pour vista/7/8 => clic droit "executer en tant qu'administrateur")

clique sur suppression et poste C:\Adwcleaner[Sx].txt
0
Réponse 2 / 21
ninou48 Messages postés 33 Statut Membre
 
je fais!!!!!Merci
0
g3n-h@ckm@n Messages postés 14350 Statut Membre 948
 
:)
0
Réponse 3 / 21
ninou48 Messages postés 33 Statut Membre
 
Présente : user_pref("CT2535304.IsGrouping", false);
Présente : user_pref("CT2535304.IsInitSetupIni", true);
Présente : user_pref("CT2535304.IsMulticommunity", false);
Présente : user_pref("CT2535304.IsOpenThankYouPage", true);
Présente : user_pref("CT2535304.IsOpenUninstallPage", true);
Présente : user_pref("CT2535304.LanguagePackLastCheckTime", "Tue Feb 26 2013 09:25:42 GMT+0100");
Présente : user_pref("CT2535304.LanguagePackReloadIntervalMM", 1440);
Présente : user_pref("CT2535304.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Présente : user_pref("CT2535304.LastLogin_3.18.0.7", "Wed Feb 27 2013 08:21:27 GMT+0100");
Présente : user_pref("CT2535304.LatestVersion", "3.18.0.7");
Présente : user_pref("CT2535304.Locale", "fr-be");
Présente : user_pref("CT2535304.MCDetectTooltipHeight", "83");
Présente : user_pref("CT2535304.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Présente : user_pref("CT2535304.MCDetectTooltipWidth", "295");
Présente : user_pref("CT2535304.MyStuffEnabledAtInstallation", true);
Présente : user_pref("CT2535304.OriginalFirstVersion", "3.18.0.7");
Présente : user_pref("CT2535304.SearchCaption", "Messenger Plus Live Belgium Customized Web Search");
Présente : user_pref("CT2535304.SearchFromAddressBarIsInit", true);
Présente : user_pref("CT2535304.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT253[...]
Présente : user_pref("CT2535304.SearchInNewTabEnabled", true);
Présente : user_pref("CT2535304.SearchInNewTabIntervalMM", 1440);
Présente : user_pref("CT2535304.SearchInNewTabLastCheckTime", "Tue Feb 26 2013 09:25:36 GMT+0100");
Présente : user_pref("CT2535304.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Présente : user_pref("CT2535304.SearchInNewTabUserEnabled", false);
Présente : user_pref("CT2535304.SendProtectorDataViaLogin", true);
Présente : user_pref("CT2535304.ServiceMapLastCheckTime", "Tue Feb 26 2013 09:25:36 GMT+0100");
Présente : user_pref("CT2535304.SettingsLastCheckTime", "Wed Feb 27 2013 08:21:23 GMT+0100");
Présente : user_pref("CT2535304.SettingsLastUpdate", "1361938241");
Présente : user_pref("CT2535304.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2535304&SearchSource=13");
Présente : user_pref("CT2535304.ToolbarShrinkedFromSetup", false);
Présente : user_pref("CT2535304.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2535304");
Présente : user_pref("CT2535304.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Présente : user_pref("CT2535304.UserID", "UN73288006197838057");
Présente : user_pref("CT2535304.alertChannelId", "928305");
Présente : user_pref("CT2535304.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Présente : user_pref("CT2535304.homepageProtectorEnableByLogin", true);
Présente : user_pref("CT2535304.initDone", true);
Présente : user_pref("CT2535304.myStuffEnabled", true);
Présente : user_pref("CT2535304.myStuffPublihserMinWidth", 400);
Présente : user_pref("CT2535304.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Présente : user_pref("CT2535304.myStuffServiceIntervalMM", 1440);
Présente : user_pref("CT2535304.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Présente : user_pref("CT2535304.navigateToUrlOnSearch", false);
Présente : user_pref("CT2535304.revertSettingsEnabled", true);
Présente : user_pref("CT2535304.searchProtectorDialogDelayInSec", 10);
Présente : user_pref("CT2535304.searchProtectorEnableByLogin", true);
Présente : user_pref("CT2535304.testingCtid", "");
Présente : user_pref("CT2535304.toolbarAppMetaDataLastCheckTime", "Tue Feb 26 2013 09:25:42 GMT+0100");
Présente : user_pref("CommunityToolbar.ConduitSearchList", "Messenger Plus Live Belgium Customized Web Search")[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2535304/CT2535304[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2535304", [...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2535304",[...]
Présente : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr-be", "\"[...]
Présente : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Présente : user_pref("CommunityToolbar.ToolbarsList", "CT2535304");
Présente : user_pref("CommunityToolbar.ToolbarsList2", "CT2535304");
Présente : user_pref("CommunityToolbar.ToolbarsList4", "CT2535304");
Présente : user_pref("CommunityToolbar.globalUserId", "b19ff8e5-6535-43cb-a61d-f7f1596dd685");
Présente : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2535304");
Présente : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Présente : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Présente : user_pref("browser.search.defaultengine", "Ask.com");
Présente : user_pref("browser.search.defaultenginename", "SearchYa!");
Présente : user_pref("browser.search.defaultthis.engineName", "Messenger Plus Live Belgium Customized Web Searc[...]
Présente : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2535304&Sea[...]
Présente : user_pref("browser.search.order.1", "SearchYa!");
Présente : user_pref("browser.search.selectedEngine", "SearchYa!");
Présente : user_pref("extensions.Softonic.admin", false);
Présente : user_pref("extensions.Softonic.aflt", "SD");
Présente : user_pref("extensions.Softonic.autoRvrt", "false");
Présente : user_pref("extensions.Softonic.cntry", "BE");
Présente : user_pref("extensions.Softonic.cv", "cv5");
Présente : user_pref("extensions.Softonic.dfltLng", "fr");
Présente : user_pref("extensions.Softonic.envrmnt", "production");
Présente : user_pref("extensions.Softonic.excTlbr", false);
Présente : user_pref("extensions.Softonic.hdrMd5", "18A2ABE32840E4A3EC115C033AFD5D70");
Présente : user_pref("extensions.Softonic.hmpg", false);
Présente : user_pref("extensions.Softonic.id", "8ccc749300000000000076f1a102fd3d");
Présente : user_pref("extensions.Softonic.instlDay", "15554");
Présente : user_pref("extensions.Softonic.instlRef", "MON00012");
Présente : user_pref("extensions.Softonic.lastVrsnTs", "1.6.4.39:33:48");
Présente : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Présente : user_pref("extensions.Softonic.newTab", false);
Présente : user_pref("extensions.Softonic.prdct", "Softonic");
Présente : user_pref("extensions.Softonic.prtnrId", "softonic");
Présente : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Présente : user_pref("extensions.Softonic.sg", "az");
Présente : user_pref("extensions.Softonic.smplGrp", "none");
Présente : user_pref("extensions.Softonic.tlbrId", "base");
Présente : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00012/tb_v1?SearchSource[...]
Présente : user_pref("extensions.Softonic.vrsn", "1.6.4.3");
Présente : user_pref("extensions.Softonic.vrsnTs", "1.6.4.39:33:48");
Présente : user_pref("extensions.Softonic.vrsni", "1.6.4.3");
Présente : user_pref("extensions.Softonic_i.newTab", false);
Présente : user_pref("extensions.Softonic_i.smplGrp", "none");
Présente : user_pref("extensions.Softonic_i.vrsnTs", "1.6.4.39:33:48");
Présente : user_pref("extensions.enabledAddons", "belgiumeid%40eid.belgium.be:1.0.18,ffxtlbra%40softonic.com:1.[...]
Présente : user_pref("extensions.searchya.aflt", "grupo1y");
Présente : user_pref("extensions.searchya.appId", "{1973277F-87B0-4EA3-9ED2-470A91D284CF}");
Présente : user_pref("extensions.searchya.cntry", "BE");
Présente : user_pref("extensions.searchya.dfltLng", "");
Présente : user_pref("extensions.searchya.dfltSrch", true);
Présente : user_pref("extensions.searchya.dnsErr", true);
Présente : user_pref("extensions.searchya.excTlbr", false);
Présente : user_pref("extensions.searchya.hdrMd5", "CFBF1C33DF5205A3085F4BD81B22C07C");
Présente : user_pref("extensions.searchya.hmpg", true);
Présente : user_pref("extensions.searchya.hmpgUrl", "hxxp://www.searchya.com/?f=1&a=grupo1y&cd=2XzuyEtN2Y1L1Qzu[...]
Présente : user_pref("extensions.searchya.id", "76F1A102FD3D7493");
Présente : user_pref("extensions.searchya.instlDay", "15762");
Présente : user_pref("extensions.searchya.instlRef", "");
Présente : user_pref("extensions.searchya.lastVrsnTs", "1.8.8.020:45:1");
Présente : user_pref("extensions.searchya.newTab", false);
Présente : user_pref("extensions.searchya.newTabUrl", "hxxp://www.searchya.com/?f=2&a=grupo1y&cd=2XzuyEtN2Y1L1Q[...]
Présente : user_pref("extensions.searchya.pnu_base", "{\"newVrsn\":\"35\",\"lastVrsn\":\"35\",\"vrsnLoad\":\"\"[...]
Présente : user_pref("extensions.searchya.prdct", "searchya");
Présente : user_pref("extensions.searchya.prtnrId", "searchya");
Présente : user_pref("extensions.searchya.sg", "none");
Présente : user_pref("extensions.searchya.smplGrp", "none");
Présente : user_pref("extensions.searchya.srchPrvdr", "SearchYa!");
Présente : user_pref("extensions.searchya.tlbrId", "base");
Présente : user_pref("extensions.searchya.tlbrSrchUrl", "hxxp://www.searchya.com/?f=3&a=grupo1y&cd=2XzuyEtN2Y1L[...]
Présente : user_pref("extensions.searchya.vrsn", "1.8.8.0");
Présente : user_pref("extensions.searchya.vrsnTs", "1.8.8.020:45:1");
Présente : user_pref("extensions.searchya.vrsni", "1.8.8.0");
Présente : user_pref("extensions.searchya_i.hmpg", true);
Présente : user_pref("extensions.searchya_i.newTab", false);
Présente : user_pref("extensions.searchya_i.smplGrp", "none");
Présente : user_pref("extensions.searchya_i.vrsnTs", "1.8.8.020:45:1");
Présente : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2535304&SearchSource=2&CU[...]

-\\ Google Chrome v25.0.1364.97

Fichier : C:\Users\jeannine\AppData\Local\Google\Chrome\User Data\Default\Preferences

Présente [l.41] : icon_url = "hxxp://www.searchya.com/favicon.ico",
Présente [l.44] : keyword = "searchya!.com",
Présente [l.47] : search_url = "hxxp://www.searchya.com/?q={searchTerms}&f=4&a=grupo1y&cd=2XzuyEtN2Y1L1QzuyByC0FtC0AtCtDtB0F0DtA0DyByEzytAtN0D0Tzu0CyEtBtAtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1144325836&ir=",
Présente [l.1991] : homepage = "hxxp://www.searchya.com/?f=1&a=grupo1y&cd=2XzuyEtN2Y1L1QzuyByC0FtC0AtCtDtB0F0DtA0DyByEzytAtN0D0Tzu0CyEtBtAtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1144325836&ir=",
Présente [l.2369] : urls_to_restore_on_startup = [ "hxxp://www.searchya.com/?f=1&a=grupo1y&cd=2XzuyEtN2Y1L1QzuyByC0FtC0AtCtDtB0F0DtA0DyByEzytAtN0D0Tzu0CyEtBtAtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1144325836&ir=", "hxxp://www.searchnu.com/406", "hxxp://isearch.avg.com/?cid={F1DB08A1-BEE9-412A-A649-72F52A6C33F2}&mid=bdf8c21dc70847d0a968a113f0cfe2da-e96186f8a8fd854692cc6f1e0d48e2db92aef041&lang=fr&ds=cv011&pr=sa&d=2012-07-18 18:56:31&v=14.2.0.1&pid=avg&sg=&sap=hp" ]

*************************

AdwCleaner[R1].txt - [40708 octets] - [27/02/2013 14:26:03]

########## EOF - C:\AdwCleaner[R1].txt - [40769 octets] ##########
0
Réponse 4 / 21
g3n-h@ckm@n Messages postés 14350 Statut Membre 948
 
1/ j'ai demandé suppression
2/ le rapport n'est pas complet

heberge-le suite à la suppression comme demandé sur https://www.cjoint.com/ et donne le lien obtenu
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 21
ninou48 Messages postés 33 Statut Membre
 
AdwCleaner v2.113 - Rapport créé le 27/02/2013 à 14:42:06
# Mis à jour le 23/02/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : jeannine - JEANNINE-PC
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\jeannine\Downloads\adwcleaner (1).exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\jeannine\AppData\Roaming\Mozilla\Firefox\Profiles\db9zbgyh.default\jetpack
Supprimé au redémarrage : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [Registre] *****


***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v18.0.2 (fr)

Fichier : C:\Users\jeannine\AppData\Roaming\Mozilla\Firefox\Profiles\db9zbgyh.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v25.0.1364.97

Fichier : C:\Users\jeannine\AppData\Local\Google\Chrome\User Data\Default\Preferences

Supprimée [l.23] : icon_url = "hxxp://www.searchya.com/favicon.ico",
Supprimée [l.26] : keyword = "searchya!.com",
Supprimée [l.29] : search_url = "hxxp://www.searchya.com/?q={searchTerms}&f=4&a=grupo1y&cd=2XzuyEtN2Y1L1QzuyByC0[...]

*************************

AdwCleaner[R1].txt - [40785 octets] - [27/02/2013 14:26:03]
AdwCleaner[S1].txt - [39490 octets] - [27/02/2013 14:27:24]
AdwCleaner[S2].txt - [1459 octets] - [27/02/2013 14:42:06]

########## EOF - C:\AdwCleaner[S2].txt - [1519 octets] ##########
0
Réponse 6 / 21
g3n-h@ckm@n Messages postés 14350 Statut Membre 948
 
essaie de faire attention à ce que j'ecris stp

==


Télécharge ici :OTL

enregistre le sur ton Bureau.

si tu as XP => double clique
si tu as Vista ou windows 7 / 8 => clic droit "executer en tant que...."

sur OTL.exe pour le lancer.

=> Clique ici pour voir la Configuration

▶ Copie et colle le contenu de ce qui suit en gras dans la partie inférieure d'OTL "Personnalisation"

/md5start
explorer.exe
winlogon.exe
wininit.exe
volsnap.sys
atapi.sys
ndisuio.sys
ndis.sys
cdrom.sys
i8042prt.sys
iastor.sys
net.exe
tdx.sys
netbt.sys
afd.sys
net1.exe
Rundll32.exe
/md5stop
netsvcs
safebootminimal
safebootnetwork
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\system32\*.ini
%systemroot%\Tasks\*.*
%systemroot%\system32\Tasks\*.*
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\config\*.exe /s
%systemroot%\system32\*.sys
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
CREATERESTOREPOINT

▶ Clic sur Analyse.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\<Bureau ou Desktop>\OTL.txt)

▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)

heberge OTL.txt et extra.txt sur https://www.cjoint.com/ et donne les liens
0
Réponse 7 / 21
ninou48 Messages postés 33 Statut Membre
 
https://www.cjoint.com/?CBBpA1EeUXE
0
Réponse 8 / 21
ninou48 Messages postés 33 Statut Membre
 
OTL logfile created on: 2/27/2013 3:48:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jeannine\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

2.93 Gb Total Physical Memory | 1.33 Gb Available Physical Memory | 45.50% Memory free
5.86 Gb Paging File | 3.82 Gb Available in Paging File | 65.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.99 Gb Total Space | 232.89 Gb Free Space | 81.43% Space Free | Partition Type: NTFS

Computer Name: JEANNINE-PC | User Name: jeannine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/02/27 15:30:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jeannine\Downloads\OTL (1).exe
PRC - [2013/02/21 06:23:46 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/02/19 12:17:37 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2012/11/27 13:20:50 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
PRC - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/04/28 19:26:26 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2009/10/29 12:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009/10/22 03:53:42 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009/10/13 20:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/09/10 14:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009/08/18 10:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009/08/04 06:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/01/26 14:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/07/30 04:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/02/21 06:23:44 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ppgooglenaclpluginchrome.dll
MOD - [2013/02/21 06:23:43 | 012,637,136 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
MOD - [2013/02/21 06:23:42 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\pdf.dll
MOD - [2013/02/21 06:22:51 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\libglesv2.dll
MOD - [2013/02/21 06:22:50 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\libegl.dll
MOD - [2013/02/21 06:22:48 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll
MOD - [2012/08/17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
MOD - [2008/07/30 04:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2009/10/29 20:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2013/02/19 12:17:37 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013/02/17 07:51:38 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/06 13:11:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/27 13:20:50 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2012/05/16 13:53:30 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2010/05/04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/04/28 19:26:26 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009/09/10 14:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2013/02/19 12:17:37 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:[b]64bit:[/b] - [2012/11/27 13:55:02 | 000,613,720 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2012/11/27 13:55:02 | 000,054,104 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:[b]64bit:[/b] - [2012/10/25 13:19:52 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2012/10/25 13:19:52 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:[b]64bit:[/b] - [2012/09/12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/08/13 16:49:40 | 000,178,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:[b]64bit:[/b] - [2012/08/02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2012/06/19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:[b]64bit:[/b] - [2012/03/01 14:24:15 | 000,044,672 | ---- | M] (Advanced Card Systems Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a38usb.sys -- (ACSSCR)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/07/21 16:00:44 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2010/07/21 16:00:44 | 000,023,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:[b]64bit:[/b] - [2010/07/01 16:52:18 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:[/b] - [2010/03/25 17:09:36 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2010/03/25 17:09:36 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)
DRV:[b]64bit:[/b] - [2010/03/01 17:35:26 | 000,075,776 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV:[b]64bit:[/b] - [2009/10/13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/09/02 04:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009/09/02 02:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2009/08/21 10:18:16 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2009/07/27 08:04:36 | 000,058,880 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/15 11:03:40 | 000,245,296 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/06/02 12:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:[b]64bit:[/b] - [2009/06/02 12:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:[b]64bit:[/b] - [2009/06/02 12:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:[b]64bit:[/b] - [2009/05/05 09:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:[b]64bit:[/b] - [2009/05/05 09:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2009/09/02 02:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/03/26 04:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=080c&m=aspire_5732z&r=27360710f235l0414z165t54j2d282
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{5D7707F4-362A-8B16-71E8-41F4A972A97C}: "URL" = http://www1.search-results.com/web?l=dis&q=&o=APN10645&apn_dtid=%5EBND406%5EYY%5EFR&shad=s_0043&gct=ds&apn_ptnrs=%5EAG6&d=406-394&lang=en&atb=sysid%3D406%3Aappid%3D394%3Auid%3Dc57a862aa9c897f4%3Asrc%3Dieb%3Ao%3DAPN10645%3Atg%3D&p2=%5EAG6%5EBND406%5EYY%5EFR{searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{45C1C63D-D1E0-52C0-DF53-7B5389AB51FC}: "URL" = http://www1.search-results.com/web?l=dis&q=&o=APN10645&apn_dtid=%5EBND406%5EYY%5EFR&shad=s_0043&gct=ds&apn_ptnrs=%5EAG6&d=406-394&lang=en&atb=sysid%3D406%3Aappid%3D394%3Auid%3Dc57a862aa9c897f4%3Asrc%3Dieb%3Ao%3DAPN10645%3Atg%3D&p2=%5EAG6%5EBND406%5EYY%5EFR{searchTerms}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-be?lang=fr-be&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 05 91 85 E2 6F 25 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {d1a1c8f1-e3d9-48df-802f-20201061ef61} - No CLSID value found
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2EAA}: "URL" = http://www6.pucuy.com/?tdfs=1&searchbox=1&showDomain=1{searchTerms}&sa=Search&cx=partner-pub-3546861938806019:fn51rv5o9ne&cof=FORID%3A10&ie=UTF-8&hl=fr
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{50EB343B-C443-4842-A5B2-8C7BA212E33A}: "URL" = http://www.search.ask.com/?l=dis{searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYBE&apn_uid=13C7C7F8-F9DE-4F87-988F-BE4FD5F1B14F&apn_sauid=1CE62E79-9EE6-41CC-A210-A5BA3DBA65CA
IE - HKCU\..\SearchScopes\{5D7707F4-362A-8B16-71E8-41F4A972A97C}: "URL" = http://www1.search-results.com/web?l=dis&q=&o=APN10645&apn_dtid=%5EBND406%5EYY%5EFR&shad=s_0043&gct=ds&apn_ptnrs=%5EAG6&d=406-394&lang=en&atb=sysid%3D406%3Aappid%3D394%3Auid%3Dc57a862aa9c897f4%3Asrc%3Dieb%3Ao%3DAPN10645%3Atg%3D&p2=%5EAG6%5EBND406%5EYY%5EFR{searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = https://www.google.com/webhp?sourceid=ie7&gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_frBE388BE388
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "https://www.google.be/?gws_rd=ssl"
FF - prefs.js..extensions.enabledAddons: belgiumeid%40eid.belgium.be:1.0.18
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/07/17 05:45:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\belgiumeid@eid.belgium.be: C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012/12/20 22:25:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012/12/20 22:25:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012/12/20 22:25:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012/12/20 22:25:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012/12/20 22:25:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/27 08:15:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/27 08:51:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files (x86)\AddLyrics\FF\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/27 08:15:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/27 08:51:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/02/27 08:15:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/27 08:51:29 | 000,000,000 | ---D | M]

[2013/02/27 08:20:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jeannine\AppData\Roaming\mozilla\Extensions
[2010/07/13 15:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jeannine\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013/02/27 14:27:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jeannine\AppData\Roaming\mozilla\Firefox\Profiles\db9zbgyh.default\extensions
[2013/01/29 09:49:12 | 000,000,000 | ---D | M] ("TimeLineRemove.Com") -- C:\Users\jeannine\AppData\Roaming\mozilla\Firefox\Profiles\db9zbgyh.default\extensions\jid0-YxzrUsJ0WOiOaU89TngAzLcIs18@jetpack
[2012/10/02 16:09:49 | 000,020,959 | ---- | M] () (No name found) -- C:\Users\jeannine\AppData\Roaming\mozilla\firefox\profiles\db9zbgyh.default\extensions\belgiumeid@eid.belgium.be.xpi
[2010/07/20 06:42:03 | 000,001,832 | ---- | M] () -- C:\Users\jeannine\AppData\Roaming\mozilla\firefox\profiles\db9zbgyh.default\searchplugins\bing.xml
[2013/02/26 20:46:01 | 000,002,371 | ---- | M] () -- C:\Users\jeannine\AppData\Roaming\mozilla\firefox\profiles\db9zbgyh.default\searchplugins\SearchYa!.xml
[2013/02/26 20:45:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/02/07 08:31:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/02/06 13:11:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
[2013/02/01 19:21:57 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/02/01 20:18:09 | 000,001,609 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2013/02/01 20:18:09 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/02/01 20:18:09 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2013/02/01 20:18:09 | 000,001,476 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/03/01 22:14:24 | 000,001,567 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\glarysearch.xml
[2013/02/01 20:18:08 | 000,002,669 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2010/07/17 08:01:06 | 000,000,615 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pucuy.xml
[2013/02/01 20:18:09 | 000,001,399 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2013/02/01 20:18:09 | 000,001,169 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: SearchYa! (Enabled)
CHR - default_search_provider: search_url = https://fr.yahoo.com/?p=us{searchTerms}&f=4&a=grupo1y&cd=2XzuyEtN2Y1L1QzuyByC0FtC0AtCtDtB0F0DtA0DyByEzytAtN0D0Tzu0CyEtBtAtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1N1C2Y1E1FtC2U&cr=1144325836&ir=
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U15 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Java Deployment Toolkit 7.0.150.3 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Analyse des liens (URL Advisor) = C:\Users\jeannine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: Protection des transactions bancaires = C:\Users\jeannine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Module du blocage des sites Internet dangereux = C:\Users\jeannine\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Clavier virtuel = C:\Users\jeannine\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\
CHR - Extension: Anti-banni\u00E8re = C:\Users\jeannine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:[b]64bit:[/b] - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:[b]64bit:[/b] - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:[b]64bit:[/b] - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (AddLyrics) - {4145006D-47F8-42F2-8186-2225AAFECDD3} - C:\Program Files (x86)\AddLyrics\AddLyrics.dll File not found
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion au compte Microsoft) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{33AA308B-B565-4376-AC66-59EE9B6AD13E} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{33AA308B-B565-4376-AC66-59EE9B6AD13E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup File not found
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" File not found
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\jeannine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:[b]64bit:[/b] - Extra context menu item: Ajouter dans l'Anti-bannière - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Ajouter dans l'Anti-bannière - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9:[b]64bit:[/b] - Extra Button: Clavier virtuel - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:[b]64bit:[/b] - Extra Button: Analyse des liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Clavier virtuel - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Analyse des liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{173DC93C-7476-469B-91B4-B8737CCA3430}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE82A32B-F21D-48FF-8AD4-78F2FA19D88D}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft
0
Réponse 9 / 21
ninou48 Messages postés 33 Statut Membre
 
Désolée mais je ne trouve pas comment faire autrement que poster le résultat.....
0
Réponse 10 / 21
g3n-h@ckm@n Messages postés 14350 Statut Membre 948
 
c'est ^pas ce qui etait demandé....
0
Réponse 11 / 21
ninou48 Messages postés 33 Statut Membre
 
https://www.cjoint.com/?CBCjo7cj6t1

J'espère que c'est bon..
En tous cas un grand merci..
0
Réponse 12 / 21
g3n-h@ckm@n Messages postés 14350 Statut Membre 948
 
re

desinstalle spybot , c'est de la crotte en barre

==

fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.


▶ Télécharge ici :

Malwarebytes

▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

▶ Lance Malwarebyte's .

Fais un examen dit "Complet" .

▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)


0
Réponse 13 / 21
ninou48 Messages postés 33 Statut Membre
 
2013/02/28 16:29:04 +0100 JEANNINE-PC jeannine MESSAGE Starting protection
2013/02/28 16:29:04 +0100 JEANNINE-PC jeannine MESSAGE Protection started successfully
2013/02/28 16:29:04 +0100 JEANNINE-PC jeannine MESSAGE Starting IP protection
2013/02/28 16:29:08 +0100 JEANNINE-PC jeannine MESSAGE IP Protection started successfully
2013/02/28 16:29:19 +0100 JEANNINE-PC jeannine MESSAGE Starting database refresh
2013/02/28 16:29:19 +0100 JEANNINE-PC jeannine MESSAGE Stopping IP protection
2013/02/28 16:29:20 +0100 JEANNINE-PC jeannine MESSAGE IP Protection stopped successfully
2013/02/28 16:29:24 +0100 JEANNINE-PC jeannine MESSAGE Database refreshed successfully
2013/02/28 16:29:24 +0100 JEANNINE-PC jeannine MESSAGE Starting IP protection
2013/02/28 16:29:33 +0100 JEANNINE-PC jeannine MESSAGE IP Protection started successfully
2013/02/28 16:34:00 +0100 JEANNINE-PC jeannine MESSAGE Executing scheduled update: Daily
2013/02/28 16:34:02 +0100 JEANNINE-PC jeannine MESSAGE Database already up-to-date
2013/02/28 18:21:49 +0100 JEANNINE-PC jeannine MESSAGE Stopping IP protection
2013/02/28 18:21:58 +0100 JEANNINE-PC jeannine MESSAGE IP Protection stopped successfully
2013/02/28 18:22:07 +0100 JEANNINE-PC jeannine MESSAGE Protection stopped
2013/02/28 18:22:18 +0100 JEANNINE-PC jeannine MESSAGE Starting protection
2013/02/28 18:22:18 +0100 JEANNINE-PC jeannine MESSAGE Protection started successfully
2013/02/28 18:22:18 +0100 JEANNINE-PC jeannine MESSAGE Starting IP protection
2013/02/28 18:22:23 +0100 JEANNINE-PC jeannine MESSAGE IP Protection started successfully
2013/02/28 18:23:29 +0100 JEANNINE-PC jeannine MESSAGE Starting database refresh
2013/02/28 18:23:29 +0100 JEANNINE-PC jeannine MESSAGE Stopping IP protection
2013/02/28 18:23:30 +0100 JEANNINE-PC jeannine MESSAGE IP Protection stopped successfully
2013/02/28 18:23:35 +0100 JEANNINE-PC jeannine MESSAGE Database refreshed successfully
2013/02/28 18:23:35 +0100 JEANNINE-PC jeannine MESSAGE Starting IP protection
2013/02/28 18:23:49 +0100 JEANNINE-PC jeannine MESSAGE IP Protection started successfully
2013/02/28 20:33:44 +0100 JEANNINE-PC jeannine MESSAGE Starting protection
2013/02/28 20:33:44 +0100 JEANNINE-PC jeannine MESSAGE Protection started successfully
2013/02/28 20:33:44 +0100 JEANNINE-PC jeannine MESSAGE Starting IP protection
2013/02/28 20:33:56 +0100 JEANNINE-PC jeannine MESSAGE IP Protection started successfully
0
Réponse 14 / 21
ninou48 Messages postés 33 Statut Membre
 
Je pense que je n'avais pas bien fait!!!!!Donc je re poste la nouvelle anakyse

2013/03/01 08:02:26 +0100 JEANNINE-PC jeannine MESSAGE Starting protection
2013/03/01 08:02:27 +0100 JEANNINE-PC jeannine MESSAGE Protection started successfully
2013/03/01 08:02:27 +0100 JEANNINE-PC jeannine MESSAGE Starting IP protection
2013/03/01 08:02:39 +0100 JEANNINE-PC jeannine MESSAGE IP Protection started successfully
2013/03/01 09:31:20 +0100 JEANNINE-PC jeannine MESSAGE Starting protection
2013/03/01 09:31:20 +0100 JEANNINE-PC jeannine MESSAGE Protection started successfully
2013/03/01 09:31:20 +0100 JEANNINE-PC jeannine MESSAGE Starting IP protection
2013/03/01 09:31:31 +0100 JEANNINE-PC jeannine MESSAGE IP Protection started successfully
0
Réponse 15 / 21
g3n-h@ckm@n Messages postés 14350 Statut Membre 948
 
nan c'est pas bon

c'est celui qui commence par ca :

Version de la base de données: v2013.02.20.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
g3n-h@ckm@n :: GEN-HACKMAN-PC [administrateur]

0
Réponse 16 / 21
ninou48 Messages postés 33 Statut Membre
 
Malwarebytes Anti-Malware (Essai) 1.70.0.1100
www.malwarebytes.org

Version de la base de données: v2013.03.01.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
jeannine :: JEANNINE-PC [administrateur]

Protection: Activé

1/03/2013 13:29:39
mbam-log-2013-03-01 (13-29-39).txt

Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 420421
Temps écoulé: 1 heure(s), 21 minute(s),

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)
0
Réponse 17 / 21
g3n-h@ckm@n Messages postés 14350 Statut Membre 948
 
nickel si plus de soucis tu peux faire le menage

https://gen-hackman.kanak.fr/
0
Réponse 18 / 21
ninou48
 
Tout impec.....Plus de soucis...
Je dois poster les résultats des scans?
En tous cas un tout grand merci..
0
Réponse 19 / 21
g3n-h@ckm@n Messages postés 14350 Statut Membre 948
 
si possible oui sinon tant pis
0
Réponse 20 / 21
ninou48
 
# DelFix v10.1 - Rapport créé le 05/03/2013 à 08:52:33
# Mis à jour le 23/02/2013 par Xplode
# Nom d'utilisateur : jeannine - JEANNINE-PC

~ Activation de l'UAC ... OK

~ Suppression des outils de désinfection ...


~ Purge de la restauration système ...

Supprimé : RP #575 [Fin de désinfection | 03/05/2013 07:25:23]
Supprimé : RP #576 [Removed Java 7 Update 15 | 03/05/2013 07:37:18]
Supprimé : RP #577 [Supprimé JavaFX 2.1.1 | 03/05/2013 07:38:24]
Supprimé : RP #578 [Installed Java 7 Update 17 | 03/05/2013 07:42:26]

Nouveau point de restauration créé !

~ Réinitialisation des paramètres système ... OK

########## - EOF - ##########
0

Discussions similaires

Message "Un bloqueur de publicité empêche la lecture..."
pistouri -
pistouri -

0 réponse
Comment bloquer les pubs du site dailymotion?
coulterfeith -
SeigneurSidious -

13 réponses
Débloquer les vidéos Dailymotion
Ross-D -
bbb -

6 réponses
comment desactiver un bloqueur de pub
amour10 -
MPMP10 -

4 réponses
M6 Replay désactiver le bloqueur de publicité
katydel88 -
Mathieu -

14 réponses