Sujet Précédent Sujet Suivant

VIRUS QV06

Fermé
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019 - 5 janv. 2014 à 17:58
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019 - 28 févr. 2014 à 15:59
Bonjour,
J'ai été contaminé par le QV06.
Google Chrome est OK.
Malwarebytes fait avec scan complet mais virus impossible à enlever d'internet explorer.
J'ai suivi tous les conseils vus sur les forums.
Merci de me donner la solution.
A voir également:

236 réponses

Précédent
Réponse 101 / 236
billmaxime Messages postés 50447 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 4 janvier 2025 6 011
14 janv. 2014 à 19:09
re

J'ai refait clic droit sur ZHPDIAG Même message "Violation etc ...


fait ceci s'il te plaît (coche bien les 2 cases)

http://www.overclocking-pc.fr/forums/showthread.php?13174-TUTO-Commande-CHKDSK

laisse bosser le pc (ça peut prendre du temps)

dis moi si tu vois 1 différence


@+

0
Réponse 102 / 236
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019
14 janv. 2014 à 20:21
Hello,

J'ai fait exactement ce que tu m'as dit.

RAS.

Toujours le même message "Violation etc ....

T'embête pas, si impossible à enlever, je reste comme ça.

Est ce que c'est grave ?

BE
0
Réponse 103 / 236
billmaxime Messages postés 50447 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 4 janvier 2025 6 011
14 janv. 2014 à 21:43
re

T'embête pas, si impossible à enlever, je reste comme ça.

Est ce que c'est grave ?

je ne pense pas, car le scan avec OTL "passe" mais c'est pas normal

fait ceci via l'invite de commande (regarde la solution n°2 pour vista)

ATTENTION, il y a 1 espace entre "sfc et scannow" (commande sfc(espace avec la barre "espace" scannow)

http://www.vista-xp.fr/forum/topic346.html

ps: dis moi si ça fonctionne

merci

@+
0
Réponse 104 / 236
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019
14 janv. 2014 à 23:41
Hello,

Je m'en occupe demain.

Bonne jounée.

BE
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 105 / 236
billmaxime Messages postés 50447 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 4 janvier 2025 6 011
15 janv. 2014 à 09:13
salut

ok, et tu me dira comment ça va

merci

@+
0
Réponse 106 / 236
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019
15 janv. 2014 à 10:07
Hello,

J'ai fait exactement ce que tu m'as dit et j'ai eu le message par lequel les fichiers ont été réparés.

J'ai redémarré et essayé un diag.

Toujours même message à 20% " Violation etc ....

C'est décourageant.

A+

BE
0
Réponse 107 / 236
billmaxime Messages postés 50447 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 4 janvier 2025 6 011
15 janv. 2014 à 15:43
re

J'ai redémarré et essayé un diag.

Toujours même message à 20% " Violation etc ....


tu peux me dire sur quoi il bloque

merci

@+
0
Réponse 108 / 236
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019
15 janv. 2014 à 15:49
Hello,

Il y a marqué "start of entries. Et en dessous Valeu de registre Applnit_DLLS et sous clés Winlogon Notify (autorun) 020.

Merci pour ton aide.

BE
0
Réponse 109 / 236
billmaxime Messages postés 50447 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 4 janvier 2025 6 011
15 janv. 2014 à 16:20
re

clique sur démarrer, et dans la barre de recherche tape "msconfig" puis "enter""

dans la page de "msconfig" clique sur "démarrage" (4ème bouton)

dans la fenêtre qui s'ouvre, clique sur "désactiver tout" sauf l'antivirus

clique sur "appliquer" et "ok"

redémarre le pc et retente le scan avec zhpdiag

merci

@+
0
Réponse 110 / 236
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019
15 janv. 2014 à 16:38
Hello,

Toujours pareil même message.

Ma pendule en haut à droite à disparu.

Dois je refaire un msconfig ?

BE
0
Réponse 111 / 236
billmaxime Messages postés 50447 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 4 janvier 2025 6 011
Modifié par billmaxime le 15/01/2014 à 16:55
re

relance "msconfig" , clique sur le 4ème bouton "démarrage" et re-sélectionne "tout" au démarrage

clique sur "appliquer" et "ok"

redémarre le pc

Il y a marqué "start of entries. Et en dessous Valeu de registre Applnit_DLLS et sous clés Winlogon Notify (autorun) 020.

tu ne vois d'autre écrit a la suite?

@+


le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl
0
Réponse 112 / 236
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019
15 janv. 2014 à 16:59
Hello,

Il n'y a rien d'autre.

Par contre je dois m'absenter.

A+ et encore merci.

BE
0
Réponse 113 / 236
billmaxime Messages postés 50447 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 4 janvier 2025 6 011
15 janv. 2014 à 17:02
re

ok, envoie 1 message quand tu repasses sur le topic

merci

@+
0
Réponse 114 / 236
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019
15 janv. 2014 à 19:04
Hello,

Si tu as une autre idée.

N'hésite pas.

BE
0
Réponse 115 / 236
billmaxime Messages postés 50447 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 4 janvier 2025 6 011
15 janv. 2014 à 22:01
re

refait 1 scan avec OTL et poste le rapport s'il te plaît

http://sosvirus.net/viewtopic.php?f=281&t=597

n'oublie pas de copier/coller le script dans "personnalisation" avant de lancer le scan


merci

@+

0
Réponse 116 / 236
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019
16 janv. 2014 à 10:44
Hello,

J'ai essayé de faire ce que tu me disais.

J'avais gardé OTL sur mon bureau mais le script ne se lancait pas.

J'ai fait suppr et retéléchargé OTL sur mon bureau.

Le script ne s'affiche pas.

Que doit je faire ?

Merci et bonne journée.
0
Réponse 117 / 236
billmaxime Messages postés 50447 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 4 janvier 2025 6 011
16 janv. 2014 à 16:22
re

dans la page de téléchargement pour OTL, tu dois cliquer sur "~ Le Script à copier est >> ici <<" et le script va s'afficher

ensuite, tu fais le copies, puis tu le colles dans "personnalisation"

a la fin su scan les rapports s'afficheront sur ton bureau (OTL et OTL EXTRA)

poste les rapports via ce lien https://www.cjoint.com/ (1 rapport par lien)

merci

@+
0
Réponse 118 / 236
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019
17 janv. 2014 à 10:10
OTL logfile created on: 17/01/2014 09:51:56 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dominique\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 0,67 Gb Available Physical Memory | 33,62% Memory free
4,21 Gb Paging File | 2,79 Gb Available in Paging File | 66,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 52,10 Gb Free Space | 34,95% Space Free | Partition Type: NTFS

Computer Name: PC-DE-DOMINIQUE | User Name: Dominique | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014/01/16 10:42:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominique\Desktop\OTL (1).exe
PRC - [2014/01/06 14:03:11 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/06 14:03:11 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/09/04 11:16:42 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/09/04 11:16:40 | 001,564,528 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2013/07/18 06:34:30 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/11/06 21:58:20 | 000,294,912 | ---- | M] () -- C:\Program Files\HomePlayer\HomePlayer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/01/12 20:05:31 | 014,971,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\42b813c447c75247166ec04765afa0fd\Kies.Theme.ni.dll
MOD - [2014/01/12 20:05:16 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\1f0027391b7dd5a510bbe91b94f9836d\ASF_cSharpAPI.ni.dll
MOD - [2014/01/12 20:05:16 | 000,064,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\8656c59054c54eff6d74c66f94688bd2\Kies.Common.AllShare.ni.dll
MOD - [2014/01/12 20:04:44 | 002,198,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common23b84511#\ed796834b3eaaad98098d19d47f6e557\Kies.Common.Multimedia.ni.dll
MOD - [2014/01/12 20:04:41 | 000,186,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\dc66ca2905302edf9041fab89e096a25\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2014/01/12 20:04:30 | 001,677,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\6f97ba4e17037fa5b7452d1baf3ab45f\Kies.Locale.ni.dll
MOD - [2014/01/12 20:04:30 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\102ed75142b527655d0df26d463eb685\Kies.Common.Util.ni.dll
MOD - [2014/01/12 20:04:29 | 001,822,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\6af011bab37a0e8a147b641e31e49201\Kies.UI.ni.dll
MOD - [2014/01/12 20:04:29 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\3eaa7e3947cea5c6893ba56c2d010ada\Kies.MVVM.ni.dll
MOD - [2014/01/12 20:04:25 | 001,251,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\ec5b806eb0a1204aaeec99a8517f8f34\Kies.Interface.ni.dll
MOD - [2014/01/12 20:04:18 | 002,138,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\01398443791e63c80578bd4e345ac12c\Kies.ni.exe
MOD - [2014/01/12 20:04:05 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\79f6324a598a7c4446a4a1168be7c4b1\System.ni.dll
MOD - [2014/01/12 20:03:58 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\045c9588954c3662d542b53f4462268b\mscorlib.ni.dll
MOD - [2014/01/12 19:00:22 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\3bc7ec22c021d74dce4f8230f3631fca\System.ServiceProcess.ni.dll
MOD - [2014/01/12 19:00:11 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\639f444db9491d25b5d158531e1f7d9b\System.Xaml.ni.dll
MOD - [2014/01/12 19:00:07 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a2eb039301af47660eebc7566ce02b9c\PresentationFramework.ni.dll
MOD - [2014/01/12 19:00:06 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d91f3556f8011a5d48e1448e3fa8df9e\System.Xml.ni.dll
MOD - [2014/01/12 18:59:59 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\034c34ee777c7a2efc9c631b1179211c\System.Runtime.Remoting.ni.dll
MOD - [2014/01/12 18:59:48 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b9fe579783a35b57dd7e69375f35e239\PresentationCore.ni.dll
MOD - [2014/01/12 18:59:31 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ef90aeb894485d14b249d102309b6df3\WindowsBase.ni.dll
MOD - [2014/01/12 18:59:30 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\4e69f1e7d86d79012db2d7e0dadc8880\System.Core.ni.dll
MOD - [2014/01/12 18:59:27 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\1f56d5786274992934de0c900431c447\System.Configuration.ni.dll
MOD - [2014/01/06 14:03:16 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
MOD - [2013/12/04 03:48:03 | 013,586,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013/12/04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2007/11/06 21:58:20 | 000,294,912 | ---- | M] () -- C:\Program Files\HomePlayer\HomePlayer.exe


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2014/01/06 14:03:11 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/07/18 06:34:30 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2008/01/21 03:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2014/01/06 14:03:18 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/06 14:03:18 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/06 14:03:18 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/06 14:03:18 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/06 14:03:18 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/01/06 14:03:18 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2014/01/06 14:03:18 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/07/18 06:34:28 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2012/06/27 09:37:56 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2012/06/27 09:37:56 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2012/06/27 09:37:56 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2012/06/27 09:37:56 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2011/02/16 16:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2010/11/22 09:50:19 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/04/11 05:38:59 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)
DRV - [2008/01/21 03:23:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/09/26 08:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 A2 E5 CF 9E E1 CB 01 [binary data]
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0F0CzztDtCzzzyzz0ByC0DtN0D0Tzu0SyBtAzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1084642501&ir=
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/06 14:03:19 | 000,000,000 | ---D | M]

[2013/03/18 10:51:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominique\AppData\Roaming\mozilla\Extensions
[2010/12/30 09:19:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominique\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013/08/24 12:56:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2013/08/24 12:57:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Mysearchdial (Enabled)
CHR - default_search_provider: search_url = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0F0CzztDtCzzzyzz0ByC0DtN0D0Tzu0SyBtAzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1084642501&ir=
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms},
CHR - homepage: https://www.google.com/?gws_rd=ssl
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Documents Google = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google\u00A0Drive = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Recherche Google = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google\u00A0Wallet = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2010/12/23 20:08:04 | 000,000,780 | R-S- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HomePlayer] C:\Program Files\HomePlayer\HomePlayer.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000..\Run: [Bubble Dock] "C:\Users\Dominique\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup File not found
O4 - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000..\Run: [Hoolapp Android] "C:\Users\DOMINI~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized File not found
O4 - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD8F67C7-A9CB-46D0-AE9E-A7BDD26C6C21}: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dominique\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dominique\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - State: "startup" - 0
MsConfig - State: "bootini" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sr.sys - FSFilter System Recovery
SafeBootMin: SRService - Service
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
System Restore Service not available.

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014/01/16 10:42:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dominique\Desktop\OTL (1).exe
[2014/01/15 16:29:30 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/01/13 13:18:43 | 000,000,000 | ---D | C] -- C:\Users\Dominique\Desktop\RK_Quarantine
[2014/01/12 19:24:49 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2014/01/12 19:24:49 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2014/01/12 19:24:47 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2014/01/12 19:24:39 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2014/01/12 19:23:37 | 000,000,000 | ---D | C] -- C:\history
[2014/01/12 19:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2014/01/12 18:52:24 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/01/12 18:33:21 | 000,000,000 | ---D | C] -- C:\875ea7a7d5d3f4eb1008374ce1ecba6b
[2014/01/10 20:43:51 | 000,000,000 | ---D | C] -- C:\Users\Dominique\.android
[2014/01/10 20:43:47 | 000,000,000 | ---D | C] -- C:\Users\Dominique\Documents\Mobogenie
[2014/01/10 20:43:47 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Local\Mobogenie
[2014/01/10 20:43:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie
[2014/01/10 20:39:31 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\DigitalSites
[2014/01/10 13:03:21 | 000,000,000 | ---D | C] -- C:\Pre_Scan
[2014/01/08 18:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2014/01/08 18:14:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/08 18:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2014/01/08 18:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2014/01/08 18:03:02 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\LavFilters
[2014/01/08 18:03:02 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\CDXReader
[2014/01/08 18:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\DSP-worx
[2014/01/08 18:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2014/01/08 18:02:22 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Local\cache
[2014/01/08 18:02:21 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Local\genienext
[2014/01/08 17:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/08 17:54:55 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/08 17:54:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/01/08 08:02:35 | 029,040,552 | ---- | C] (Oracle Corporation) -- C:\Users\Dominique\Desktop\jre-7u45-windows-i586.exe
[2014/01/08 07:56:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/01/08 07:55:26 | 050,560,384 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Dominique\Desktop\AdbeRdr11004_fr_FR.exe
[2014/01/07 18:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2014/01/07 18:13:55 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\ZHP
[2014/01/07 09:14:54 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2014/01/07 09:05:48 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\AVAST Software
[2014/01/06 14:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/06 13:51:02 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys.bak
[2014/01/06 13:51:01 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys.bak
[2014/01/06 13:51:01 | 000,011,520 | ---- | C] (Western Digital Technologies) -- C:\Windows\System32\drivers\wdcsam.sys.bak
[2014/01/06 13:51:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys.bak
[2014/01/06 13:50:58 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys.bak
[2014/01/06 13:50:57 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys.bak
[2014/01/06 13:50:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbccid.sys.bak
[2014/01/06 13:50:57 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys.bak
[2014/01/06 13:50:56 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys.bak
[2014/01/06 13:50:56 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys.bak
[2014/01/06 13:50:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys.bak
[2014/01/06 13:50:53 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys.bak
[2014/01/06 13:50:53 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys.bak
[2014/01/06 13:50:52 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys.bak
[2014/01/06 13:50:52 | 000,100,224 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bserd.sys.bak
[2014/01/06 13:50:52 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys.bak
[2014/01/06 13:50:52 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys.bak
[2014/01/06 13:50:52 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwh.sys.bak
[2014/01/06 13:50:51 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys.bak
[2014/01/06 13:50:51 | 000,098,432 | ---- | C] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys.bak
[2014/01/06 13:50:51 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys.bak
[2014/01/06 13:50:51 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys.bak
[2014/01/06 13:50:51 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcm.sys.bak
[2014/01/06 13:50:50 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys.bak
[2014/01/06 13:50:50 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys.bak
[2014/01/06 13:50:48 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys.bak
[2014/01/06 13:50:48 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys.bak
[2014/01/06 13:50:47 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys.bak
[2014/01/06 13:50:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys.bak
[2014/01/06 13:50:44 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys.bak
[2014/01/06 13:50:43 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys.bak
[2014/01/06 13:50:39 | 002,251,776 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys.bak
[2014/01/06 13:50:39 | 002,225,664 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys.bak
[2014/01/06 13:50:39 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys.bak
[2014/01/06 13:50:34 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys.bak
[2014/01/06 13:50:34 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys.bak
[2014/01/06 13:50:32 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys.bak
[2014/01/06 13:50:32 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys.bak
[2014/01/06 13:50:28 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys.bak
[2014/01/06 13:50:28 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys.bak
[2014/01/06 13:50:27 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS.bak
[2014/01/06 13:50:24 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys.bak
[2014/01/06 13:50:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys.bak
[2014/01/06 13:50:24 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys.bak
[2014/01/06 13:50:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys.bak
[2014/01/06 13:50:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys.bak
[2014/01/06 13:50:23 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\Windows\System32\drivers\dgderdrv.sys.bak
[2014/01/06 13:50:22 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys.bak
[2014/01/06 13:50:22 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys.bak
[2014/01/06 13:50:20 | 000,028,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys.bak
[2014/01/06 13:50:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys.bak
[2014/01/06 13:50:19 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys.bak
[2014/01/06 13:50:16 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys.bak
[2014/01/05 09:52:29 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\Malwarebytes
[2014/01/05 09:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/05 07:06:11 | 006,852,616 | ---- | C] (ESTsoft Corp. ) -- C:\Users\Dominique\Documents\ALZip [1].exe
[2012/03/24 18:30:26 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Dominique\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014/01/17 09:38:26 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/17 09:38:16 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 09:38:16 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 09:38:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/17 09:38:08 | 2136,965,120 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/16 10:42:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominique\Desktop\OTL (1).exe
[2014/01/15 20:09:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/13 18:02:18 | 000,047,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys.bak
[2014/01/13 18:02:18 | 000,017,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys.bak
[2014/01/13 18:02:17 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys.bak
[2014/01/13 18:02:17 | 000,011,520 | ---- | M] (Western Digital Technologies) -- C:\Windows\System32\drivers\wdcsam.sys.bak
[2014/01/13 18:02:16 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys.bak
[2014/01/13 18:02:15 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys.bak
[2014/01/13 18:02:15 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbccid.sys.bak
[2014/01/13 18:02:15 | 000,006,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys.bak
[2014/01/13 18:02:14 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys.bak
[2014/01/13 18:02:14 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys.bak
[2014/01/13 18:02:14 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys.bak
[2014/01/13 18:02:12 | 000,122,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys.bak
[2014/01/13 18:02:12 | 000,052,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys.bak
[2014/01/13 18:02:12 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys.bak
[2014/01/13 18:02:12 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys.bak
[2014/01/13 18:02:11 | 000,123,648 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys.bak
[2014/01/13 18:02:11 | 000,100,224 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bserd.sys.bak
[2014/01/13 18:02:11 | 000,098,432 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys.bak
[2014/01/13 18:02:11 | 000,014,848 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys.bak
[2014/01/13 18:02:11 | 000,012,416 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys.bak
[2014/01/13 18:02:11 | 000,012,416 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcm.sys.bak
[2014/01/13 18:02:11 | 000,012,288 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys.bak
[2014/01/13 18:02:11 | 000,012,288 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwh.sys.bak
[2014/01/13 18:02:10 | 000,684,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys.bak
[2014/01/13 18:02:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys.bak
[2014/01/13 18:02:09 | 000,142,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys.bak
[2014/01/13 18:02:09 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys.bak
[2014/01/13 18:02:08 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys.bak
[2014/01/13 18:02:08 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys.bak
[2014/01/13 18:02:06 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys.bak
[2014/01/13 18:02:05 | 000,043,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys.bak
[2014/01/13 18:02:03 | 002,251,776 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys.bak
[2014/01/13 18:02:02 | 002,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys.bak
[2014/01/13 18:02:02 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys.bak
[2014/01/13 18:01:58 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys.bak
[2014/01/13 18:01:58 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys.bak
[2014/01/13 18:01:58 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys.bak
[2014/01/13 18:01:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys.bak
[2014/01/13 18:01:55 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys.bak
[2014/01/13 18:01:55 | 000,025,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys.bak
[2014/01/13 18:01:54 | 000,099,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS.bak
[2014/01/13 18:01:52 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys.bak
[2014/01/13 18:01:52 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys.bak
[2014/01/13 18:01:52 | 000,027,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys.bak
[2014/01/13 18:01:52 | 000,020,032 | ---- | M] (Devguru Co., Ltd) -- C:\Windows\System32\drivers\dgderdrv.sys.bak
[2014/01/13 18:01:52 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys.bak
[2014/01/13 18:01:52 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys.bak
[2014/01/13 18:01:51 | 000,035,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys.bak
[2014/01/13 18:01:50 | 000,125,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys.bak
[2014/01/13 18:01:49 | 000,109,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys.bak
[2014/01/13 18:01:49 | 000,028,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys.bak
[2014/01/13 18:01:49 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys.bak
[2014/01/13 18:01:46 | 000,053,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys.bak
[2014/01/13 13:17:54 | 003,810,304 | ---- | M] () -- C:\Users\Dominique\Desktop\RogueKiller.exe
[2014/01/12 19:41:28 | 000,001,768 | ---- | M] () -- C:\Users\Dominique\Desktop\ZHPFix.lnk
[2014/01/12 19:41:28 | 000,001,645 | ---- | M] () -- C:\Users\Dominique\Desktop\ZHPDiag.lnk
[2014/01/12 18:58:27 | 000,726,038 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/01/12 18:58:27 | 000,638,182 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/12 18:58:27 | 000,147,962 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/01/12 18:58:27 | 000,121,688 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/10 21:03:40 | 000,000,401 | ---- | M] () -- C:\Users\Dominique\Desktop\Pre_Scan - Raccourci.lnk
[2014/01/10 20:39:59 | 000,000,108 | ---- | M] () -- C:\Users\Dominique\AppData\Roaming\WB.CFG
[2014/01/10 20:39:59 | 000,000,005 | ---- | M] () -- C:\Users\Dominique\AppData\Roaming\WBPU-TTL.DAT
[2014/01/10 20:17:11 | 000,001,657 | ---- | M] () -- C:\Users\Dominique\Desktop\Donate.lnk
[2014/01/10 20:17:10 | 000,000,797 | ---- | M] () -- C:\Users\Dominique\Desktop\Internet Explorer.lnk
[2014/01/08 20:35:43 | 002,697,728 | ---- | M] () -- C:\Users\Dominique\Desktop\Pre_Scan.exe
[2014/01/08 18:20:48 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/08 18:14:00 | 001,233,962 | ---- | M] () -- C:\Users\Dominique\Desktop\adwcleaner-3.016.exe
[2014/01/08 14:21:46 | 000,000,299 | ---- | M] () -- C:\Users\Dominique\Desktop\Dominique - Raccourci.lnk
[2014/01/08 08:02:11 | 029,040,552 | ---- | M] (Oracle Corporation) -- C:\Users\Dominique\Desktop\jre-7u45-windows-i586.exe
[2014/01/08 07:57:12 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/08 07:54:59 | 050,560,384 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Dominique\Desktop\AdbeRdr11004_fr_FR.exe
[2014/01/06 14:03:38 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/06 14:03:18 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/06 14:03:18 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/06 14:03:18 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/06 14:03:18 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/06 14:03:18 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/01/06 14:03:18 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2014/01/06 14:03:18 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/06 14:03:16 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/06 14:03:16 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/06 13:56:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2014/01/05 18:34:34 | 000,001,357 | ---- | M] () -- C:\Users\Dominique\Desktop\mbam-log-2014-01-05 (09-54-33) - Raccourci.lnk
[2014/01/05 07:06:11 | 006,852,616 | ---- | M] (ESTsoft Corp. ) -- C:\Users\Dominique\Documents\ALZip [1].exe
[2014/01/04 18:20:20 | 001,138,397 | ---- | M] () -- C:\Users\Dominique\Documents\7z922 [1].exe
[2014/01/01 17:45:39 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/01/13 13:18:33 | 003,810,304 | ---- | C] () -- C:\Users\Dominique\Desktop\RogueKiller.exe
[2014/01/12 18:12:50 | 2136,965,120 | -HS- | C] () -- C:\hiberfil.sys
[2014/01/10 21:03:40 | 000,000,401 | ---- | C] () -- C:\Users\Dominique\Desktop\Pre_Scan - Raccourci.lnk
[2014/01/10 20:39:59 | 000,000,005 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\WBPU-TTL.DAT
[2014/01/10 20:39:58 | 000,000,108 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\WB.CFG
[2014/01/10 20:17:11 | 000,001,657 | ---- | C] () -- C:\Users\Dominique\Desktop\Donate.lnk
[2014/01/10 16:54:54 | 002,697,728 | ---- | C] () -- C:\Users\Dominique\Desktop\Pre_Scan.exe
[2014/01/10 13:12:22 | 000,000,797 | ---- | C] () -- C:\Users\Dominique\Desktop\Internet Explorer.lnk
[2014/01/08 18:14:23 | 001,233,962 | ---- | C] () -- C:\Users\Dominique\Desktop\adwcleaner-3.016.exe
[2014/01/08 17:54:58 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/08 14:21:46 | 000,000,299 | ---- | C] () -- C:\Users\Dominique\Desktop\Dominique - Raccourci.lnk
[2014/01/08 07:57:12 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/01/08 07:57:12 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/07 18:13:58 | 000,001,768 | ---- | C] () -- C:\Users\Dominique\Desktop\ZHPFix.lnk
[2014/01/07 18:13:58 | 000,001,645 | ---- | C] () -- C:\Users\Dominique\Desktop\ZHPDiag.lnk
[2014/01/05 18:34:34 | 000,001,357 | ---- | C] () -- C:\Users\Dominique\Desktop\mbam-log-2014-01-05 (09-54-33) - Raccourci.lnk
[2014/01/04 18:22:43 | 001,138,397 | ---- | C] () -- C:\Users\Dominique\Documents\7z922 [1].exe
[2013/10/19 15:00:06 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2013/10/19 15:00:06 | 000,037,344 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2013/09/23 18:19:51 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/09/23 18:19:51 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012/12/18 10:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/12/18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012/12/18 10:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012/12/18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012/12/18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012/07/04 08:09:08 | 000,234,941 | ---- | C] () -- C:\Users\Dominique\AppData\Local\census.cache
[2012/07/04 08:08:53 | 000,156,351 | ---- | C] () -- C:\Users\Dominique\AppData\Local\ars.cache
[2012/07/04 08:00:20 | 000,000,036 | ---- | C] () -- C:\Users\Dominique\AppData\Local\housecall.guid.cache
[2012/03/24 18:30:26 | 000,007,887 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\pcouffin.cat
[2012/03/24 18:30:26 | 000,001,144 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\pcouffin.inf
[2012/03/24 18:27:28 | 000,001,057 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\vso_ts_preview.xml
[2011/12/12 08:32:41 | 000,000,450 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/23 07:47:43 | 000,023,888 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\UserTile.png
[2010/12/20 11:30:07 | 000,187,904 | ---- | C] () -- C:\Users\Dominique\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006/11/02 13:54:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2014/01/07 09:05:48 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\AVAST Software
[2012/11/12 09:54:26 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Azureus
[2014/01/08 18:03:04 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\CDXReader
[2014/01/10 20:39:31 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\DigitalSites
[2013/02/19 20:44:09 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\HoolappForAndroid
[2011/05/21 14:37:59 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\iPodder
[2014/01/08 18:03:06 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\LavFilters
[2012/03/19 16:15:05 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\OpenOffice.org
[2013/02/19 20:33:50 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Opera
[2011/05/23 07:47:42 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\PeerNetworking
[2013/08/10 14:52:59 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\player
[2012/07/02 08:38:34 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Red Kawa
[2013/10/19 14:50:32 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Samsung
[2013/09/12 18:55:17 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Software Informer
[2012/08/08 20:44:33 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\TeamViewer
[2010/12/30 09:19:44 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\TomTom
[2012/11/12 09:54:26 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Vso
[2014/01/15 19:05:38 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\ZHP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< MD5 for: AFD.SYS >[/color]
[2011/04/21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\System32\drivers\afd.sys
[2011/04/21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[2011/04/21 14:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=48EB99503533C27AC6135648E5474457 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[2011/04/21 14:28:53 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=70EE0FC7A0F384DBD929A01384AEEB4B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[2008/01/21 03:24:43 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=763E172A55177E478CB419F88FD0BA03 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[2009/04/11 05:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=A201207363AA900ABF1A388468688570 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[2011/04/21 14:12:21 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=C8AF25017CECB75906A571AC70D2D306 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856
0
Réponse 119 / 236
B EVANS Messages postés 157 Date d'inscription dimanche 5 janvier 2014 Statut Membre Dernière intervention 10 avril 2019
17 janv. 2014 à 10:17
https://www.cjoint.com/?0ArknC2iMTS

Hye,

Bonne réception.

Bonne journée.
0
Réponse 120 / 236
billmaxime Messages postés 50447 Date d'inscription dimanche 20 novembre 2011 Statut Contributeur Dernière intervention 4 janvier 2025 6 011
17 janv. 2014 à 21:50
salut

relance OTL en tant qu'administrateur (clic droit)

copie tout le texte depuis ce lien https://www.cjoint.com/?DArvRAgqnd4

colle le dans "personnalisation" de OTL>>>regarde l'image

clique sur correction

poste le rapport via ce lien https://www.cjoint.com/index.php

===================================================

ensuite, clique sur démarrer>panneau de configuration>programmes et

fonctionnalités et fait moi 1 capture d'écran>>>faire 1 capture d'écran

poste la via ce lien https://www.cjoint.com/index.php

ps: si la page complète ne rentre pas dans la capture, fait en 2

merci

@+
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses