Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par etoile127
#19975
Boujour,depuis pas mal de temps ma page se fige et autre la souris déconne totalement ou ne répond plus ou alors le rond qui tourne,tourne,tourne.Aucun virus avec AVG internet Security,je scanne avec Malwareb Pro ainsi que Spybot Destroy et parés un coup avec CCleaner.Et malgré tout le nettoyage problème :faché15: persiste.Don j'a itelecharger Usbfix,lui aussi s‚arrête de scanner à  25%.Alors SVP que faire :interro: :interro: Ma page internet est Google Chrorme,Wins 7.Je vous remercie par avance de votre aide :merci2: :bye:
Avatar du membre
par El Desaparecido
#19993
Hello :hello: ,

Bienvenue sur SosVirus :welcome:
  • Télécharge SFTGC.exe (de Pierre13) sur ton Bureau et pas ailleurs !.
  • Lance SFTGC, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
  • Clique sur GO

    Image

    Note : A la fin un rapport va s'ouvrir
  • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à  été créé.
  • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

Nous allons éffectuer un diagnostic de ton ordinateur :
  • Télécharge OTL de Old_Timer et enregistre le sur le Bureau
  • Ferme toutes les autres fenêtres et double-clique sur OTL.exe
  • Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'adminsitrateur.
  • Vérifie que les cases Tous les utilisateurs, Recherche Lop et Recherche Purity soient cochées.
  • Dans le cadre Personnalisation, copie-colle l'intégralité de ce qui suit :
Code : Tout sélectionner
netsvcs 
msconfig 
safebootminimal 
safebootnetwork 
activex 
drivers32 
%ALLUSERSPROFILE%\Application Data\*. 
%ALLUSERSPROFILE%\Application Data\*.exe /s 
%APPDATA%\*. 
%APPDATA%\*.exe /s 
%temp%\*.exe /s 
%SYSTEMDRIVE%\*.exe 
%systemroot%\*. /mp /s 
%systemroot%\system32\consrv.dll 
%systemroot%\system32\*.dll /lockedfiles 
%windir%\Tasks\*.job /lockedfiles 
%systemroot%\system32\drivers\*.sys /lockedfiles 
%systemroot%\System32\config\*.sav 
/md5start 
explorer.exe 
winlogon.exe 
services.exe 
wininit.exe 
/md5stop 
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s 
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s 
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s 
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s 
CREATERESTOREPOINT 
nslookup http://www.google.fr /c 
hklm\software\clients\startmenuinternet|command /rs 
hklm\software\clients\startmenuinternet|command /64 /rs 
CREATERESTOREPOINT
SAVEMBR:0 
  • Clique sur Analyse

    Image
  • Une fois le scan terminé 1 ou 2 rapports vont s'ouvrir OTL.txt et Extras.txt.
  • Héberge les rapports OTL.txt et Extras.txt sur cjoint.com, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    Note : Au cas oà¹, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Avatar du membre
par etoile127
#20372
Boujour,je vous remercie de vos reponses:ci-dessus le lien de SFTGC

http://upload.sosvirus.net/log/SosUploa ... c914fc.txt" onclick="window.open(this.href);return false;

Le rapport OTL

OTL Extras logfile created on: 03/12/2013 16:01:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Saida\Downloads\Programs
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,40 Gb Available Physical Memory | 20,15% Memory free
5,00 Gb Paging File | 3,00 Gb Available in Paging File | 60,02% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,95 Gb Total Space | 24,99 Gb Free Space | 16,78% Space Free | Partition Type: NTFS
Drive E: | 7,45 Gb Total Space | 5,74 Gb Free Space | 77,08% Space Free | Partition Type: FAT32

Computer Name: SAIDA-PC | User Name: Saida | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Key error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03CED74D-9877-4A86-94B1-988E643A65F3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{06DCDA99-3269-46C2-97C9-AE272E47D282}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{081FA8AE-A126-474F-8C1B-76AD25FB2D68}" = lport=48114 | protocol=6 | dir=in | name=maconfig_tcptls |
"{121D0C31-F006-4B28-BA96-362B8C8395E4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{14006528-1E76-4BAB-BC16-5D0EF9FB53D2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1FC5BE69-752A-48D3-A89D-1AF31D874A5C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{20514FC5-CDD9-4AC0-BB5B-DDEA5561AE2D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2AD05DDB-430E-4400-AD3F-B21184857CD2}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{2D0EDB26-76F3-41F2-B5EA-8E4E88DCDA0E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2F0F47B2-03BA-4ED1-8B6C-E498CD55F965}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{31AB36DB-2A8A-4864-9802-49D3F50B3C20}" = lport=139 | protocol=6 | dir=in | app=system |
"{3B00960F-4FE4-428D-88A9-E2DD7C9497C3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4188AA0B-EC49-45A9-859F-9D5494DA549D}" = rport=445 | protocol=6 | dir=out | app=system |
"{420D52EF-2037-49AA-A121-2B74DF6CA113}" = rport=137 | protocol=17 | dir=out | app=system |
"{46644C71-ED82-48CB-9B1D-A295194E36A5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{54E0A301-CB0A-4A17-BBD1-BB77C5692E1A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{641F21ED-6809-4776-A605-E28152BA9A88}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{77E59730-7ADE-48C5-9931-D548E27FDD4B}" = lport=137 | protocol=17 | dir=in | app=system |
"{82F4422E-73EA-47B6-B959-35A09AA14CFF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{84E11CDD-9AD7-4F8F-8230-D8E24CCDE8B2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{98F17FD2-8F98-4B06-B1D7-80C127B72204}" = rport=139 | protocol=6 | dir=out | app=system |
"{9B7DA9ED-CA89-4226-A9E2-7ED2778739F0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA1BD460-744C-4CD8-AB1F-A1722AAF6D8F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CB996A1E-457E-4026-AAB8-3BE0060BEEAC}" = rport=138 | protocol=17 | dir=out | app=system |
"{D6486CE0-EAE7-4C34-9330-2B0966F72DD6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DB4F41F9-7379-4761-B3F3-5D4C6FFA5D9E}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{DCD7D969-FE5D-4F98-94BA-3A61CB671A1D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DCFA98C8-B62F-4E32-9F4E-FC72E5EA8AA5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E4B31318-F49F-40A3-86D2-0AD9F83CA57F}" = lport=138 | protocol=17 | dir=in | app=system |
"{EE5EC78D-BAC2-42FE-A196-61DB2B2317AB}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04BD8AC3-FC5D-4F93-8573-7C46ED9CDD74}" = protocol=6 | dir=in | app=c:\program files\xi\netxfer\nettransport.exe |
"{04D19B9D-747D-4281-93EC-8BCDF27EAA91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{05657F43-A18E-448A-A578-727951F94A88}" = protocol=17 | dir=in | app=c:\program files\xi\netxfer\nettransport.exe |
"{0803430B-B5CA-4F96-92AD-5FF530854FF8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0EE4CBCC-B0DF-426A-884C-F050CEA3CFAD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{12E04A95-321A-47FF-BB90-2A4588B57E42}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{214AA27C-459F-4168-A733-1A0F5112542E}" = protocol=17 | dir=in | app=c:\program files\freemi upnp media server\freemi upnp media server.exe |
"{27197BB0-6C57-4EDE-BABE-AD95793FD655}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{2BD42583-1AE7-4E19-B606-A957A49CF81B}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{351360DF-C6CD-4BB2-81D5-732810CFEDCD}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{40B878C2-1B65-42C4-9BD6-210ED028871C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{52AFC602-A8EF-4BE8-ACC5-2BA55300EF68}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfigagent.exe |
"{5A70A5B5-CD74-46F8-BF58-46D95CD87A27}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{5DDAD4A0-433B-44A7-99F4-ECFE1CEAF112}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfigagent.exe |
"{61675218-EC93-40F5-86B5-E4C989DAC473}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{64626EF8-4666-4450-A232-261B26B93942}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{673E56EB-2D18-4166-B697-6E530088C061}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{67F87B6C-1411-4799-B07F-423E0615A49A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{6B29D08B-7DD2-4655-9149-375717AFDBDE}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{771D4C9D-ABD4-4015-98D2-37CE45FF2143}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7ACEC610-D1DC-4560-8323-3EEE77C0FBBD}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{7BEEE933-8375-465C-A9B8-4A95B38567C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7C42AE17-67E1-44C9-BFFB-68021E4F3C0E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{7E7E359F-E930-4611-9604-9DDAD3E216F0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8233ADCB-F9EA-46EE-9E9C-CA1314D0030C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{869EAC66-3D93-44F9-9D48-66E9789EDF3C}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{8ABE190E-9C43-469A-8ED4-FF00FAB87A72}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{91BF3C95-7E31-42BF-BA1C-B83913361369}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{95BA9516-13C5-4CB1-A6FE-469FC80D9EA1}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{A8FCDF5E-29A3-4C4F-AF0C-A3980247A016}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AADC21D3-38EA-43FB-B34E-52A691EC4F51}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BF3D49BD-362C-439D-96CA-9E0689BB695C}" = protocol=6 | dir=in | app=c:\program files\freemi upnp media server\freemi upnp media server.exe |
"{CA01FB32-0616-49E0-A849-F9D335DD642A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CF9E83EB-EF49-4497-B0B9-E14010BF20F7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D9644C95-6998-40A6-AD82-DDF59B9CD903}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{DF43C8EE-FC16-4825-AF36-ADE2AFADB568}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E03BBC23-0CD8-470F-A0D8-21F250FE10DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E0EE3C0E-631B-417E-A406-732848544E53}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{E4D6A7B3-84A5-449C-AD0F-95CB4FFC2A70}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E7EA2F47-47BD-448C-B938-F3F6BD69FCEE}" = protocol=6 | dir=out | app=system |
"{E84CA469-E5FB-44C2-BA4A-430ABB9F0C1F}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{EFE24E45-C977-45EC-B5EB-F6AC1854E1B2}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{FB75ED18-521E-4437-80F7-E52DC95935CA}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"TCP Query User{02CC9AEE-E420-4307-9B80-F4934655D292}C:\program files\freemi upnp media server\freemi upnp media server.exe" = protocol=6 | dir=in | app=c:\program files\freemi upnp media server\freemi upnp media server.exe |
"UDP Query User{808C020A-F9D9-454F-9D3C-D379631C0C7A}C:\program files\freemi upnp media server\freemi upnp media server.exe" = protocol=17 | dir=in | app=c:\program files\freemi upnp media server\freemi upnp media server.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{167A6CE9-BC1C-41AD-A329-4EF11A118B00}" = Nitro PDF Professional
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217025F0}" = Java 7 Update 25
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à  distance
"{5F8683B5-5056-411C-B808-B289E29E9BBB}" = Outil de téléchargement USB/DVD Windows 7
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{6280C3D1-00A3-4E79-BDF6-98332A29B706}" = AVG 2013
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036" = Microsoft .NET Framework 4.5.1 (Français)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99D2E91E-DD71-4909-BACD-47CE043B94A9}" = AVG 2013
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D10CB57-B085-44c3-B435-2D193BA153F0}" = Conseiller de mise à  niveau vers Windows 7
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV pour Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A6C19562-4A16-48D7-BF08-76B0673FF218}" = IObit Apps Toolbar v6.7
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à  jour NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C507986C-A83D-3F09-9099-5E1AF20BE648}" = Microsoft .NET Framework 4.5.1 (FRA)
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CC158E44-6465-402E-B2BB-D86C455670FF}" = Ma-Config.com
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.83
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"AVG" = AVG 2013
"AVG Secure Search" = AVG Security Toolbar
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"FreeMi UPnP Media Server" = FreeMi UPnP Media Server
"Google Chrome" = Google Chrome
"Internet Download Manager" = Internet Download Manager
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"iPrint_is1" = iPrint
"KeyScrambler" = KeyScrambler
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"MouseSuite98" = Mouse Suite
"mv61xxDriver" = marvell 61xx
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"Usbfix" = UsbFix By El Desaparecido
"VLC media player" = VLC media player 2.0.8
"WindowsProcessSecurity" = Windows Process Security 2.1
"WinLiveSuite" = Windows Live

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28/01/2013 07:19:38 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842815
Description = La création du contexte d&#130;activation a échoué pour  c:\program files\spybot
- search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie
 c:\program files\spybot - search & destroy\DelZip179.dll » à  la ligne 8. La valeur
 * » de l&#130;attribut  language » de l&#130;élément  assemblyIdentity » n&#130;est pas valide.

Error - 29/01/2013 15:54:15 | Computer Name = Saida-PC | Source = Application Error | ID = 1000
Description = Nom de l&#130;application défaillante Explorer.EXE, version : 6.1.7601.17567,
horodatage : 0x4d6727a7 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
: 0x00000000 Code d&#130;exception : 0xc0000005 Décalage d&#130;erreur : 0x018680f8 ID du processus
défaillant : 0x23c Heure de début de l&#130;application défaillante : 0x01cdfe34632b993a
Chemin
d&#130;accès de l&#130;application défaillante : C:\Windows\Explorer.EXE Chemin d&#130;accès du
module défaillant: unknown ID de rapport : a8abd4be-6a4d-11e2-addb-001a4d1cf6a4

Error - 29/01/2013 17:01:21 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842785
Description = La création du contexte d&#130;activation a échoué pour  C:\Program Files\Common
Files\Spigot\Search Settings\SearchSettings64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 29/01/2013 17:07:07 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842815
Description = La création du contexte d&#130;activation a échoué pour  c:\program files\spybot
- search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie
 c:\program files\spybot - search & destroy\DelZip179.dll » à  la ligne 8. La valeur
 * » de l&#130;attribut  language » de l&#130;élément  assemblyIdentity » n&#130;est pas valide.

Error - 01/02/2013 06:51:48 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842785
Description = La création du contexte d&#130;activation a échoué pour  C:\Program Files\Common
Files\Spigot\Search Settings\SearchSettings64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 01/02/2013 06:57:22 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842815
Description = La création du contexte d&#130;activation a échoué pour  c:\program files\spybot
- search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie
 c:\program files\spybot - search & destroy\DelZip179.dll » à  la ligne 8. La valeur
 * » de l&#130;attribut  language » de l&#130;élément  assemblyIdentity » n&#130;est pas valide.

Error - 01/02/2013 14:57:59 | Computer Name = Saida-PC | Source = Application Error | ID = 1000
Description = Nom de l&#130;application défaillante FLVToX.exe, version : 2.0.0.163,
horodatage : 0x507ec2b0 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
: 0x00000000 Code d&#130;exception : 0xc0000005 Décalage d&#130;erreur : 0x00000001 ID du processus
défaillant : 0x1af0 Heure de début de l&#130;application défaillante : 0x01ce00adfede5137
Chemin
d&#130;accès de l&#130;application défaillante : C:\Program Files\Free FLV Converter\FLVToX.exe
Chemin
d&#130;accès du module défaillant: unknown ID de rapport : 4b990dc0-6ca1-11e2-9ae0-001a4d1cf6a4

Error - 01/02/2013 14:58:51 | Computer Name = Saida-PC | Source = Application Error | ID = 1000
Description = Nom de l&#130;application défaillante FLVToX.exe, version : 2.0.0.163,
horodatage : 0x507ec2b0 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
: 0x00000000 Code d&#130;exception : 0xc0000005 Décalage d&#130;erreur : 0x00000001 ID du processus
défaillant : 0x1988 Heure de début de l&#130;application défaillante : 0x01ce00ae2140653a
Chemin
d&#130;accès de l&#130;application défaillante : C:\Program Files\Free FLV Converter\FLVToX.exe
Chemin
d&#130;accès du module défaillant: unknown ID de rapport : 6a8e4fcb-6ca1-11e2-9ae0-001a4d1cf6a4

Error - 02/02/2013 11:45:10 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842785
Description = La création du contexte d&#130;activation a échoué pour  C:\Program Files\Common
Files\Spigot\Search Settings\SearchSettings64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 02/02/2013 11:49:43 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842815
Description = La création du contexte d&#130;activation a échoué pour  c:\program files\spybot
- search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie
 c:\program files\spybot - search & destroy\DelZip179.dll » à  la ligne 8. La valeur
 * » de l&#130;attribut  language » de l&#130;élément  assemblyIdentity » n&#130;est pas valide.

[ Media Center Events ]
Error - 16/03/2012 08:32:53 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
Description = 13:32:46 - Erreur de connexion à  Internet. 13:32:46 - Impossible
de contacter le service..

Error - 17/03/2012 15:23:09 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
Description = 20:23:09 - Erreur de connexion à  Internet. 20:23:09 - Impossible
de contacter le service..

Error - 17/03/2012 15:23:18 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
Description = 20:23:14 - Erreur de connexion à  Internet. 20:23:14 - Impossible
de contacter le service..

Error - 18/03/2012 18:51:20 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
Description = 23:51:20 - Erreur de connexion à  Internet. 23:51:20 - Impossible
de contacter le service..

Error - 18/03/2012 18:51:31 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
Description = 23:51:25 - Erreur de connexion à  Internet. 23:51:25 - Impossible
de contacter le service..

Error - 19/03/2012 13:02:13 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
Description = 18:02:12 - Erreur de connexion à  Internet. 18:02:13 - Impossible
de contacter le service..

Error - 19/03/2012 13:02:24 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
Description = 18:02:18 - Erreur de connexion à  Internet. 18:02:18 - Impossible
de contacter le service..

Error - 20/03/2012 05:07:15 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
Description = 10:07:14 - Erreur de connexion à  Internet. 10:07:14 - Impossible
de contacter le service..

Error - 20/03/2012 05:07:25 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
Description = 10:07:20 - Erreur de connexion à  Internet. 10:07:20 - Impossible
de contacter le service..

Error - 31/03/2012 07:40:28 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
Description = 13:40:21 - Erreur de connexion à  Internet. 13:40:21 - Impossible
de contacter le service..

[ System Events ]
Error - 03/12/2013 11:35:41 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7023
Description = Le service Windows Search s&#130;est arrêté avec l&#130;erreur : %%2

Error - 03/12/2013 11:35:41 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7034
Description = Le service Windows Search s&#130;est terminé de façon inattendue pour la
41ème fois.

Error - 03/12/2013 11:36:12 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7023
Description = Le service Windows Search s&#130;est arrêté avec l&#130;erreur : %%2

Error - 03/12/2013 11:36:12 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7034
Description = Le service Windows Search s&#130;est terminé de façon inattendue pour la
42ème fois.

Error - 03/12/2013 11:36:42 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7023
Description = Le service Windows Search s&#130;est arrêté avec l&#130;erreur : %%2

Error - 03/12/2013 11:36:42 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7034
Description = Le service Windows Search s&#130;est terminé de façon inattendue pour la
43ème fois.

Error - 03/12/2013 11:40:35 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7023
Description = Le service Windows Search s&#130;est arrêté avec l&#130;erreur : %%2

Error - 03/12/2013 11:40:35 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7034
Description = Le service Windows Search s&#130;est terminé de façon inattendue pour la
44ème fois.

Error - 03/12/2013 11:41:05 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7023
Description = Le service Windows Search s&#130;est arrêté avec l&#130;erreur : %%2

Error - 03/12/2013 11:41:05 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7034
Description = Le service Windows Search s&#130;est terminé de façon inattendue pour la
45ème fois.


< End of report >
Avatar du membre
par etoile127
#20376
Suite OTL.Txt.Svp dites moi ce que je dois faire exactement,je suis trés nocive question informatique.Je vous remercie par avance :merci2:
OTL logfile created on: 03/12/2013 16:01:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Saida\Downloads\Programs
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,40 Gb Available Physical Memory | 20,15% Memory free
5,00 Gb Paging File | 3,00 Gb Available in Paging File | 60,02% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,95 Gb Total Space | 24,99 Gb Free Space | 16,78% Space Free | Partition Type: NTFS
Drive E: | 7,45 Gb Total Space | 5,74 Gb Free Space | 77,08% Space Free | Partition Type: FAT32

Computer Name: SAIDA-PC | User Name: Saida | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/12/03 11:03:37 | 002,861,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
PRC - [2013/12/02 20:24:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Saida\Downloads\Programs\OTL.exe
PRC - [2013/11/30 20:08:51 | 002,420,248 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2013/11/30 20:08:48 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
PRC - [2013/11/30 20:08:45 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
PRC - [2013/11/22 08:19:33 | 003,825,232 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2013/11/19 11:21:30 | 000,230,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
PRC - [2013/11/14 19:16:50 | 000,508,144 | ---- | M] (QFX Software Corporation) -- C:\Program Files\KeyScrambler\KeyScrambler.exe
PRC - [2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/11/11 15:42:02 | 000,764,192 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
PRC - [2013/10/25 12:07:38 | 001,120,032 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\RealTimeProtector.exe
PRC - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013/10/23 15:01:10 | 000,300,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/09/23 00:17:34 | 004,411,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/09/23 00:17:30 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/09/08 17:25:06 | 001,786,704 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
PRC - [2013/09/04 09:20:38 | 001,432,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgfws.exe
PRC - [2013/08/23 13:29:54 | 001,174,152 | ---- | M] (WiseCleaner.com) -- C:\Program Files\Wise\Wise Care 365\WiseTray.exe
PRC - [2013/08/16 17:09:02 | 001,549,120 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
PRC - [2013/08/02 01:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/07/23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/10 00:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2013/07/04 14:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013/07/04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013/04/25 15:54:10 | 000,335,168 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/03/18 01:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2013/03/17 16:44:56 | 000,546,712 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2013/03/17 16:44:56 | 000,057,720 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/06/05 11:07:54 | 000,054,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2012/06/05 11:07:54 | 000,054,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2011/03/21 12:55:30 | 000,196,928 | ---- | M] (Nitro PDF Software) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2013/12/01 17:32:25 | 000,358,400 | ---- | M] () -- C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.5.3_0\plugins\screen_capture.dll
MOD - [2013/11/30 20:08:54 | 000,519,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\log4cplusU.dll
MOD - [2013/11/30 20:08:54 | 000,142,360 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\SiteSafety.dll
MOD - [2013/11/30 20:08:51 | 002,420,248 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2013/11/14 12:29:31 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppgooglenaclpluginchrome.dll
MOD - [2013/11/14 12:29:29 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
MOD - [2013/11/14 12:28:37 | 000,702,416 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
MOD - [2013/11/14 12:28:36 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\libegl.dll
MOD - [2013/11/14 12:28:34 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
MOD - [2013/10/25 12:07:38 | 001,120,032 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\RealTimeProtector.exe
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 7\madbasic_.bpl
MOD - [2011/03/21 12:55:48 | 000,115,008 | ---- | M] () -- C:\Program Files\Nitro PDF\Professional\NPShellExtension.dll
MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2013/11/30 20:08:48 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe -- (vToolbarUpdater17.1.2)
SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/10/09 19:18:01 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/27 19:51:47 | 001,343,400 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/09/24 19:01:27 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/09/08 17:25:06 | 001,786,704 | ---- | M] (CybelSoft) [Auto | Running] -- C:\Program Files\ma-config.com\MaConfigAgent.exe -- (MaConfigAgent)
SRV - [2013/09/04 09:20:38 | 001,432,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2013/07/23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/25 17:12:00 | 000,580,232 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Program Files\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2013/04/25 15:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/03/21 12:55:30 | 000,196,928 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe -- (NitroDriverReadSpool)
SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Boot | Stopped] -- -- (sptd)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV - File not found [Kernel | Auto | Stopped] -- -- (ATE_PROCMON)
DRV - File not found [File_System | Boot | Stopped] -- -- (77267374)
DRV - [2013/11/30 20:08:55 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/11/08 00:41:38 | 000,108,000 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013/09/10 00:34:48 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/09/05 00:43:42 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013/08/20 06:02:14 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(http://www.devguru.co.kr" onclick="window.open(this.href);return false;)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/07/20 00:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/07/20 00:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/07/20 00:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/07/20 00:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/07/01 00:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/05/31 15:53:18 | 000,209,016 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2013/04/09 16:46:21 | 000,016,880 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV - [2013/04/04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/26 18:34:32 | 000,020,944 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/26 18:34:30 | 000,031,752 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2013/03/23 14:49:18 | 000,021,480 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2013/03/21 02:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/03/17 16:44:56 | 000,373,112 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2013/03/14 16:51:18 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb80236.sys -- (usbrndis6)
DRV - [2013/02/19 20:32:54 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013/01/16 18:22:43 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2013/01/16 18:22:40 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/09/06 20:02:49 | 000,015,248 | ---- | M] (PenMount) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pmkbdfltr.sys -- (pmkbdfltr)
DRV - [2012/09/04 10:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2011/12/18 12:44:22 | 000,016,384 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PELMOUSE.SYS -- (pelmouse)
DRV - [2011/12/15 19:29:42 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2011/07/28 18:37:10 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2011/07/21 19:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/16 19:49:00 | 001,559,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2010/07/05 09:24:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/20 15:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2009/07/23 22:02:56 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2003/02/11 13:25:14 | 000,009,216 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pelusblf.sys -- (pelusblf)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\.DEFAULT\..\SearchScopes\{295BEC74-2563-4708-80A2-9440850E387C}: "URL" = http://fr.search.yahoo.com/search?p=" onclick="window.open(this.href);return false;{searchTerms}&fr=chr-tyc8
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-18\..\SearchScopes\{295BEC74-2563-4708-80A2-9440850E387C}: "URL" = http://fr.search.yahoo.com/search?p=" onclick="window.open(this.href);return false;{searchTerms}&fr=chr-tyc8
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com" onclick="window.open(this.href);return false;
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com" onclick="window.open(this.href);return false;
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp" onclick="window.open(this.href);return false;
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B5 D0 4B 9C CA 9B CC 01 [binary data]
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLJ_frFR456
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\..\SearchScopes\{CB37CAD6-B969-41E8-8A3C-8EFEE6692A55}: "URL" = http://search.certified-toolbar.com?si= ... &tid=77&q=" onclick="window.open(this.href);return false;{searchTerms}
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Saida\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Saida\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Saida\AppData\Roaming\IDM\idmmzcc5 [2013/11/26 17:28:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Saida\AppData\Roaming\IDM\idmmzcc5 [2013/11/26 17:28:49 | 000,000,000 | ---D | M]

[2013/12/01 16:57:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Saida\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2013/12/01 16:54:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Saida\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
[2013/11/22 17:05:18 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Saida\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions\ascsurfingprotection@iobit.com
[2013/06/30 09:44:04 | 000,239,491 | ---- | M] () (No name found) -- C:\Users\Saida\AppData\Roaming\mozilla\firefox\profiles\extensions\trtv3@trtv.com.xpi
[2013/09/27 18:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - Extension: DownloadAll = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajffocjdcmpgjmdfdfkdfdbkjafbkcke\2.1.1_0\
CHR - Extension: Superbe capture d'cran : capturer et annoter = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.5.3_0\
CHR - Extension: Mto (extension) = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.7_0\
CHR - Extension: Adblock Plus = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\
CHR - Extension: Vimeo Download Videos = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\geeljcibkkackafmeepgadbfgmpjmdeg\3.0.0_0\
CHR - Extension: IDM Integration Module = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.7_0\
CHR - Extension: AVG Secure Search = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.1.2.1_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: GreyGray = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhogbcndagiknbfomjgdeghehkljalhi\1.0.0_0\
CHR - Extension: GoogleWallet = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\
CHR - Extension: Adblock Pro = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\2.8_0\
CHR - Extension: Print Friendly & PDF = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj\2.3_0\
CHR - Extension: OneClick Cleaner for Chrome = C:\Users\Saida\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh\0.9.0.7_0\

O1 HOSTS File: ([2013/11/06 15:52:10 | 000,450,681 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 http://www.007guard.com" onclick="window.open(this.href);return false;
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 http://www.008k.com" onclick="window.open(this.href);return false;
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 http://www.00hq.com" onclick="window.open(this.href);return false;
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 http://www.032439.com" onclick="window.open(this.href);return false;
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 http://www.0scan.com" onclick="window.open(this.href);return false;
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 http://www.1000gratisproben.com" onclick="window.open(this.href);return false;
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 http://www.1001namen.com" onclick="window.open(this.href);return false;
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 http://www.100888290cs.com" onclick="window.open(this.href);return false;
O1 - Hosts: 127.0.0.1 http://www.100sexlinks.com" onclick="window.open(this.href);return false;
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 http://www.10sek.com" onclick="window.open(this.href);return false;
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 http://www.1-2005-search.com" onclick="window.open(this.href);return false;
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 http://www.123fporn.info" onclick="window.open(this.href);return false;
O1 - Hosts: 15468 more lines...
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - !{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 7] C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 7] C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001..\Run: [F650957478D12BD831629AC6E9B60F9A2BAB7454._service_run] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-4121471940-3825467980-2753460516-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: &Download All using 4shared Desktop - res://C" onclick="window.open(this.href);return false;:\Users\Saida\4shared Desktop\Desktop.32/D_ALL_LINK File not found
O8 - Extra context menu item: &Download using 4shared Desktop - res://C" onclick="window.open(this.href);return false;:\Users\Saida\4shared Desktop\Desktop.32/D_ONE_LINK File not found
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: ma-config.com ([]http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: touslesdrivers.com ([]http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: ma-config.com ([]http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: touslesdrivers.com ([]http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab" onclick="window.open(this.href);return false; (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab" onclick="window.open(this.href);return false; (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab" onclick="window.open(this.href);return false; (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06A55B50-31E1-48D5-B944-28BC4F85E63F}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19344C00-6D8B-4FFB-AFCD-3D424A52766E}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20F02C72-E83D-4311-A44D-1246E501389A}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/02/03 12:35:01 | 000,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Avatar du membre
par etoile127
#20378
Resuite
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: swg - hkey= - key= - c:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: vProt - hkey= - key= - Reg Error: Value error. File not found
MsConfig - State: "startup" - 2

SafeBootMin: 77267374.sys - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: 77267374.sys - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/12/02 20:02:42 | 000,000,000 | ---D | C] -- C:\UsbFix
[2013/12/01 18:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/12/01 18:15:22 | 000,000,000 | ---D | C] -- C:\Users\Saida\AppData\Roaming\Dealply
[2013/12/01 18:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\IminentToolbar
[2013/12/01 16:52:17 | 000,000,000 | ---D | C] -- C:\Users\Saida\AppData\Roaming\Nosibay
[2013/12/01 13:35:46 | 000,000,000 | ---D | C] -- C:\Users\Saida\AppData\Local\AVG Secure Search
[2013/11/30 20:12:01 | 000,000,000 | ---D | C] -- C:\Users\Saida\AppData\Roaming\TuneUp Software
[2013/11/30 20:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2013/11/30 20:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2013/11/30 20:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2013/11/28 20:56:13 | 000,000,000 | ---D | C] -- C:\Users\Saida\AppData\Local\Software
[2013/11/28 19:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMi UPnP Media Server
[2013/11/27 17:03:08 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013/11/27 16:46:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/11/26 17:25:08 | 000,000,000 | ---D | C] -- C:\Users\Saida\AppData\Roaming\IDM
[2013/11/26 17:24:57 | 000,000,000 | ---D | C] -- C:\Users\Saida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/11/26 17:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013/11/26 17:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2013/11/22 17:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2013/11/22 17:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2013/11/22 17:05:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2013/11/22 17:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
[2013/11/18 20:55:55 | 000,000,000 | ---D | C] -- C:\Users\Saida\AppData\Roaming\4shared Desktop
[2013/11/18 20:55:48 | 000,000,000 | ---D | C] -- C:\ProgramData\4shared Desktop
[2013/11/18 20:55:34 | 000,000,000 | ---D | C] -- C:\Users\Saida\4shared Desktop
[2013/11/18 17:09:07 | 000,000,000 | ---D | C] -- C:\Users\Saida\AppData\Roaming\QFX Software
[2013/11/18 17:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2013/11/18 17:08:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2013/11/18 17:08:19 | 000,209,016 | ---- | C] (QFX Software Corporation) -- C:\Windows\System32\drivers\keyscrambler.sys
[2013/11/18 17:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\KeyScrambler
[2013/11/18 15:41:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/11/13 16:17:56 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013/11/13 16:17:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2013/11/13 16:17:43 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013/11/13 16:17:43 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2013/11/13 16:17:40 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2013/11/13 16:17:40 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013/11/12 14:56:16 | 000,000,000 | ---D | C] -- C:\IObit
[2013/11/11 20:23:52 | 001,824,000 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2013/11/11 20:23:51 | 000,819,648 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2013/11/11 20:23:51 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2013/11/11 20:23:50 | 000,604,928 | ---- | C] (DTS, Inc.) -- C:\Windows\System32\sltech32.dll
[2013/11/11 20:23:49 | 000,218,368 | ---- | C] (TODO: <Company name>) -- C:\Windows\System32\slprp32.dll
[2013/11/11 20:23:47 | 000,938,752 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\slcnt32.dll
[2013/11/11 20:23:44 | 000,823,040 | ---- | C] (DTS, Inc.) -- C:\Windows\System32\sl3apo32.dll
[2013/11/11 20:23:43 | 000,912,432 | ---- | C] (Sony Corporation) -- C:\Windows\System32\SFSS_APO.dll
[2013/11/11 20:23:37 | 001,596,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2013/11/11 20:23:32 | 000,798,520 | ---- | C] (ASUSTeKcomputer.Inc Inc) -- C:\Windows\System32\RTKSMSettingsIPC.dll
[2013/11/11 20:23:29 | 004,222,104 | ---- | C] (ASUSTeKcomputer.Inc Inc) -- C:\Windows\System32\RTKSMlfx.dll
[2013/11/11 20:23:26 | 002,546,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2013/11/11 20:23:22 | 000,122,072 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll
[2013/11/11 20:23:20 | 000,769,752 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2013/11/11 20:23:18 | 002,327,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2013/11/11 20:22:49 | 032,882,688 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2013/11/11 20:22:46 | 007,162,128 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2013/11/11 20:22:46 | 000,106,768 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2013/11/11 20:22:45 | 000,352,016 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2013/11/11 20:22:45 | 000,091,920 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2013/11/11 20:22:45 | 000,062,224 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2013/11/11 20:22:43 | 000,852,016 | ---- | C] (Sony Corporation) -- C:\Windows\System32\MISS_APO.dll
[2013/11/11 20:22:36 | 000,509,184 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2013/11/11 20:22:35 | 000,761,088 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVoiceAPO20.dll
[2013/11/11 20:22:35 | 000,642,304 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxSpeechAPO.dll
[2013/11/11 20:22:34 | 003,443,968 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnN.dll
[2013/11/11 20:21:57 | 027,368,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnA.dll
[2013/11/11 20:21:49 | 001,677,568 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2013/11/11 20:21:24 | 013,880,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2013/11/11 20:21:20 | 001,935,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2013/11/11 20:21:17 | 000,859,392 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2013/11/11 20:21:16 | 001,097,984 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO50.dll
[2013/11/11 20:21:15 | 000,873,728 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO40.dll
[2013/11/11 20:21:14 | 000,509,184 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2013/11/11 20:20:36 | 002,395,680 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2013/11/11 20:20:35 | 000,346,056 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2013/11/11 20:20:34 | 000,426,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2013/11/11 20:20:33 | 000,402,888 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2013/11/11 20:20:21 | 006,178,136 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPP32A.dll
[2013/11/11 20:20:20 | 000,269,144 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPO32A.dll
[2013/11/11 20:20:18 | 001,439,064 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPD32A.dll
[2013/11/11 20:20:18 | 000,220,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\DDPA32.dll
[2013/11/11 20:20:03 | 000,092,584 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[2013/11/11 20:19:35 | 000,181,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2013/11/11 20:19:35 | 000,095,840 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2013/11/09 06:08:40 | 000,108,000 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys

========== Files - Modified Within 30 Days ==========

[2013/12/03 16:15:05 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/03 16:10:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/12/03 15:56:02 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/03 15:47:32 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013/12/03 15:47:30 | 000,001,814 | ---- | M] () -- C:\Windows\tasks\Deeal_fr 0.2-firefoxinstaller.job
[2013/12/03 15:47:30 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/03 15:47:24 | 000,001,888 | ---- | M] () -- C:\Windows\tasks\Deeal_fr 0.2-chromeinstaller.job
[2013/12/03 15:47:24 | 000,001,192 | ---- | M] () -- C:\Windows\tasks\Deeal_fr 0.2-codedownloader.job
[2013/12/03 15:47:24 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2013/12/03 15:46:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/03 15:46:40 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/03 15:38:19 | 000,001,607 | ---- | M] () -- C:\Users\Saida\Desktop\SFTGC.exe - Raccourci (2).lnk
[2013/12/03 15:36:12 | 000,747,660 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/12/03 15:36:12 | 000,654,270 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/12/03 15:36:12 | 000,150,184 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/12/03 15:36:12 | 000,122,142 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/12/02 20:36:46 | 000,001,587 | ---- | M] () -- C:\Users\Saida\Desktop\OTL.exe - Raccourci.lnk
[2013/12/02 20:16:02 | 000,001,607 | ---- | M] () -- C:\Users\Saida\Desktop\SFTGC.exe - Raccourci.lnk
[2013/12/02 20:03:35 | 000,001,622 | ---- | M] () -- C:\Users\Saida\Desktop\UsbFix.exe - Raccourci.lnk
[2013/12/02 20:00:12 | 000,001,660 | ---- | M] () -- C:\Users\Saida\Desktop\adwcleaner.exe - Raccourci.lnk
[2013/12/02 00:14:25 | 000,010,110 | ---- | M] () -- C:\Windows\wininit.ini
[2013/12/01 18:25:12 | 000,000,918 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013/12/01 18:15:46 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\Dealply.job
[2013/11/30 20:08:55 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/11/30 19:23:29 | 000,300,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/11/30 18:19:02 | 000,043,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/30 18:19:02 | 000,043,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/29 15:01:00 | 000,000,262 | ---- | M] () -- C:\Windows\tasks\WinThruster_DEFAULT.job
[2013/11/28 19:45:21 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\FreeMi UPnP Media Server.lnk
[2013/11/27 16:51:50 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\WinThruster_UPDATES.job
[2013/11/27 16:46:40 | 000,002,163 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/26 19:03:25 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/11/26 17:04:54 | 000,000,117 | ---- | M] () -- C:\Users\Saida\Desktop\+ d'astuces sur majax31.ws (2).url
[2013/11/22 17:05:16 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2013/11/19 15:00:39 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Wise Turbo Checker.job
[2013/11/19 11:21:30 | 000,230,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/11/18 15:41:55 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/11/12 18:13:13 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013/11/12 18:13:13 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013/11/11 21:10:54 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2013/11/11 20:23:53 | 001,824,000 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2013/11/11 20:23:51 | 000,819,648 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2013/11/11 20:23:51 | 000,058,264 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2013/11/11 20:23:50 | 000,604,928 | ---- | M] (DTS, Inc.) -- C:\Windows\System32\sltech32.dll
[2013/11/11 20:23:49 | 000,218,368 | ---- | M] (TODO: <Company name>) -- C:\Windows\System32\slprp32.dll
[2013/11/11 20:23:48 | 000,938,752 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\System32\slcnt32.dll
[2013/11/11 20:23:46 | 000,823,040 | ---- | M] (DTS, Inc.) -- C:\Windows\System32\sl3apo32.dll
[2013/11/11 20:23:44 | 000,912,432 | ---- | M] (Sony Corporation) -- C:\Windows\System32\SFSS_APO.dll
[2013/11/11 20:23:41 | 005,681,192 | ---- | M] () -- C:\Windows\System32\drivers\rtvienna.dat
[2013/11/11 20:23:38 | 001,596,488 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2013/11/11 20:23:32 | 000,798,520 | ---- | M] (ASUSTeKcomputer.Inc Inc) -- C:\Windows\System32\RTKSMSettingsIPC.dll
[2013/11/11 20:23:31 | 004,222,104 | ---- | M] (ASUSTeKcomputer.Inc Inc) -- C:\Windows\System32\RTKSMlfx.dll
[2013/11/11 20:23:29 | 002,546,904 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2013/11/11 20:23:22 | 000,122,072 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll
[2013/11/11 20:23:20 | 002,327,768 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2013/11/11 20:23:20 | 000,769,752 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2013/11/11 20:22:58 | 000,646,313 | ---- | M] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013/11/11 20:22:56 | 032,882,688 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2013/11/11 20:22:49 | 007,162,128 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2013/11/11 20:22:46 | 000,106,768 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2013/11/11 20:22:45 | 000,352,016 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2013/11/11 20:22:45 | 000,091,920 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2013/11/11 20:22:45 | 000,062,224 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2013/11/11 20:22:44 | 000,852,016 | ---- | M] (Sony Corporation) -- C:\Windows\System32\MISS_APO.dll
[2013/11/11 20:22:37 | 000,509,184 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2013/11/11 20:22:36 | 000,761,088 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVoiceAPO20.dll
[2013/11/11 20:22:35 | 003,443,968 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnN.dll
[2013/11/11 20:22:35 | 000,642,304 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxSpeechAPO.dll
[2013/11/11 20:22:34 | 027,368,704 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioVnA.dll
[2013/11/11 20:21:52 | 001,677,568 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2013/11/11 20:21:48 | 013,880,576 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2013/11/11 20:21:22 | 001,935,104 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2013/11/11 20:21:17 | 001,097,984 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO50.dll
[2013/11/11 20:21:17 | 000,859,392 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2013/11/11 20:21:16 | 000,873,728 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO40.dll
[2013/11/11 20:21:15 | 000,509,184 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2013/11/11 20:20:38 | 002,395,680 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2013/11/11 20:20:36 | 000,346,056 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2013/11/11 20:20:35 | 000,426,952 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2013/11/11 20:20:34 | 000,402,888 | ---- | M] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2013/11/11 20:20:22 | 006,178,136 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPP32A.dll
[2013/11/11 20:20:21 | 000,269,144 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPO32A.dll
[2013/11/11 20:20:20 | 001,439,064 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPD32A.dll
[2013/11/11 20:20:18 | 000,220,504 | ---- | M] (Dolby Laboratories) -- C:\Windows\System32\DDPA32.dll
[2013/11/11 20:20:03 | 000,092,584 | ---- | M] (Real Sound Lab SIA) -- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[2013/11/11 20:19:37 | 000,502,584 | ---- | M] () -- C:\Windows\System32\audioLibVc.dll
[2013/11/11 20:19:35 | 000,188,696 | ---- | M] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2013/11/11 20:19:35 | 000,181,960 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2013/11/11 20:19:35 | 000,095,840 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2013/11/09 20:43:26 | 772,743,745 | ---- | M] () -- C:\Users\Saida\Documents\Trap.For.Cinderella.2013.VOSTFR.FANSUB.BRRiP.XViD-LOLOTE_2hWxRk9V5r.AVI
[2013/11/08 00:41:38 | 000,108,000 | ---- | M] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2013/11/06 15:52:10 | 000,450,681 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/11/04 19:22:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4121471940-3825467980-2753460516-1001UA.job

========== Files Created - No Company Name ==========

[2013/12/03 15:37:18 | 000,001,607 | ---- | C] () -- C:\Users\Saida\Desktop\SFTGC.exe - Raccourci (2).lnk
[2013/12/02 20:48:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/12/02 20:35:52 | 000,001,587 | ---- | C] () -- C:\Users\Saida\Desktop\OTL.exe - Raccourci.lnk
[2013/12/02 20:15:56 | 000,001,607 | ---- | C] () -- C:\Users\Saida\Desktop\SFTGC.exe - Raccourci.lnk
[2013/12/02 20:03:07 | 000,001,622 | ---- | C] () -- C:\Users\Saida\Desktop\UsbFix.exe - Raccourci.lnk
[2013/12/02 20:00:12 | 000,001,660 | ---- | C] () -- C:\Users\Saida\Desktop\adwcleaner.exe - Raccourci.lnk
[2013/12/01 18:15:46 | 000,000,290 | ---- | C] () -- C:\Windows\tasks\Dealply.job
[2013/12/01 18:13:05 | 000,001,192 | ---- | C] () -- C:\Windows\tasks\Deeal_fr 0.2-codedownloader.job
[2013/12/01 18:13:00 | 000,001,814 | ---- | C] () -- C:\Windows\tasks\Deeal_fr 0.2-firefoxinstaller.job
[2013/12/01 18:12:56 | 000,001,888 | ---- | C] () -- C:\Windows\tasks\Deeal_fr 0.2-chromeinstaller.job
[2013/12/01 18:06:57 | 000,000,918 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013/11/30 19:23:05 | 000,300,144 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/11/28 19:34:28 | 772,743,745 | ---- | C] () -- C:\Users\Saida\Documents\Trap.For.Cinderella.2013.VOSTFR.FANSUB.BRRiP.XViD-LOLOTE_2hWxRk9V5r.AVI
[2013/11/27 16:46:40 | 000,002,163 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/26 17:05:21 | 000,000,117 | ---- | C] () -- C:\Users\Saida\Desktop\+ d'astuces sur majax31.ws (2).url
[2013/11/22 17:05:16 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2013/11/22 17:04:35 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/11/18 15:41:55 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/11/18 15:41:49 | 000,002,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/11/11 21:10:54 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/11 20:23:38 | 005,681,192 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2013/11/11 20:22:57 | 000,646,313 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013/11/11 20:19:36 | 000,502,584 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll
[2013/11/11 20:19:34 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2013/08/24 19:10:02 | 000,000,149 | ---- | C] () -- C:\Windows\AZPR3.INI
[2012/07/22 12:06:40 | 000,000,438 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/05/03 16:12:59 | 000,267,476 | ---- | C] () -- C:\Users\Saida\AppData\Local\census.cache
[2012/05/03 16:12:26 | 000,141,606 | ---- | C] () -- C:\Users\Saida\AppData\Local\ars.cache
[2012/04/10 12:19:51 | 000,000,097 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/03/05 16:53:10 | 000,163,968 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/01/19 14:03:39 | 000,010,110 | ---- | C] () -- C:\Windows\wininit.ini
[2012/01/10 20:30:05 | 000,383,238 | ---- | C] () -- C:\Windows\System32\libmp3lame-0.dll
[2011/12/31 16:52:46 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/12/31 16:52:46 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/12/18 18:32:35 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/11/06 12:51:57 | 000,013,824 | ---- | C] () -- C:\Users\Saida\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/11/19 14:41:06 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\4shared Desktop
[2013/09/10 19:29:37 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Absolute Uninstaller
[2011/11/07 13:25:23 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Apowersoft
[2012/11/29 17:58:45 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\AVG
[2012/11/08 18:39:52 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\AVG2013
[2011/12/02 20:24:35 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Canneverbe Limited
[2013/12/01 18:15:22 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Dealply
[2013/09/16 09:56:03 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\DiskDefrag
[2013/12/03 15:45:09 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\DMCache
[2012/01/01 12:34:39 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Downloaded Installations
[2013/10/01 14:46:31 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\GlarySoft
[2013/12/03 15:42:32 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\IDM
[2013/11/22 17:04:36 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\IObit
[2012/11/12 13:20:06 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Leadertech
[2013/12/03 15:49:32 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Nitro PDF
[2012/01/14 00:48:45 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Notepad++
[2013/09/07 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Orbit
[2013/09/07 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\PDF Software
[2012/01/12 20:37:22 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\ProgSense
[2013/11/25 22:37:18 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\QFX Software
[2013/06/26 16:07:02 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\SkyMonk
[2011/12/25 11:58:29 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Software Informer
[2011/12/27 16:42:54 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\thecleaner
[2013/11/30 20:12:01 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\TuneUp Software
[2013/09/07 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Uniblue
[2013/06/26 16:07:02 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\URSoft
[2011/12/07 14:01:43 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\VitySoft
[2012/01/01 17:29:55 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\VS Revo Group
[2012/01/17 21:09:37 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\W3i, LLC
[2012/07/13 16:27:20 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Windows Live Writer
[2013/12/03 15:48:43 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Wise Care 365
[2012/01/12 22:04:15 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Xi

========== Purity Check ==========



========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/11/19 14:41:06 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\4shared Desktop
[2013/09/10 19:29:37 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Absolute Uninstaller
[2013/09/07 17:29:28 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Adobe
[2011/11/07 13:25:23 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Apowersoft
[2013/11/11 20:07:24 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Apple Computer
[2012/11/29 17:58:45 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\AVG
[2012/11/08 18:39:52 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\AVG2013
[2013/09/07 17:29:27 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\AVS4YOU
[2011/12/02 20:24:35 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Canneverbe Limited
[2013/12/01 18:15:22 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Dealply
[2013/09/16 09:56:03 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\DiskDefrag
[2013/12/03 15:45:09 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\DMCache
[2012/01/01 12:34:39 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Downloaded Installations
[2013/09/07 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\dvdcss
[2013/10/01 14:46:31 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\GlarySoft
[2013/09/25 16:05:33 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Google
[2013/12/03 15:42:32 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\IDM
[2013/11/22 17:04:36 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\IObit
[2012/11/12 13:20:06 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Leadertech
[2013/09/07 19:30:36 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Macromedia
[2013/10/13 19:16:01 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Malwarebytes
[2013/11/16 16:30:28 | 000,000,000 | --SD | M] -- C:\Users\Saida\AppData\Roaming\Microsoft
[2013/09/09 19:45:11 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Mozilla
[2013/12/03 15:49:32 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Nitro PDF
[2013/12/01 18:12:26 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Nosibay
[2012/01/14 00:48:45 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Notepad++
[2013/09/07 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Orbit
[2013/09/07 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\PDF Software
[2012/01/12 20:37:22 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\ProgSense
[2013/11/25 22:37:18 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\QFX Software
[2013/06/18 19:52:06 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Real
[2013/06/26 16:07:02 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\SkyMonk
[2011/12/25 11:58:29 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Software Informer
[2011/12/27 16:42:54 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\thecleaner
[2013/11/30 20:12:01 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\TuneUp Software
[2013/09/07 17:29:47 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Uniblue
[2013/06/26 16:07:02 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\URSoft
[2011/12/07 14:01:43 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\VitySoft
[2013/11/29 19:46:56 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\vlc
[2012/01/01 17:29:55 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\VS Revo Group
[2012/01/17 21:09:37 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\W3i, LLC
[2012/07/13 16:27:20 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Windows Live Writer
[2011/11/05 16:55:11 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\WinRAR
[2013/12/03 15:48:43 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Wise Care 365
[2012/01/12 22:04:15 | 000,000,000 | ---D | M] -- C:\Users\Saida\AppData\Roaming\Xi

< %APPDATA%\*.exe /s >
[2013/10/02 17:04:20 | 000,119,808 | R--- | M] () -- C:\Users\Saida\AppData\Roaming\Microsoft\Installer\{5F8683B5-5056-411C-B808-B289E29E9BBB}\icons.exe
[2012/01/14 13:26:39 | 000,183,096 | ---- | M] (Microsoft Corporation) -- C:\Users\Saida\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe
[2012/01/31 17:05:30 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Saida\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.01\rnupgagent.exe
[2012/06/09 11:04:18 | 006,985,920 | ---- | M] (Uniblue Systems Ltd ) -- C:\Users\Saida\AppData\Roaming\Uniblue\RegistryBooster\_temp\ub.exe

< %temp%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\consrv.dll >

< %systemroot%\system32\*.dll /lockedfiles >

< %windir%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: WININIT.EXE >
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s >
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"Debug" =
"" = mnmsrvc
"Kmode" = \SystemRoot\System32\win32k.sys
"Optional" = [binary data]
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s >
"ProfilesDirectory" = %SystemDrive%\Users -- [2013/09/07 17:28:07 | 000,000,000 | R--D | M]
"Default" = %SystemDrive%\Users\Default -- [2013/09/29 19:32:34 | 000,000,000 | RH-D | M]
"Public" = %SystemDrive%\Users\Public -- [2013/10/12 17:12:43 | 000,000,000 | R--D | M]
"ProgramData" = %SystemDrive%\ProgramData -- [2013/12/02 00:14:25 | 000,000,000 | -H-D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18]
"Flags" = 12
"State" = 0
"RefCount" = 1
"Sid" = 01 01 00 00 00 00 00 05 12 00 00 00 [binary data]
"ProfileImagePath" = %systemroot%\system32\config\systemprofile -- [2013/11/25 22:37:22 | 000,000,000 | ---D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19]
"ProfileImagePath" = C:\Windows\ServiceProfiles\LocalService -- [2013/12/03 15:47:04 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20]
"ProfileImagePath" = C:\Windows\ServiceProfiles\NetworkService -- [2013/12/03 15:46:57 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-4121471940-3825467980-2753460516-1001]
"ProfileImagePath" = C:\Users\Saida -- [2013/12/01 17:53:44 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 C4 AB A8 F5 4C 02 04 E4 24 79 1E A4 E9 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 3
"RunLogonScriptSync" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-4121471940-3825467980-2753460516-1003]
"ProfileImagePath" = C:\Users\UpdatusUser -- [2013/12/03 15:53:03 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 C4 AB A8 F5 4C 02 04 E4 24 79 1E A4 EB 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-4121471940-3825467980-2753460516-1004]
"ProfileImagePath" = C:\Users\UpdatusUser -- [2013/12/03 15:53:03 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 C4 AB A8 F5 4C 02 04 E4 24 79 1E A4 EC 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 1

< HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s >
"CompletionChar" = 64
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 64

< HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s >
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9

< nslookup http://www.google.fr" onclick="window.open(this.href);return false; /c >
Serveur : UnKnown
Address: 192.168.0.254

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2013/09/24 19:01:44 | 000,208,896 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2013/09/24 19:01:44 | 000,208,896 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2013/09/24 19:01:44 | 000,208,896 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/09/24 19:01:56 | 000,806,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/09/24 19:01:56 | 000,806,080 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2013/11/14 12:29:33 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2013/09/24 19:01:44 | 000,208,896 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2013/09/24 19:01:44 | 000,208,896 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2013/09/24 19:01:44 | 000,208,896 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/09/24 19:01:56 | 000,806,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/09/24 19:01:56 | 000,806,080 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 14 bytes -> C:\Windows\system.ini:c1_encryption_d
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >
Avatar du membre
par etoile127
#20383
Encore moi,je tape sur correction et voile le rapport
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*. > in the current context!
Error: Unable to interpret <%ALLUSERSPROFILE%\Application Data\*.exe /s > in the current context!
Error: Unable to interpret <%APPDATA%\*. > in the current context!
Error: Unable to interpret <%APPDATA%\*.exe /s > in the current context!
Error: Unable to interpret <%temp%\*.exe /s > in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe > in the current context!
Error: Unable to interpret <%systemroot%\*. /mp /s > in the current context!
Error: Unable to interpret <%systemroot%\system32\consrv.dll > in the current context!
Error: Unable to interpret <%systemroot%\system32\*.dll /lockedfiles > in the current context!
Error: Unable to interpret <%windir%\Tasks\*.job /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\system32\drivers\*.sys /lockedfiles > in the current context!
Error: Unable to interpret <%systemroot%\System32\config\*.sav > in the current context!
Error: Unable to interpret </md5start > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
Error: Unable to interpret <winlogon.exe > in the current context!
Error: Unable to interpret <services.exe > in the current context!
Error: Unable to interpret <wininit.exe > in the current context!
Error: Unable to interpret </md5stop > in the current context!
Error: Unable to interpret <HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s > in the current context!
Error: Unable to interpret <HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s > in the current context!
Error: Unable to interpret <HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s > in the current context!
Error: Unable to interpret <nslookup http://www.google.fr" onclick="window.open(this.href);return false; /c > in the current context!
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /rs > in the current context!
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /64 /rs > in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 12032013_173650
Je m'excuse de vous prendre la tète avec tout ça.Au faites pourquoi quand je lance le scan avec SFTGC,je ne peux plus avoir accès à  internet et plus d'icone sur le bureau.Donc obliger de redémarrer le pc :merci2:

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)