Sujet Précédent Sujet Suivant

Envahi de virus dont QV6 et d'autres

Résolu/Fermé
dframboise Messages postés 165 Date d'inscription dimanche 7 octobre 2007 Statut Membre Dernière intervention 14 mai 2021 - 29 août 2013 à 10:20
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 11 sept. 2013 à 18:54
Bonjour,

J'eassie de nettoyer mon ordi mais je ne suis pas une pro donc je n'arrive à rien j'ai passé antimalwarebytes mais trop léger apparemanr donc je viens vous demander de l'aide pour nettoyer mon ordi.

Merci de me donner une marche à suivre le plus simple possible.



A voir également:

75 réponses

Précédent
Réponse 61 / 75
dframboise Messages postés 165 Date d'inscription dimanche 7 octobre 2007 Statut Membre Dernière intervention 14 mai 2021 1
7 sept. 2013 à 17:33
J'ai juste trouvé Movies Toolbar qui à l'air d'être distribué par Bandoo sinon je n'ai pas Firefox je n'ai que Google, ai-je quelque chose à faire sur Google?
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
7 sept. 2013 à 17:37
non, désinstalle MediaGet2 et uTorrent aussi.
0
Réponse 62 / 75
dframboise Messages postés 165 Date d'inscription dimanche 7 octobre 2007 Statut Membre Dernière intervention 14 mai 2021 1
7 sept. 2013 à 17:49
Bon MediaGet2 à l'air de faire des difficultés pour partir, il n'en finit pas de se désinstaller et l'autre uTorrent je ne le vois pas. Je fais quoi si dans ce cas?
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
7 sept. 2013 à 17:51
essaye de désinstaller.
Quand tu as fini, tu refais un scan OTL et file le rapport.
On enlèvera les restes.
0
Réponse 63 / 75
dframboise Messages postés 165 Date d'inscription dimanche 7 octobre 2007 Statut Membre Dernière intervention 14 mai 2021 1
7 sept. 2013 à 18:06
Bon j'ai rien pu supprimer de plus alors voila le nouveau rapport OTL :

OTL logfile created on: 07/09/2013 17:54:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TULIP Vision\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,82 Gb Available Physical Memory | 41,13% Memory free
4,00 Gb Paging File | 2,28 Gb Available in Paging File | 57,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 300,82 Gb Free Space | 50,47% Space Free | Partition Type: NTFS
Drive D: | 76,68 Gb Total Space | 76,49 Gb Free Space | 99,76% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 125,10 Gb Free Space | 41,97% Space Free | Partition Type: NTFS
Drive G: | 3,61 Gb Total Space | 2,53 Gb Free Space | 70,28% Space Free | Partition Type: FAT32
Drive H: | 14,94 Gb Total Space | 0,27 Gb Free Space | 1,81% Space Free | Partition Type: FAT32

Computer Name: TULIPVISION-PC | User Name: TULIP Vision | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========/color

PRC - File not found --
PRC - [2013/09/07 17:40:08 | 008,355,840 | ---- | M] (MediaGet LLC) -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\mediaget.exe
PRC - [2013/09/07 16:52:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\TULIP Vision\Downloads\OTL.exe
PRC - [2013/06/09 15:31:36 | 000,202,576 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\RaMaint.exe
PRC - [2013/06/09 15:31:17 | 000,375,120 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2013/05/29 12:34:28 | 000,449,248 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/04 18:13:54 | 000,070,832 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012/10/31 00:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/31 00:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/10/10 12:22:30 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2012/08/24 15:41:32 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2011/06/10 08:23:52 | 000,959,880 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe
PRC - [2011/03/07 12:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
PRC - [2011/01/17 17:37:42 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 17:37:42 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/01/11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2008/06/30 21:38:32 | 000,253,952 | R--- | M] (Stanford University) -- C:\Program Files\Folding@Home #01\Folding@Home #02\FAH-Console.exe
PRC - [2008/06/30 21:38:32 | 000,253,952 | R--- | M] (Stanford University) -- C:\Program Files\Folding@Home #01\Folding@Home #01\FAH-Console.exe


[color=#E56717]========== Modules (No Company Name) ==========/color

MOD - [2013/05/17 10:51:16 | 000,207,872 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
MOD - [2013/02/04 18:13:54 | 000,070,832 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012/09/18 11:42:00 | 000,593,920 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2012/04/30 11:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2011/11/16 15:54:32 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/07/07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\Report.dll
MOD - [2011/05/05 10:46:46 | 002,293,248 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\QtCore4.dll
MOD - [2011/03/30 12:48:38 | 000,220,672 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\imageformats\qmng4.dll
MOD - [2011/03/30 12:48:22 | 000,026,624 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\imageformats\qgif4.dll
MOD - [2011/03/30 12:48:14 | 000,196,608 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\imageformats\qjpeg4.dll
MOD - [2011/03/30 09:31:28 | 000,266,752 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\phonon4.dll
MOD - [2011/03/30 09:16:34 | 008,173,568 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\QtGui4.dll
MOD - [2011/03/30 08:59:26 | 000,971,776 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\QtNetwork4.dll
MOD - [2011/03/30 08:57:58 | 000,339,968 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\QtXml4.dll
MOD - [2010/01/11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\VObject.dll
MOD - [2009/02/14 05:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL


[color=#E56717]========== Services (SafeList) ==========/color

SRV - File not found [Auto | Stopped] -- C:\Program Files\BrowseFox\updateBrowseFox.exe -- (Update BrowseFox)
SRV - [2013/08/29 09:51:29 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/30 13:12:14 | 001,207,648 | ---- | M] (TorchMedia Inc.) [Auto | Stopped] -- C:\Users\TULIP Vision\AppData\Local\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - [2013/06/09 15:31:36 | 000,202,576 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2013/06/09 15:31:17 | 000,375,120 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/01 12:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/10/31 00:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/08/24 15:41:32 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/08/08 21:17:00 | 004,865,496 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/09/18 22:52:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/09/01 16:51:28 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2010/01/11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008/06/30 21:38:32 | 000,253,952 | R--- | M] (Stanford University) [Auto | Running] -- C:\Program Files\Folding@Home #01\Folding@Home #02\FAH-Console.exe -- (FAH-02)
SRV - [2008/06/30 21:38:32 | 000,253,952 | R--- | M] (Stanford University) [Auto | Running] -- C:\Program Files\Folding@Home #01\Folding@Home #01\FAH-Console.exe -- (FAH-01)


[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva375.sys -- (XDva375)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva369.sys -- (XDva369)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Windows\system32\TrueSight.sys -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\TULIPV~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/09/04 11:42:53 | 000,105,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2013/09/04 11:42:27 | 000,077,528 | ---- | M] (MalwareBytes) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2013/08/31 19:10:41 | 000,053,248 | ---- | M] (eSage Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rk_remover.sys -- (rk_remover-boot)
DRV - [2013/06/09 15:31:18 | 000,086,888 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2013/05/26 16:29:33 | 000,013,624 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - [2012/10/31 00:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/31 00:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/31 00:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/31 00:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/31 00:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/15 18:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/09/27 13:03:30 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012/09/27 13:03:30 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012/08/24 15:41:32 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2012/03/07 01:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011/10/28 18:00:50 | 000,042,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2010/01/12 06:03:33 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2007/08/29 14:56:24 | 000,096,384 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\camfilt2.sys -- (camfilt2)
DRV - [2007/02/02 13:55:46 | 000,167,464 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ov530vid.sys -- (ovt530)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/03/21 17:28:30 | 000,402,944 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WlanBZXP.sys -- (SG762_XP)
DRV - [2005/12/21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005/08/17 07:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 07:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2002/07/17 18:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)


[color=#E56717]========== Standard Registry (All) ==========/color


[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67004720-D16B-045A-60A3-6487A3DEFC39}: "URL" = https://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10013&barid={1910F589-0A26-11E2-BFBC-0060B3459D91}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{71C63272-91A7-436a-843D-A1C641D1C626}: "URL" = http://www1.search-results.com/web?l=dis&q=&o=APN10643&apn_dtid=%5EIME003%5EYY%5EFR&shad=s_0043&gct=ds&apn_ptnrs=%5EAG4&d=3-0&lang=en&atb=sysid%3D3%3Auid%3D537d1e3431d42a94%3Asrc%3Dieb%3Ao%3DAPN10643%3Ab%3DShareaza%3Atg%3D&p2=%5EAG4%5EIME003%5EYY%5EFR{searchTerms}
IE - HKLM\..\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}: "URL" = https://hp.tb.ask.com/tbask/index.html^AYY^xdm073^YYA^fr&si=flvrunner&ptb=D19DC7C2-137D-40F7-922C-99BF84EA6763&ind=2013082612&n=77fd33f4&psa=&st=sb&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = https://www.search.ask.com/web?l=dis&q=&o=APN10645&apn_dtid=%5EBND406%5EYY%5EFR&shad=s_0043&apn_uid=6150148101444193&gct=ds&apn_ptnrs=%5EAG6&d=406-394&lang=en&atb=sysid%3D406%3Aappid%3D394%3Auid%3D39f659836c77cf90%3Auc2%3D96%3Atypekbn%3Dn9092%3Asrc%3Dieb%3Ao%3DAPN10645%3Atg%3D&p2=%5EAG6%5EBND406%5EYY%5EFR{searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\TULIP Vision\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_url = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fhome.microsoft.com%2faccess%2fallinone.asp%26gt%3b%3f
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 44 BE 5C 61 9C 97 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = ${searchCLSID}
IE - HKCU\..\SearchScopes\${searchCLSID}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = https://www.search.ask.com/web?l=dis&q=&o=APN10645&apn_dtid=%5EBND406%5EYY%5EFR&shad=s_0043&apn_uid=6150148101444193&gct=ds&apn_ptnrs=%5EAG6&d=406-394&lang=en&atb=sysid%3D406%3Aappid%3D394%3Auid%3D39f659836c77cf90%3Auc2%3D96%3Atypekbn%3Dn9092%3Asrc%3Dieb%3Ao%3DAPN10645%3Atg%3D&p2=%5EAG6%5EBND406%5EYY%5EFR{searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>;*.local


[color=#E56717]========== FireFox ==========/color

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\TULIP Vision\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\SeeSimilar@SeeSimilar.com: C:\Users\TULIP Vision\AppData\Roaming\Mozilla\Extensions\SeeSimilar@SeeSimilar.com [2013/07/21 15:12:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\SeeSimilar@SeeSimilar.com: C:\Users\TULIP Vision\AppData\Roaming\Mozilla\Extensions\SeeSimilar@SeeSimilar.com [2013/07/21 15:12:14 | 000,000,000 | ---D | M]

[2013/08/27 20:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions
[2013/08/27 20:20:16 | 000,000,000 | ---D | M] (7Go Games) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\7go@7go.com
[2010/09/30 19:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2013/07/21 15:12:14 | 000,000,000 | ---D | M] (SeeSimilar) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\SeeSimilar@SeeSimilar.com
[2013/06/25 11:26:33 | 000,000,000 | ---D | M] (specialsavings) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\specialsavings@SpecialSavings.com
[2013/06/25 11:25:08 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
[2012/09/29 13:15:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

O1 HOSTS File: ([2011/11/08 21:40:51 | 000,000,936 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 update.microsoft.com
O1 - Hosts: 127.0.0.1 download.microsoft.com
O1 - Hosts: 127.0.0.1 downloads.microsoft.com
O1 - Hosts: 127.0.0.1 windowsupdate.microsoft.com
O1 - Hosts: 127.0.0.1 www.windowsupdate.microsoft.com
O1 - Hosts: 127.0.0.1 support.microsoft.com
O1 - Hosts: 127.0.0.1 www.symantec.com
O1 - Hosts: 127.0.0.1 liveupdate.symantecliveupdate.com
O1 - Hosts: 127.0.0.1 liveupdate.symantec.com
O1 - Hosts: 127.0.0.1 update.symantec.com
O1 - Hosts: 127.0.0.1 avpg.crsi.symantec.com
O1 - Hosts: 127.0.0.1 securityresponse.symantec.com
O1 - Hosts: 127.0.0.1 symantec.com
O1 - Hosts: 127.0.0.1 pif.symantec.com
O1 - Hosts: 127.0.0.1 pifmain.symantec.com
O1 - Hosts: 127.0.0.1 update.avg.com
O1 - Hosts: 127.0.0.1 backup.avg.cz
O1 - Hosts: 127.0.0.1 akamai.avg.com
O1 - Hosts: 127.0.0.1 u20.eset.com
O1 - Hosts: 127.0.0.1 www.eset.com
O1 - Hosts: 127.0.0.1 eset.com
O1 - Hosts: 127.0.0.1 www.mcafee.com
O1 - Hosts: 127.0.0.1 mcafee.com
O1 - Hosts: 127.0.0.1 us.mcafee.com
O1 - Hosts: 7 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [startertv_fr_8] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.dll (Pinnacle Systems)
O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\TULIP Vision\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [MediaGet2] C:\Users\TULIP Vision\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKCU..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found
O4 - HKLM..\RunOnce: [removeiLividdatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Movies Toolbar" File not found
O4 - Startup: C:\Users\TULIP Vision\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000060 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000061 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000062 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000063 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000064 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} https://kitchenplanner.ikea.com/fr/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{508A26FE-AB49-4EEC-94A8-901B583A93BB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD4FEFB2-523E-46B6-A0EB-0BAF75B46BF4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D734C3B9-74F0-436E-B96F-57EE545AD3CD}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\optimi~1\optpro~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/11/29 12:24:46 | 000,000,097 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll) - File not found
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

[2013/09/07 17:40:15 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Roaming\Media Get LLC
[2013/09/07 17:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Get LLC
[2013/09/07 08:54:29 | 000,000,000 | ---D | C] -- C:\6e3abc636b88c98120924ad73f2f8d
[2013/09/06 09:55:49 | 000,000,000 | ---D | C] -- C:\acb3f33a588a32670858e0c332
[2013/09/05 19:45:57 | 000,000,000 | ---D | C] -- C:\71c77a36b21af62bd46b
[2013/09/05 18:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TorchCrashHandler
[2013/09/05 18:31:36 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Roaming\TFP
[2013/09/05 18:31:09 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Local\Torch
[2013/09/05 18:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\Movies Toolbar
[2013/09/05 18:26:38 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Local\iLivid
[2013/09/05 17:07:48 | 000,000,000 | ---D | C] -- C:\4e8c69a65fe72740687826cf06d8b9
[2013/09/05 08:39:29 | 000,000,000 | ---D | C] -- C:\51bbf6a221cba0ff8609
[2013/09/04 18:46:33 | 000,000,000 | ---D | C] -- C:\bcbad8c5ed8a47b405dd090f0c
[2013/09/04 12:46:07 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\Desktop\RK_Quarantine
[2013/09/04 12:45:45 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Local\Software
[2013/09/04 12:45:45 | 000,000,000 | ---D | C] -- C:\Program Files\Software
[2013/09/04 11:42:53 | 000,105,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2013/09/04 11:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/09/04 11:42:27 | 000,077,528 | ---- | C] (MalwareBytes) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013/09/04 11:33:03 | 000,000,000 | ---D | C] -- C:\5c8899b8f41d1ee12c80addef7
[2013/09/04 11:31:04 | 000,000,000 | ---D | C] -- C:\e7b5609a355d8551d284061905b2ad7a
[2013/09/04 11:23:07 | 000,000,000 | ---D | C] -- C:\bbd87de16c51b3e103528439
[2013/09/03 09:54:59 | 000,000,000 | ---D | C] -- C:\e0075403056d0027ca
[2013/09/02 10:16:32 | 000,000,000 | ---D | C] -- C:\b258314163f7d8a42b09e1
[2013/09/01 09:06:22 | 000,000,000 | ---D | C] -- C:\d2d8bf7982bf74336dd00b
[2013/08/31 19:10:41 | 000,053,248 | ---- | C] (eSage Lab) -- C:\Windows\System32\drivers\rk_remover.sys
[2013/08/31 18:57:06 | 000,000,000 | ---D | C] -- C:\50d8d8fcd63ca9db44
[2013/08/31 18:48:09 | 000,000,000 | ---D | C] -- C:\8a5340d6ee39a5b496da7c
[2013/08/31 08:30:23 | 000,000,000 | ---D | C] -- C:\7b8be8197447d70b570cf87b
[2013/08/30 09:27:14 | 000,000,000 | ---D | C] -- C:\53bb22f025889755ef93e0d6
[2013/08/29 12:00:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/08/28 14:21:43 | 000,000,000 | ---D | C] -- C:\fb74d7e43bff72cd4272be4c
[2013/08/28 12:44:47 | 000,000,000 | ---D | C] -- C:\76556c20d58c153cb21a62808896db
[2013/08/28 12:40:27 | 000,000,000 | ---D | C] -- C:\b14fbcd90620e55997b7
[2013/08/28 12:34:07 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Roaming\337 Wallpaper
[2013/08/28 11:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Arovax
[2013/08/28 11:15:33 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/08/28 11:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/08/28 11:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013/08/28 09:57:34 | 000,000,000 | ---D | C] -- C:\Program Files\OnecomCloudDrive
[2013/08/27 19:37:52 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Roaming\GoforFiles
[2013/08/27 19:08:17 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Local\Weather_Notifications,_LL
[2013/08/27 19:08:00 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Severe Weather Alerts
[2013/08/27 19:07:59 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Local\SevereWeatherAlerts
[2013/08/27 13:55:09 | 000,000,000 | ---D | C] -- C:\Program Files\PC Cleaner
[2013/08/27 10:13:55 | 000,000,000 | ---D | C] -- C:\b86b12283603ba1832
[2013/08/26 19:40:40 | 000,000,000 | ---D | C] -- C:\e1c0b4737ec1274af916
[2013/08/26 15:40:34 | 000,000,000 | ---D | C] -- C:\f7087b95b1d8926fb49ea72c7f78b725
[2013/08/22 11:37:07 | 000,000,000 | ---D | C] -- C:\f754d3ccf680fdcae79d6ca89cf0710a
[2013/08/20 09:18:20 | 000,000,000 | ---D | C] -- C:\e404901a8a2cfdb377310d4907
[2013/08/18 13:24:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\TULIP Vision\Desktop\*.tmp files -> C:\Users\TULIP Vision\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\TULIP Vision\Documents\*.tmp files -> C:\Users\TULIP Vision\Documents\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[2013/09/07 17:53:34 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/07 17:53:34 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/07 17:30:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/07 17:17:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/07 13:30:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/07 09:09:07 | 000,697,522 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/09/07 09:09:07 | 000,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/09/07 09:09:07 | 000,128,356 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/09/07 09:09:07 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/09/07 08:53:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/07 08:53:08 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/05 18:31:50 | 000,002,097 | ---- | M] () -- C:\Users\TULIP Vision\Desktop\Facebook.lnk
[2013/09/05 18:31:50 | 000,002,095 | ---- | M] () -- C:\Users\TULIP Vision\Desktop\Youtube.lnk
[2013/09/04 18:43:56 | 000,001,164 | ---- | M] () -- C:\Users\TULIP Vision\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/09/04 18:43:56 | 000,000,994 | ---- | M] () -- C:\Users\TULIP Vision\Desktop\Internet Explorer.lnk
[2013/09/04 11:42:53 | 000,105,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2013/09/04 11:42:27 | 000,077,528 | ---- | M] (MalwareBytes) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013/08/31 19:10:41 | 000,053,248 | ---- | M] (eSage Lab) -- C:\Windows\System32\drivers\rk_remover.sys
[2013/08/29 09:51:29 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/08/29 09:51:29 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/08/27 20:13:03 | 000,000,000 | ---- | M] () -- C:\Users\TULIP Vision\opera.exe
[2013/08/27 20:13:03 | 000,000,000 | ---- | M] () -- C:\Users\TULIP Vision\jucheck.exe
[2013/08/27 19:08:50 | 000,773,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2013/08/27 19:08:49 | 000,420,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
[2013/08/18 13:24:44 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\TULIP Vision\Desktop\*.tmp files -> C:\Users\TULIP Vision\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\TULIP Vision\Documents\*.tmp files -> C:\Users\TULIP Vision\Documents\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========/color

[2013/09/05 18:31:50 | 000,002,097 | ---- | C] () -- C:\Users\TULIP Vision\Desktop\Facebook.lnk
[2013/09/05 18:31:50 | 000,002,095 | ---- | C] () -- C:\Users\TULIP Vision\Desktop\Youtube.lnk
[2013/09/05 18:31:50 | 000,001,201 | ---- | C] () -- C:\Users\TULIP Vision\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
[2013/09/05 18:31:08 | 000,001,061 | ---- | C] () -- C:\Users\TULIP Vision\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
[2013/08/27 20:13:03 | 000,000,000 | ---- | C] () -- C:\Users\TULIP Vision\opera.exe
[2013/08/27 20:13:03 | 000,000,000 | ---- | C] () -- C:\Users\TULIP Vision\jucheck.exe
[2013/08/18 13:24:44 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/09/13 17:36:48 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini
[2012/09/13 17:36:48 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini
[2012/01/30 19:40:11 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/01/08 16:17:37 | 000,221,184 | --S- | C] () -- C:\Windows\System32\glut32.dll
[2011/11/26 10:54:48 | 000,003,065 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
[2011/11/26 10:52:23 | 000,669,416 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2011/11/26 10:52:23 | 000,017,680 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/11/01 13:23:21 | 000,286,208 | ---- | C] () -- C:\Windows\System32\binkw32.dll
[2011/10/29 11:30:00 | 000,374,272 | ---- | C] () -- C:\Windows\System32\mss32.dll
[2011/06/13 16:38:15 | 000,595,341 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011/06/12 11:37:14 | 000,017,408 | ---- | C] () -- C:\Users\TULIP Vision\AppData\Local\WebpageIcons.db
[2011/06/11 17:50:07 | 000,010,216 | --S- | C] () -- C:\Users\TULIP Vision\AppData\Local\e1i8cp645hqv0g03h401
[2011/06/11 17:50:07 | 000,010,216 | --S- | C] () -- C:\ProgramData\e1i8cp645hqv0g03h401
0
Réponse 64 / 75
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
7 sept. 2013 à 18:09
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\BrowseFox\updateBrowseFox.exe -- (Update BrowseFox)
SRV - [2008/06/30 21:38:32 | 000,253,952 | R--- | M] (Stanford University) [Auto | Running] -- C:\Program Files\Folding@Home #01\Folding@Home #02\FAH-Console.exe -- (FAH-02)
SRV - [2008/06/30 21:38:32 | 000,253,952 | R--- | M] (Stanford University) [Auto | Running] -- C:\Program Files\Folding@Home #01\Folding@Home #01\FAH-Console.exe -- (FAH-01)
[2013/08/27 20:20:16 | 000,000,000 | ---D | M] (7Go Games) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\7go@7go.com
[2010/09/30 19:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2013/07/21 15:12:14 | 000,000,000 | ---D | M] (SeeSimilar) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\SeeSimilar@SeeSimilar.com
[2013/06/25 11:26:33 | 000,000,000 | ---D | M] (specialsavings) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\specialsavings@SpecialSavings.com
[2013/06/25 11:25:08 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
[2013/09/07 17:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Get LLC
[2013/09/05 18:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\Movies Toolbar
[2013/09/05 18:26:38 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Local\iLivid

* redemarre le pc sous windows et poste le rapport ici


0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 75
dframboise Messages postés 165 Date d'inscription dimanche 7 octobre 2007 Statut Membre Dernière intervention 14 mai 2021 1
7 sept. 2013 à 19:11
Bon j'ai fait ce que t as dit, mon PC est planté il ne redémarre pas, il me dit BOTMGR absent, CTRL + ALT+ SUPP pour redémarrer je l'ai fait plusieurs ça me redonne le même message chaque fois . Je suis sur un PC de fortune faut pas trop lui en demander ce soir mais en attendant moi je n'en ai plus, aie aie aie, que se passe t il?
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
7 sept. 2013 à 20:24
Pas cool.

Lance une restauration du système à partir du menu "réparer mon ordinateur".
Au moment du changement d'écran, après le premier écran.
Tapote sur F8. Tu dois avoir un menu avec en premier "réparer mon ordinateur".

Voir second paragraphe : https://forum.malekal.com/viewtopic.php?t=20428&start=#p166847

Laisse toi guider pour lancer une restauration du système.
0
Réponse 66 / 75
dframboise Messages postés 165 Date d'inscription dimanche 7 octobre 2007 Statut Membre Dernière intervention 14 mai 2021 1
8 sept. 2013 à 12:54
Bonjour,

Pas eu besoin, mon fils a tout débrancher les prériphériques puis tout rebrancher ce matin et c'est reparti. En tout cas merci.

Maintenant faut que je t'envoie le rapport OTL si je me souviens bien.

Cela doit être celui là :

OTL logfile created on: 07/09/2013 18:36:39 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TULIP Vision\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,15% Memory free
4,00 Gb Paging File | 2,52 Gb Available in Paging File | 63,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 301,82 Gb Free Space | 50,64% Space Free | Partition Type: NTFS
Drive D: | 76,68 Gb Total Space | 76,49 Gb Free Space | 99,76% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 125,10 Gb Free Space | 41,97% Space Free | Partition Type: NTFS
Drive G: | 3,61 Gb Total Space | 2,53 Gb Free Space | 70,28% Space Free | Partition Type: FAT32
Drive H: | 14,94 Gb Total Space | 0,27 Gb Free Space | 1,81% Space Free | Partition Type: FAT32

Computer Name: TULIPVISION-PC | User Name: TULIP Vision | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - File not found --
PRC - [2013/09/07 17:40:08 | 008,355,840 | ---- | M] (MediaGet LLC) -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\mediaget.exe
PRC - [2013/09/07 16:52:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\TULIP Vision\Downloads\OTL.exe
PRC - [2013/06/09 15:31:36 | 000,202,576 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\RaMaint.exe
PRC - [2013/06/09 15:31:17 | 000,375,120 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2013/05/29 12:34:28 | 000,449,248 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/04 18:13:54 | 000,070,832 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012/10/31 00:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/31 00:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/10/10 12:22:30 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2012/08/24 15:41:32 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2011/06/10 08:23:52 | 000,959,880 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe
PRC - [2011/03/07 12:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
PRC - [2011/01/17 17:37:42 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 17:37:42 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/01/11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2008/06/30 21:38:32 | 000,253,952 | R--- | M] (Stanford University) -- C:\Program Files\Folding@Home #01\Folding@Home #02\FAH-Console.exe
PRC - [2008/06/30 21:38:32 | 000,253,952 | R--- | M] (Stanford University) -- C:\Program Files\Folding@Home #01\Folding@Home #01\FAH-Console.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/05/17 10:51:16 | 000,207,872 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
MOD - [2013/02/04 18:13:54 | 000,070,832 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012/09/18 11:42:00 | 000,593,920 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2012/04/30 11:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2011/11/16 15:54:32 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/07/07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\Report.dll
MOD - [2011/05/05 10:46:46 | 002,293,248 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\QtCore4.dll
MOD - [2011/03/30 12:48:38 | 000,220,672 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\imageformats\qmng4.dll
MOD - [2011/03/30 12:48:22 | 000,026,624 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\imageformats\qgif4.dll
MOD - [2011/03/30 12:48:14 | 000,196,608 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\imageformats\qjpeg4.dll
MOD - [2011/03/30 09:31:28 | 000,266,752 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\phonon4.dll
MOD - [2011/03/30 09:16:34 | 008,173,568 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\QtGui4.dll
MOD - [2011/03/30 08:59:26 | 000,971,776 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\QtNetwork4.dll
MOD - [2011/03/30 08:57:58 | 000,339,968 | ---- | M] () -- C:\Users\TULIP Vision\AppData\Local\MediaGet2\QtXml4.dll
MOD - [2010/01/11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\VObject.dll
MOD - [2009/02/14 05:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\BrowseFox\updateBrowseFox.exe -- (Update BrowseFox)
SRV - [2013/08/29 09:51:29 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/30 13:12:14 | 001,207,648 | ---- | M] (TorchMedia Inc.) [Auto | Stopped] -- C:\Users\TULIP Vision\AppData\Local\Torch\Update\TorchCrashHandler.exe -- (TorchCrashHandler)
SRV - [2013/06/09 15:31:36 | 000,202,576 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2013/06/09 15:31:17 | 000,375,120 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/01 12:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/10/31 00:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/08/24 15:41:32 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/08/08 21:17:00 | 004,865,496 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/09/18 22:52:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/09/01 16:51:28 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2010/01/11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008/06/30 21:38:32 | 000,253,952 | R--- | M] (Stanford University) [Auto | Running] -- C:\Program Files\Folding@Home #01\Folding@Home #02\FAH-Console.exe -- (FAH-02)
SRV - [2008/06/30 21:38:32 | 000,253,952 | R--- | M] (Stanford University) [Auto | Running] -- C:\Program Files\Folding@Home #01\Folding@Home #01\FAH-Console.exe -- (FAH-01)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva375.sys -- (XDva375)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva369.sys -- (XDva369)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Windows\system32\TrueSight.sys -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\TULIPV~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/09/04 11:42:53 | 000,105,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2013/09/04 11:42:27 | 000,077,528 | ---- | M] (MalwareBytes) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2013/08/31 19:10:41 | 000,053,248 | ---- | M] (eSage Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rk_remover.sys -- (rk_remover-boot)
DRV - [2013/06/09 15:31:18 | 000,086,888 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2013/05/26 16:29:33 | 000,013,624 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - [2012/10/31 00:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/31 00:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/31 00:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/31 00:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/31 00:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/15 18:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/09/27 13:03:30 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012/09/27 13:03:30 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012/08/24 15:41:32 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2012/03/07 01:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011/10/28 18:00:50 | 000,042,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2010/01/12 06:03:33 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2007/08/29 14:56:24 | 000,096,384 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\camfilt2.sys -- (camfilt2)
DRV - [2007/02/02 13:55:46 | 000,167,464 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ov530vid.sys -- (ovt530)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/03/21 17:28:30 | 000,402,944 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WlanBZXP.sys -- (SG762_XP)
DRV - [2005/12/21 09:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 09:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005/08/17 07:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 07:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2002/07/17 18:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://www.bing.com/spresults.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67004720-D16B-045A-60A3-6487A3DEFC39}: "URL" = https://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10013&barid={1910F589-0A26-11E2-BFBC-0060B3459D91}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/webhp?gws_rd=ssl{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{71C63272-91A7-436a-843D-A1C641D1C626}: "URL" = http://www1.search-results.com/web?l=dis&q=&o=APN10643&apn_dtid=%5EIME003%5EYY%5EFR&shad=s_0043&gct=ds&apn_ptnrs=%5EAG4&d=3-0&lang=en&atb=sysid%3D3%3Auid%3D537d1e3431d42a94%3Asrc%3Dieb%3Ao%3DAPN10643%3Ab%3DShareaza%3Atg%3D&p2=%5EAG4%5EIME003%5EYY%5EFR{searchTerms}
IE - HKLM\..\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}: "URL" = https://hp.tb.ask.com/tbask/index.html^AYY^xdm073^YYA^fr&si=flvrunner&ptb=D19DC7C2-137D-40F7-922C-99BF84EA6763&ind=2013082612&n=77fd33f4&psa=&st=sb&searchfor={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = https://www.search.ask.com/web?l=dis&q=&o=APN10645&apn_dtid=%5EBND406%5EYY%5EFR&shad=s_0043&apn_uid=6150148101444193&gct=ds&apn_ptnrs=%5EAG6&d=406-394&lang=en&atb=sysid%3D406%3Aappid%3D394%3Auid%3D39f659836c77cf90%3Auc2%3D96%3Atypekbn%3Dn9092%3Asrc%3Dieb%3Ao%3DAPN10645%3Atg%3D&p2=%5EAG6%5EBND406%5EYY%5EFR{searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\TULIP Vision\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_url = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fhome.microsoft.com%2faccess%2fallinone.asp%26gt%3b%3f
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 44 BE 5C 61 9C 97 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = ${searchCLSID}
IE - HKCU\..\SearchScopes\${searchCLSID}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = https://www.search.ask.com/web?l=dis&q=&o=APN10645&apn_dtid=%5EBND406%5EYY%5EFR&shad=s_0043&apn_uid=6150148101444193&gct=ds&apn_ptnrs=%5EAG6&d=406-394&lang=en&atb=sysid%3D406%3Aappid%3D394%3Auid%3D39f659836c77cf90%3Auc2%3D96%3Atypekbn%3Dn9092%3Asrc%3Dieb%3Ao%3DAPN10645%3Atg%3D&p2=%5EAG6%5EBND406%5EYY%5EFR{searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>;*.local


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Video Convert Master\codec\real\browser\plugins\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\TULIP Vision\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\SeeSimilar@SeeSimilar.com: C:\Users\TULIP Vision\AppData\Roaming\Mozilla\Extensions\SeeSimilar@SeeSimilar.com [2013/07/21 15:12:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\SeeSimilar@SeeSimilar.com: C:\Users\TULIP Vision\AppData\Roaming\Mozilla\Extensions\SeeSimilar@SeeSimilar.com [2013/07/21 15:12:14 | 000,000,000 | ---D | M]

[2013/08/27 20:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions
[2013/08/27 20:20:16 | 000,000,000 | ---D | M] (7Go Games) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\7go@7go.com
[2010/09/30 19:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2013/07/21 15:12:14 | 000,000,000 | ---D | M] (SeeSimilar) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\SeeSimilar@SeeSimilar.com
[2013/06/25 11:26:33 | 000,000,000 | ---D | M] (specialsavings) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\specialsavings@SpecialSavings.com
[2013/06/25 11:25:08 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Users\TULIP Vision\AppData\Roaming\mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
[2012/09/29 13:15:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

O1 HOSTS File: ([2011/11/08 21:40:51 | 000,000,936 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 update.microsoft.com
O1 - Hosts: 127.0.0.1 download.microsoft.com
O1 - Hosts: 127.0.0.1 downloads.microsoft.com
O1 - Hosts: 127.0.0.1 windowsupdate.microsoft.com
O1 - Hosts: 127.0.0.1 www.windowsupdate.microsoft.com
O1 - Hosts: 127.0.0.1 support.microsoft.com
O1 - Hosts: 127.0.0.1 www.symantec.com
O1 - Hosts: 127.0.0.1 liveupdate.symantecliveupdate.com
O1 - Hosts: 127.0.0.1 liveupdate.symantec.com
O1 - Hosts: 127.0.0.1 update.symantec.com
O1 - Hosts: 127.0.0.1 avpg.crsi.symantec.com
O1 - Hosts: 127.0.0.1 securityresponse.symantec.com
O1 - Hosts: 127.0.0.1 symantec.com
O1 - Hosts: 127.0.0.1 pif.symantec.com
O1 - Hosts: 127.0.0.1 pifmain.symantec.com
O1 - Hosts: 127.0.0.1 update.avg.com
O1 - Hosts: 127.0.0.1 backup.avg.cz
O1 - Hosts: 127.0.0.1 akamai.avg.com
O1 - Hosts: 127.0.0.1 u20.eset.com
O1 - Hosts: 127.0.0.1 www.eset.com
O1 - Hosts: 127.0.0.1 eset.com
O1 - Hosts: 127.0.0.1 www.mcafee.com
O1 - Hosts: 127.0.0.1 mcafee.com
O1 - Hosts: 127.0.0.1 us.mcafee.com
O1 - Hosts: 7 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [startertv_fr_8] File not found
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.dll (Pinnacle Systems)
O4 - HKCU..\Run: [Akamai NetSession Interface] "C:\Users\TULIP Vision\AppData\Local\Akamai\netsession_win.exe" File not found
O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [MediaGet2] C:\Users\TULIP Vision\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKCU..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found
O4 - HKLM..\RunOnce: [removeiLividdatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Movies Toolbar" File not found
O4 - Startup: C:\Users\TULIP Vision\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} https://kitchenplanner.ikea.com/fr/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{508A26FE-AB49-4EEC-94A8-901B583A93BB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD4FEFB2-523E-46B6-A0EB-0BAF75B46BF4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D734C3B9-74F0-436E-B96F-57EE545AD3CD}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\optimi~1\optpro~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/11/29 12:24:46 | 000,000,097 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll) - File not found
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/09/07 17:40:15 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Roaming\Media Get LLC
[2013/09/07 17:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Get LLC
[2013/09/07 08:54:29 | 000,000,000 | ---D | C] -- C:\6e3abc636b88c98120924ad73f2f8d
[2013/09/06 09:55:49 | 000,000,000 | ---D | C] -- C:\acb3f33a588a32670858e0c332
[2013/09/05 19:45:57 | 000,000,000 | ---D | C] -- C:\71c77a36b21af62bd46b
[2013/09/05 18:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TorchCrashHandler
[2013/09/05 18:31:36 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Roaming\TFP
[2013/09/05 18:31:09 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Local\Torch
[2013/09/05 18:27:03 | 000,000,000 | ---D | C] -- C:\Program Files\Movies Toolbar
[2013/09/05 18:26:38 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Local\iLivid
[2013/09/05 17:07:48 | 000,000,000 | ---D | C] -- C:\4e8c69a65fe72740687826cf06d8b9
[2013/09/05 08:39:29 | 000,000,000 | ---D | C] -- C:\51bbf6a221cba0ff8609
[2013/09/04 18:46:33 | 000,000,000 | ---D | C] -- C:\bcbad8c5ed8a47b405dd090f0c
[2013/09/04 12:46:07 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\Desktop\RK_Quarantine
[2013/09/04 12:45:45 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Local\Software
[2013/09/04 12:45:45 | 000,000,000 | ---D | C] -- C:\Program Files\Software
[2013/09/04 11:42:53 | 000,105,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2013/09/04 11:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/09/04 11:42:27 | 000,077,528 | ---- | C] (MalwareBytes) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013/09/04 11:33:03 | 000,000,000 | ---D | C] -- C:\5c8899b8f41d1ee12c80addef7
[2013/09/04 11:31:04 | 000,000,000 | ---D | C] -- C:\e7b5609a355d8551d284061905b2ad7a
[2013/09/04 11:23:07 | 000,000,000 | ---D | C] -- C:\bbd87de16c51b3e103528439
[2013/09/03 09:54:59 | 000,000,000 | ---D | C] -- C:\e0075403056d0027ca
[2013/09/02 10:16:32 | 000,000,000 | ---D | C] -- C:\b258314163f7d8a42b09e1
[2013/09/01 09:06:22 | 000,000,000 | ---D | C] -- C:\d2d8bf7982bf74336dd00b
[2013/08/31 19:10:41 | 000,053,248 | ---- | C] (eSage Lab) -- C:\Windows\System32\drivers\rk_remover.sys
[2013/08/31 18:57:06 | 000,000,000 | ---D | C] -- C:\50d8d8fcd63ca9db44
[2013/08/31 18:48:09 | 000,000,000 | ---D | C] -- C:\8a5340d6ee39a5b496da7c
[2013/08/31 08:30:23 | 000,000,000 | ---D | C] -- C:\7b8be8197447d70b570cf87b
[2013/08/30 09:27:14 | 000,000,000 | ---D | C] -- C:\53bb22f025889755ef93e0d6
[2013/08/29 12:00:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/08/28 14:21:43 | 000,000,000 | ---D | C] -- C:\fb74d7e43bff72cd4272be4c
[2013/08/28 12:44:47 | 000,000,000 | ---D | C] -- C:\76556c20d58c153cb21a62808896db
[2013/08/28 12:40:27 | 000,000,000 | ---D | C] -- C:\b14fbcd90620e55997b7
[2013/08/28 12:34:07 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Roaming\337 Wallpaper
[2013/08/28 11:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Arovax
[2013/08/28 11:15:33 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/08/28 11:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/08/28 11:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013/08/28 09:57:34 | 000,000,000 | ---D | C] -- C:\Program Files\OnecomCloudDrive
[2013/08/27 19:37:52 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Roaming\GoforFiles
[2013/08/27 19:08:17 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Local\Weather_Notifications,_LL
[2013/08/27 19:08:00 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Severe Weather Alerts
[2013/08/27 19:07:59 | 000,000,000 | ---D | C] -- C:\Users\TULIP Vision\AppData\Local\SevereWeatherAlerts
[2013/08/27 13:55:09 | 000,000,000 | ---D | C] -- C:\Program Files\PC Cleaner
[2013/08/27 10:13:55 | 000,000,000 | ---D | C] -- C:\b86b12283603ba1832
[2013/08/26 19:40:40 | 000,000,000 | ---D | C] -- C:\e1c0b4737ec1274af916
[2013/08/26 15:40:34 | 000,000,000 | ---D | C] -- C:\f7087b95b1d8926fb49ea72c7f78b725
[2013/08/22 11:37:07 | 000,000,000 | ---D | C] -- C:\f754d3ccf680fdcae79d6ca89cf0710a
[2013/08/20 09:18:20 | 000,000,000 | ---D | C] -- C:\e404901a8a2cfdb377310d4907
[2013/08/18 13:24:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\TULIP Vision\Desktop\*.tmp files -> C:\Users\TULIP Vision\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\TULIP Vision\Documents\*.tmp files -> C:\Users\TULIP Vision\Documents\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/09/07 18:30:01 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/07 18:17:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/07 17:53:34 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/07 17:53:34 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/07 13:30:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/07 09:09:07 | 000,697,522 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/09/07 09:09:07 | 000,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/09/07 09:09:07 | 000,128,356 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/09/07 09:09:07 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/09/07 08:53:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/07 08:53:08 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/05 18:31:50 | 000,002,097 | ---- | M] () -- C:\Users\TULIP Vision\Desktop\Facebook.lnk
[2013/09/05 18:31:50 | 000,002,095 | ---- | M] () -- C:\Users\TULIP Vision\Desktop\Youtube.lnk
[2013/09/04 18:43:56 | 000,001,164 | ---- | M] () -- C:\Users\TULIP Vision\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/09/04 18:43:56 | 000,000,994 | ---- | M] () -- C:\Users\TULIP Vision\Desktop\Internet Explorer.lnk
[2013/09/04 11:42:53 | 000,105,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2013/09/04 11:42:27 | 000,077,528 | ---- | M] (MalwareBytes) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013/08/31 19:10:41 | 000,053,248 | ---- | M] (eSage Lab) -- C:\Windows\System32\drivers\rk_remover.sys
[2013/08/29 09:51:29 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/08/29 09:51:29 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/08/27 20:13:03 | 000,000,000 | ---- | M] () -- C:\Users\TULIP Vision\opera.exe
[2013/08/27 20:13:03 | 000,000,000 | ---- | M] () -- C:\Users\TULIP Vision\jucheck.exe
[2013/08/27 19:08:50 | 000,773,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2013/08/27 19:08:49 | 000,420,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
[2013/08/18 13:24:44 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\TULIP Vision\Desktop\*.tmp files -> C:\Users\TULIP Vision\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\TULIP Vision\Documents\*.tmp files -> C:\Users\TULIP Vision\Documents\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/09/05 18:31:50 | 000,002,097 | ---- | C] () -- C:\Users\TULIP Vision\Desktop\Facebook.lnk
[2013/09/05 18:31:50 | 000,002,095 | ---- | C] () -- C:\Users\TULIP Vision\Desktop\Youtube.lnk
[2013/09/05 18:31:50 | 000,001,201 | ---- | C] () -- C:\Users\TULIP Vision\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
[2013/09/05 18:31:08 | 000,001,061 | ---- | C] () -- C:\Users\TULIP Vision\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
[2013/08/27 20:13:03 | 000,000,000 | ---- | C] () -- C:\Users\TULIP Vision\opera.exe
[2013/08/27 20:13:03 | 000,000,000 | ---- | C] () -- C:\Users\TULIP Vision\jucheck.exe
[2013/08/18 13:24:44 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/09/13 17:36:48 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini
[2012/09/13 17:36:48 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini
[2012/01/30 19:40:11 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/01/08 16:17:37 | 000,221,184 | --S- | C] () -- C:\Windows\System32\glut32.dll
[2011/11/26 10:54:48 | 000,003,065 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
[2011/11/26 10:52:23 | 000,669,416 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2011/11/26 10:52:23 | 000,017,680 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/11/01 13:23:21 | 000,286,208 | ---- | C] () -- C:\Windows\System32\binkw32.dll
[2011/10/29 11:30:00 | 000,374,272 | ---- | C] () -- C:\Windows\System32\mss32.dll
[2011/06/13 16:38:15 | 000,595,341 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011/06/12 11:37:14 | 000,017,408 | ---- | C] () -- C:\Users\TULIP Vision\AppData\Local\WebpageIcons.db
[2011/06/11 17:50:07 | 000,010,216 | --S- | C] () -- C:\Users\TULIP Vision\AppData\Local\e1i8cp645hqv0g03h401
[2011/06/11 17:50:07 | 000,010,216 | --S- | C] () -- C:\ProgramData\e1i8cp645hqv0g03h401
[2010/09/25 19:25:01 | 000,031,232 | ---- | C] () -- C:\Users\TULIP Vision\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/07/27 16:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2011/06/13 20:08:20 | 000,000,000 | ---- | M] ()(C:\Windows\System32\?????) -- C:\Windows\System32\?????
[2011/06/13 20:06:54 | 000,000,000 | ---- | C] ()(C:\Windows\System32\?????) -- C:\Windows\System32\?????

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 177 bytes -> C:\Users\TULIP Vision\AppData\Local\Temp:SL_{42726572-7361-6369-352e-30312e303033}
@Alternate Data Stream - 16 bytes -> C:\Users\TULIP Vision\Downloads:Shareaza.GUID
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:81405BF2
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:98181191
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:466F9D5D
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

Bon maintenant j'attends la suite.
0
Réponse 67 / 75
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
8 sept. 2013 à 12:56
Bonne nouvelle.

MediaGet est tjrs là, donc je pense que tu n'as pas fait cette correction : https://forums.commentcamarche.net/forum/affich-28608450-envahi-de-virus-dont-qv6-et-d-autres?page=4#106
0
Réponse 68 / 75
dframboise Messages postés 165 Date d'inscription dimanche 7 octobre 2007 Statut Membre Dernière intervention 14 mai 2021 1
8 sept. 2013 à 13:07
Mediaget n'est plus apparent dans les programmes j'avais bien redémarrer le PC pour essayer de t'enoyer le rapport OTL ensuite que j'avais fait juste avant mais c'est que ça a planté. Depuis j'ai démarré le PC normalement sous Windows. Dois encore refaire un scan OTL?
0
Réponse 69 / 75
dframboise Messages postés 165 Date d'inscription dimanche 7 octobre 2007 Statut Membre Dernière intervention 14 mai 2021 1
8 sept. 2013 à 16:16
Pas de réponse???
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
8 sept. 2013 à 20:32
Tes plantages sont surement dû à un problème matériel.
0
Réponse 70 / 75
dframboise
9 sept. 2013 à 11:58
Ah, dans ce cas là on fait quoi? Rien car on ne sait pas d'où ça vient je suppose tu vas me dire.
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
9 sept. 2013 à 12:05
ben ça dépend la fréquence.
Les programmes plantent toutes les 5minutes ou c'est genre juste 1 par heure ?
0
Réponse 71 / 75
dframboise
9 sept. 2013 à 13:00
N'étant pas toujours derrière mon PC tout le temps je ne peux pas savoir, par contre ce que je peux dire c'est que lorsque parfois je joue à un jeu banal et bien il disparait et je me retrouve avec une page différente d'un autre site d'internet que je suis certaine de ne pas avoir ouverte puisue je suis en train de jouer avec les pavé de fleche et à la lilmite l' bouton "Entrée".
0
Réponse 72 / 75
dframboise Messages postés 165 Date d'inscription dimanche 7 octobre 2007 Statut Membre Dernière intervention 14 mai 2021 1
11 sept. 2013 à 13:12
Bon c'est donc aléatoire, ça n'arrive pas que lorsque je joue, dès fois j'écris des messages et "pof" la page disparait ^je n'ai pu envoyer, et je crois même sur des documents word.

Dois-je considérer mon problème résolu Malekal?
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
Modifié par Malekal_morte- le 11/09/2013 à 13:55
C'est un problèmé matériel, je pense.

Pour le nettoyage, je pense que l'on a terminé.
0
Réponse 73 / 75
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
11 sept. 2013 à 13:55
C'est bon :)


Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.



Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/
0
Réponse 74 / 75
dframboise Messages postés 165 Date d'inscription dimanche 7 octobre 2007 Statut Membre Dernière intervention 14 mai 2021 1
11 sept. 2013 à 17:35
Je te remercie énormément Malekal, une dernière question, bon j'ai installé malwarebyte que j'avais avant mais dos-je aussi installer Winwar 2011, après cela je te fiche la paix.
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
11 sept. 2013 à 18:19
Pourquoi tu veux installer winrar?
0
Réponse 75 / 75
dframboise Messages postés 165 Date d'inscription dimanche 7 octobre 2007 Statut Membre Dernière intervention 14 mai 2021 1
11 sept. 2013 à 18:53
j'avais cru comprendre que c'était nécessaire, donc je me contente de malwarebyte que j'avais déjà avant et m'en serviari de temps en temps.

Je te remerci encore, bon il me reste des problèmes mais au moins il y a eu du nettoyage et QVO6 a disparu.

Je vois que tu as mis "résolu" donc je n'ai pas besoin de le faire.
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 660
11 sept. 2013 à 18:54
y a pas besoin de Winrar pour pouvoir utiliser Malwarebytes.
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Virus MSN Tinyurl
djkifkif -
matt56430 -

8 réponses