7 sujets de 1 à 7 (sur un total de 7)
  • Auteur
    Messages
  • etoile127
    Participant
    Nombre d'articles : 14

    Boujour,depuis pas mal de temps ma page se fige et autre la souris déconne totalement ou ne répond plus ou alors le rond qui tourne,tourne,tourne.Aucun virus avec AVG internet Security,je scanne avec Malwareb Pro ainsi que Spybot Destroy et parés un coup avec CCleaner.Et malgré tout le nettoyage problème :faché15: persiste.Don j’a itelecharger Usbfix,lui aussi s’arrête de scanner à 25%.Alors SVP que faire :interro: :interro: Ma page internet est Google Chrorme,Wins 7.Je vous remercie par avance de votre aide :merci2: :bye:

    Anonyme
    Nombre d'articles : 0

    Hello :hello: ,

    Bienvenue sur SosVirus :welcome:

    • Télécharge SFTGC.exe (de Pierre13) sur ton Bureau et pas ailleurs !.
    • Lance SFTGC, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur GO

      Note : A la fin un rapport va s’ouvrir

    • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à été créé.
    • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    [hr:296eowa1]

    Nous allons éffectuer un diagnostic de ton ordinateur :

    • Télécharge OTL de Old_Timer et enregistre le sur le Bureau
    • Ferme toutes les autres fenêtres et double-clique sur OTL.exe
    • Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu’adminsitrateur.
    • Vérifie que les cases Tous les utilisateurs, Recherche Lop et Recherche Purity soient cochées.
    • Dans le cadre Personnalisation, copie-colle l’intégralité de ce qui suit :
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%Application Data*.
    %ALLUSERSPROFILE%Application Data*.exe /s
    %APPDATA%*.
    %APPDATA%*.exe /s
    %temp%*.exe /s
    %SYSTEMDRIVE%*.exe
    %systemroot%*. /mp /s
    %systemroot%system32consrv.dll
    %systemroot%system32*.dll /lockedfiles
    %windir%Tasks*.job /lockedfiles
    %systemroot%system32drivers*.sys /lockedfiles
    %systemroot%System32config*.sav
    /md5start
    explorer.exe
    winlogon.exe
    services.exe
    wininit.exe
    /md5stop
    HKEY_CLASSES_ROOTCLSID{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InprocServer32 /s
    HKEY_LOCAL_MACHINESYSTEMSYSTEMCurrentControlSetServiceslanmanserverparameters /s
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystems /s
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerAppCertDlls /s
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileList /s
    HKEY_LOCAL_MACHINESoftwareMicrosoftCommand Processor /s
    HKEY_CURRENT_USERSoftwareMicrosoftCommand Processor /s
    CREATERESTOREPOINT
    nslookup http://www.google.fr /c
    hklmsoftwareclientsstartmenuinternet|command /rs
    hklmsoftwareclientsstartmenuinternet|command /64 /rs
    CREATERESTOREPOINT
    SAVEMBR:0

    • Clique sur Analyse

    • Une fois le scan terminé 1 ou 2 rapports vont s’ouvrir OTL.txt et Extras.txt.
    • Héberge les rapports OTL.txt et Extras.txt sur cjoint.com, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

      Note : Au cas où, tu peux les retrouver dans le dossier C:OTL ou sur ton bureau en fonction des cas rencontrés

    etoile127
    Participant
    Nombre d'articles : 14

    Boujour,je vous remercie de vos reponses:ci-dessus le lien de SFTGC

    https://antimalware.top/log/SosUpload.fe72220d574cb56255abd20039c914fc.txt” onclick=”window.open(this.href);return false;

    Le rapport OTL

    OTL Extras logfile created on: 03/12/2013 16:01:19 – Run 1
    OTL by OldTimer – Version 3.2.69.0 Folder = C:UsersSaidaDownloadsPrograms
    Professional Service Pack 1 (Version = 6.1.7601) – Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16384)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 0,40 Gb Available Physical Memory | 20,15% Memory free
    5,00 Gb Paging File | 3,00 Gb Available in Paging File | 60,02% Paging File free
    Paging file location(s): C:pagefile.sys 3070 3070 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files
    Drive C: | 148,95 Gb Total Space | 24,99 Gb Free Space | 16,78% Space Free | Partition Type: NTFS
    Drive E: | 7,45 Gb Total Space | 5,74 Gb Free Space | 77,08% Space Free | Partition Type: FAT32

    Computer Name: SAIDA-PC | User Name: Saida | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========

    ========== File Associations ==========

    [HKEY_LOCAL_MACHINESOFTWAREClasses]
    .cpl [@ = cplfile] — C:WindowsSystem32control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] — C:Windowswinhlp32.exe (Microsoft Corporation)
    .html [@ = Reg Error: Value error.] — Reg Error: Key error. File not found

    [HKEY_USERSS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREClasses]
    .html [@ = ChromeHTML] — Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINESOFTWAREClassesshell[command]command]
    batfile [open] — “%1” %*
    cmdfile [open] — “%1” %*
    comfile [open] — “%1” %*
    cplfile [cplopen] — %SystemRoot%System32control.exe “%1”,%* (Microsoft Corporation)
    exefile [open] — “%1” %*
    helpfile [open] — Reg Error: Key error.
    hlpfile [open] — %SystemRoot%winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] — Reg Error: Key error.
    htmlfile [print] — “%systemroot%system32rundll32.exe” “%systemroot%system32mshtml.dll”,PrintHTML “%1”
    inffile [install] — %SystemRoot%System32InfDefaultInstall.exe “%1” (Microsoft Corporation)
    piffile [open] — “%1” %*
    regfile [merge] — Reg Error: Key error.
    scrfile [config] — “%1”
    scrfile [install] — rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] — “%1” /S
    txtfile [edit] — Reg Error: Key error.
    Directory [AddToPlaylistVLC] — “C:Program FilesVideoLANVLCvlc.exe” –started-from-file –playlist-enqueue “%1” (VideoLAN)
    Directory [cmd] — cmd.exe /s /k pushd “%V” (Microsoft Corporation)
    Directory [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] — “C:Program FilesVideoLANVLCvlc.exe” –started-from-file –no-playlist-enqueue “%1” (VideoLAN)
    Folder [open] — %SystemRoot%Explorer.exe (Microsoft Corporation)
    Folder [explore] — Reg Error: Key error.
    Drive [find] — %SystemRoot%Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]
    “cval” = 1

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]
    “VistaSp1” = Reg Error: Unknown registry data type — File not found
    “AntiVirusOverride” = 0
    “AntiSpywareOverride” = 0
    “FirewallOverride” = 0

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvcVol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]
    “DisableNotifications” = 0
    “EnableFirewall” = 1

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]
    “DisableNotifications” = 0
    “EnableFirewall” = 1
    “DoNotAllowExceptions” = 0

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]
    “DisableNotifications” = 0
    “EnableFirewall” = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]

    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
    “{03CED74D-9877-4A86-94B1-988E643A65F3}” = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    “{06DCDA99-3269-46C2-97C9-AE272E47D282}” = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%system32svchost.exe |
    “{081FA8AE-A126-474F-8C1B-76AD25FB2D68}” = lport=48114 | protocol=6 | dir=in | name=maconfig_tcptls |
    “{121D0C31-F006-4B28-BA96-362B8C8395E4}” = lport=10243 | protocol=6 | dir=in | app=system |
    “{14006528-1E76-4BAB-BC16-5D0EF9FB53D2}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%system32svchost.exe |
    “{1FC5BE69-752A-48D3-A89D-1AF31D874A5C}” = lport=2869 | protocol=6 | dir=in | app=system |
    “{20514FC5-CDD9-4AC0-BB5B-DDEA5561AE2D}” = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%system32svchost.exe |
    “{2AD05DDB-430E-4400-AD3F-B21184857CD2}” = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
    “{2D0EDB26-76F3-41F2-B5EA-8E4E88DCDA0E}” = lport=445 | protocol=6 | dir=in | app=system |
    “{2F0F47B2-03BA-4ED1-8B6C-E498CD55F965}” = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
    “{31AB36DB-2A8A-4864-9802-49D3F50B3C20}” = lport=139 | protocol=6 | dir=in | app=system |
    “{3B00960F-4FE4-428D-88A9-E2DD7C9497C3}” = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    “{4188AA0B-EC49-45A9-859F-9D5494DA549D}” = rport=445 | protocol=6 | dir=out | app=system |
    “{420D52EF-2037-49AA-A121-2B74DF6CA113}” = rport=137 | protocol=17 | dir=out | app=system |
    “{46644C71-ED82-48CB-9B1D-A295194E36A5}” = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    “{54E0A301-CB0A-4A17-BBD1-BB77C5692E1A}” = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%system32spoolsv.exe |
    “{641F21ED-6809-4776-A605-E28152BA9A88}” = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%system32svchost.exe |
    “{77E59730-7ADE-48C5-9931-D548E27FDD4B}” = lport=137 | protocol=17 | dir=in | app=system |
    “{82F4422E-73EA-47B6-B959-35A09AA14CFF}” = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%system32svchost.exe |
    “{84E11CDD-9AD7-4F8F-8230-D8E24CCDE8B2}” = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%system32svchost.exe |
    “{98F17FD2-8F98-4B06-B1D7-80C127B72204}” = rport=139 | protocol=6 | dir=out | app=system |
    “{9B7DA9ED-CA89-4226-A9E2-7ED2778739F0}” = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%system32svchost.exe |
    “{AA1BD460-744C-4CD8-AB1F-A1722AAF6D8F}” = rport=10243 | protocol=6 | dir=out | app=system |
    “{CB996A1E-457E-4026-AAB8-3BE0060BEEAC}” = rport=138 | protocol=17 | dir=out | app=system |
    “{D6486CE0-EAE7-4C34-9330-2B0966F72DD6}” = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%system32svchost.exe |
    “{DB4F41F9-7379-4761-B3F3-5D4C6FFA5D9E}” = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
    “{DCD7D969-FE5D-4F98-94BA-3A61CB671A1D}” = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%system32svchost.exe |
    “{DCFA98C8-B62F-4E32-9F4E-FC72E5EA8AA5}” = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%system32svchost.exe |
    “{E4B31318-F49F-40A3-86D2-0AD9F83CA57F}” = lport=138 | protocol=17 | dir=in | app=system |
    “{EE5EC78D-BAC2-42FE-A196-61DB2B2317AB}” = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]
    “{04BD8AC3-FC5D-4F93-8573-7C46ED9CDD74}” = protocol=6 | dir=in | app=c:program filesxinetxfernettransport.exe |
    “{04D19B9D-747D-4281-93EC-8BCDF27EAA91}” = protocol=17 | dir=out | app=%programfiles%windows media playerwmplayer.exe |
    “{05657F43-A18E-448A-A578-727951F94A88}” = protocol=17 | dir=in | app=c:program filesxinetxfernettransport.exe |
    “{0803430B-B5CA-4F96-92AD-5FF530854FF8}” = protocol=17 | dir=out | app=%programfiles%windows media playerwmplayer.exe |
    “{0EE4CBCC-B0DF-426A-884C-F050CEA3CFAD}” = protocol=6 | dir=in | app=%programfiles%windows media playerwmpnetwk.exe |
    “{12E04A95-321A-47FF-BB90-2A4588B57E42}” = protocol=17 | dir=in | app=c:windowssystem32msiexec.exe |
    “{214AA27C-459F-4168-A733-1A0F5112542E}” = protocol=17 | dir=in | app=c:program filesfreemi upnp media serverfreemi upnp media server.exe |
    “{27197BB0-6C57-4EDE-BABE-AD95793FD655}” = dir=in | app=c:program fileswindows livemeshmoe.exe |
    “{2BD42583-1AE7-4E19-B606-A957A49CF81B}” = protocol=17 | dir=in | app=c:program filesmicrosoft lifecamlifeenc2.exe |
    “{351360DF-C6CD-4BB2-81D5-732810CFEDCD}” = protocol=6 | dir=in | app=c:program filesmicrosoft lifecamlifeexp.exe |
    “{40B878C2-1B65-42C4-9BD6-210ED028871C}” = protocol=6 | dir=out | app=%programfiles%windows media playerwmpnetwk.exe |
    “{52AFC602-A8EF-4BE8-ACC5-2BA55300EF68}” = protocol=6 | dir=in | app=c:program filesma-config.commaconfigagent.exe |
    “{5A70A5B5-CD74-46F8-BF58-46D95CD87A27}” = dir=in | app=c:program fileswindows livecontactswlcomm.exe |
    “{5DDAD4A0-433B-44A7-99F4-ECFE1CEAF112}” = protocol=17 | dir=in | app=c:program filesma-config.commaconfigagent.exe |
    “{61675218-EC93-40F5-86B5-E4C989DAC473}” = protocol=17 | dir=in | app=c:program filesmicrosoft lifecamlifeexp.exe |
    “{64626EF8-4666-4450-A232-261B26B93942}” = protocol=6 | dir=out | app=%programfiles%windows media playerwmplayer.exe |
    “{673E56EB-2D18-4166-B697-6E530088C061}” = protocol=17 | dir=out | app=%programfiles%windows media playerwmpnetwk.exe |
    “{67F87B6C-1411-4799-B07F-423E0615A49A}” = protocol=17 | dir=in | app=c:program filesavgavg2013avgmfapx.exe |
    “{6B29D08B-7DD2-4655-9149-375717AFDBDE}” = protocol=6 | dir=in | app=c:program filesavgavg2013avgdiagex.exe |
    “{771D4C9D-ABD4-4015-98D2-37CE45FF2143}” = dir=in | app=c:program fileswindows livemessengermsnmsgr.exe |
    “{7ACEC610-D1DC-4560-8323-3EEE77C0FBBD}” = protocol=17 | dir=in | app=c:program filesavgavg2013avgdiagex.exe |
    “{7BEEE933-8375-465C-A9B8-4A95B38567C9}” = protocol=17 | dir=in | app=%programfiles%windows media playerwmplayer.exe |
    “{7C42AE17-67E1-44C9-BFFB-68021E4F3C0E}” = protocol=6 | dir=in | app=c:program filesavgavg2013avgnsx.exe |
    “{7E7E359F-E930-4611-9604-9DDAD3E216F0}” = protocol=17 | dir=in | app=%programfiles%windows media playerwmplayer.exe |
    “{8233ADCB-F9EA-46EE-9E9C-CA1314D0030C}” = protocol=6 | dir=in | app=c:program filesavgavg2013avgmfapx.exe |
    “{869EAC66-3D93-44F9-9D48-66E9789EDF3C}” = protocol=6 | dir=in | app=c:windowssystem32msiexec.exe |
    “{8ABE190E-9C43-469A-8ED4-FF00FAB87A72}” = protocol=6 | dir=in | app=c:program filesavgavg2013avgemcx.exe |
    “{91BF3C95-7E31-42BF-BA1C-B83913361369}” = protocol=17 | dir=in | app=c:program filesmicrosoft lifecamlifetray.exe |
    “{95BA9516-13C5-4CB1-A6FE-469FC80D9EA1}” = protocol=6 | dir=in | app=c:program filesmicrosoft lifecamlifecam.exe |
    “{A8FCDF5E-29A3-4C4F-AF0C-A3980247A016}” = protocol=17 | dir=in | app=%programfiles%windows media playerwmpnetwk.exe |
    “{AADC21D3-38EA-43FB-B34E-52A691EC4F51}” = protocol=6 | dir=out | svc=upnphost | app=%systemroot%system32svchost.exe |
    “{BF3D49BD-362C-439D-96CA-9E0689BB695C}” = protocol=6 | dir=in | app=c:program filesfreemi upnp media serverfreemi upnp media server.exe |
    “{CA01FB32-0616-49E0-A849-F9D335DD642A}” = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    “{CF9E83EB-EF49-4497-B0B9-E14010BF20F7}” = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    “{D9644C95-6998-40A6-AD82-DDF59B9CD903}” = protocol=17 | dir=in | app=c:program filesavgavg2013avgnsx.exe |
    “{DF43C8EE-FC16-4825-AF36-ADE2AFADB568}” = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    “{E03BBC23-0CD8-470F-A0D8-21F250FE10DF}” = protocol=6 | dir=out | app=%programfiles%windows media playerwmplayer.exe |
    “{E0EE3C0E-631B-417E-A406-732848544E53}” = protocol=17 | dir=in | app=c:program filesavgavg2013avgemcx.exe |
    “{E4D6A7B3-84A5-449C-AD0F-95CB4FFC2A70}” = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    “{E7EA2F47-47BD-448C-B938-F3F6BD69FCEE}” = protocol=6 | dir=out | app=system |
    “{E84CA469-E5FB-44C2-BA4A-430ABB9F0C1F}” = protocol=6 | dir=in | app=c:program filesmicrosoft lifecamlifetray.exe |
    “{EFE24E45-C977-45EC-B5EB-F6AC1854E1B2}” = protocol=6 | dir=in | app=c:program filesmicrosoft lifecamlifeenc2.exe |
    “{FB75ED18-521E-4437-80F7-E52DC95935CA}” = protocol=17 | dir=in | app=c:program filesmicrosoft lifecamlifecam.exe |
    “TCP Query User{02CC9AEE-E420-4307-9B80-F4934655D292}C:program filesfreemi upnp media serverfreemi upnp media server.exe” = protocol=6 | dir=in | app=c:program filesfreemi upnp media serverfreemi upnp media server.exe |
    “UDP Query User{808C020A-F9D9-454F-9D3C-D379631C0C7A}C:program filesfreemi upnp media serverfreemi upnp media server.exe” = protocol=17 | dir=in | app=c:program filesfreemi upnp media serverfreemi upnp media server.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]
    “{05E379CC-F626-4E7D-8354-463865B303BF}” = Windows Live UX Platform Language Pack
    “{0B0F231F-CE6A-483D-AA23-77B364F75917}” = Windows Live Installer
    “{0CD47142-BA4F-46B0-AA92-2675864928B8}” = Microsoft Security Client
    “{167A6CE9-BC1C-41AD-A329-4EF11A118B00}” = Nitro PDF Professional
    “{18455581-E099-4BA8-BC6B-F34B2F06600C}” = Google Toolbar for Internet Explorer
    “{19A4A990-5343-4FF7-B3B5-6F046C091EDF}” = Windows Live Remote Client
    “{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}” = Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148
    “{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}” = Junk Mail filter update
    “{200FEC62-3C34-4D60-9CE8-EC372E01C08F}” = Windows Live SOXE Definitions
    “{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}” = Windows Live Remote Service
    “{2318C2B1-4965-11d4-9B18-009027A5CD4F}” = Google Toolbar for Internet Explorer
    “{26A24AE4-039D-4CA4-87B4-2F83217025F0}” = Java 7 Update 25
    “{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}” = RealUpgrade 1.1
    “{3336F667-9049-4D46-98B6-4C743EEBC5B1}” = Windows Live Photo Gallery
    “{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}” = Windows Live
    “{3B9A92DA-6374-4872-B646-253F18624D5F}” = Windows Live Writer
    “{3D3E663D-4E7E-4577-A560-7ECDDD45548A}” = PVSonyDll
    “{488F0347-C4A7-4374-91A7-30818BEDA710}” = Galerie de photos Windows Live
    “{4903D172-DCCB-392F-93A3-34CA9D47FE3D}” = Microsoft .NET Framework 4.5.1
    “{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater
    “{55D003F4-9599-44BF-BA9E-95D060730DD3}” = Contrôle ActiveX Windows Live Mesh pour connexions à distance
    “{5F8683B5-5056-411C-B808-B289E29E9BBB}” = Outil de téléchargement USB/DVD Windows 7
    “{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}” = Microsoft LifeCam
    “{62687B11-58B5-4A18-9BC3-9DF4CE03F194}” = Windows Live Writer Resources
    “{6280C3D1-00A3-4E79-BDF6-98332A29B706}” = AVG 2013
    “{682B3E4F-696A-42DE-A41C-4C07EA1678B4}” = Windows Live SOXE
    “{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}” = Windows Live Movie Maker
    “{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}” = Complément Messenger
    “{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable
    “{770657D0-A123-3C07-8E44-1C83EC895118}” = Microsoft Visual C++ 2005 ATL Update kb973923 – x86 8.0.50727.4053
    “{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}” = Windows Live Messenger Companion Core
    “{7E265513-8CDA-4631-B696-F40D983F3B07}_is1” = CDBurnerXP
    “{83C292B7-38A5-440B-A731-07070E81A64F}” = Windows Live PIMT Platform
    “{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}” = Windows Live Mesh
    “{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight
    “{8C6D6116-B724-4810-8F2D-D047E6B7D68E}” = Mesh Runtime
    “{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}” = MSVCRT
    “{92EA4134-10D1-418A-91E1-5A0453131A38}” = Windows Live Movie Maker
    “{92FB6C44-E685-45AD-9B20-CADF4CABA132} – 1036” = Microsoft .NET Framework 4.5.1 (Français)
    “{933B4015-4618-4716-A828-5289FC03165F}” = VC80CRTRedist – 8.0.50727.6195
    “{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}” = Microsoft IntelliPoint 8.2
    “{95120000-00AF-040C-0000-0000000FF1CE}” = Microsoft Office PowerPoint Viewer 2007 (French)
    “{95120000-00B9-0409-0000-0000000FF1CE}” = Microsoft Application Error Reporting
    “{99D2E91E-DD71-4909-BACD-47CE043B94A9}” = AVG 2013
    “{9A25302D-30C0-39D9-BD6F-21E6EC160475}” = Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17
    “{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}” = Microsoft IntelliType Pro 8.2
    “{9BE518E6-ECC6-35A9-88E4-87755C07200F}” = Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161
    “{9D10CB57-B085-44c3-B435-2D193BA153F0}” = Conseiller de mise à niveau vers Windows 7
    “{9D318C86-AF4C-409F-A6AC-7183FF4CF424}” = Internet TV pour Windows Media Center
    “{9D56775A-93F3-44A3-8092-840E3826DE30}” = Windows Live Mail
    “{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}” = Windows Live Mail
    “{A6C19562-4A16-48D7-BF08-76B0673FF218}” = IObit Apps Toolbar v6.7
    “{A726AE06-AAA3-43D1-87E3-70F510314F04}” = Windows Live Writer
    “{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}” = Google Update Helper
    “{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}” = Windows Live Photo Common
    “{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}” = Windows Live Writer
    “{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}” = Windows Live Messenger
    “{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}” = Windows Live Remote Service Resources
    “{AF844339-2F8A-4593-81B3-9F4C54038C4E}” = Windows Live MIME IFilter
    “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel” = Panneau de configuration NVIDIA 307.83
    “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver” = NVIDIA Pilote graphique 307.83
    “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update” = Mises à jour NVIDIA 1.10.8
    “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer” = NVIDIA Install Application
    “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update” = NVIDIA Update Components
    “{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}” = Microsoft Corporation
    “{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1” = Spybot – Search & Destroy
    “{C507986C-A83D-3F09-9099-5E1AF20BE648}” = Microsoft .NET Framework 4.5.1 (FRA)
    “{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}” = Windows Live ID Sign-in Assistant
    “{C893D8C0-1BA0-4517-B11C-E89B65E72F70}” = Windows Live Photo Common
    “{CC158E44-6465-402E-B2BB-D86C455670FF}” = Ma-Config.com
    “{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}” = Windows Live UX Platform
    “{D45240D3-B6B3-4FF9-B243-54ECE3E10066}” = Windows Live Communications Platform
    “{DECDCB7C-58CC-4865-91AF-627F9798FE48}” = Windows Live Mesh
    “{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}” = Windows Live Remote Client Resources
    “{E09C4DB7-630C-4F06-A631-8EA7239923AF}” = D3DX10
    “{E5B21F11-6933-4E0B-A25C-7963E3C07D11}” = Windows Live Messenger
    “{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1” = Wise Care 365 version 2.83
    “{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}” = Microsoft SQL Server 2005 Compact Edition [ENU]
    “{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}” = Microsoft Visual C++ 2010 x86 Redistributable – 10.0.40219
    “{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}” = Realtek High Definition Audio Driver
    “7-Zip” = 7-Zip 9.20
    “Adobe Flash Player ActiveX” = Adobe Flash Player 11 ActiveX
    “Advanced SystemCare 7_is1” = Advanced SystemCare 7
    “AVG” = AVG 2013
    “AVG Secure Search” = AVG Security Toolbar
    “CanonMyPrinter” = Canon My Printer
    “CCleaner” = CCleaner
    “FreeMi UPnP Media Server” = FreeMi UPnP Media Server
    “Google Chrome” = Google Chrome
    “Internet Download Manager” = Internet Download Manager
    “IObit Malware Fighter_is1” = IObit Malware Fighter
    “IObit Surfing Protection_is1” = Surfing Protection
    “IObitUninstall” = IObit Uninstaller
    “iPrint_is1” = iPrint
    “KeyScrambler” = KeyScrambler
    “Malwarebytes’ Anti-Malware_is1” = Malwarebytes Anti-Malware version 1.75.0.1300
    “Microsoft IntelliPoint 8.2” = Microsoft IntelliPoint 8.2
    “Microsoft IntelliType Pro 8.2” = Microsoft IntelliType Pro 8.2
    “Microsoft Security Client” = Microsoft Security Essentials
    “MouseSuite98” = Mouse Suite
    “mv61xxDriver” = marvell 61xx
    “NVIDIA Display Control Panel” = NVIDIA Display Control Panel
    “Usbfix” = UsbFix By El Desaparecido
    “VLC media player” = VLC media player 2.0.8
    “WindowsProcessSecurity” = Windows Process Security 2.1
    “WinLiveSuite” = Windows Live

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error – 28/01/2013 07:19:38 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « c:program filesspybot
    – search & destroyDelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie
    « c:program filesspybot – search & destroyDelZip179.dll » à la ligne 8. La valeur
    « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide.

    Error – 29/01/2013 15:54:15 | Computer Name = Saida-PC | Source = Application Error | ID = 1000
    Description = Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.17567,
    horodatage : 0x4d6727a7 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
    : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x018680f8 ID du processus
    défaillant : 0x23c Heure de début de l’application défaillante : 0x01cdfe34632b993a
    Chemin
    d’accès de l’application défaillante : C:WindowsExplorer.EXE Chemin d’accès du
    module défaillant: unknown ID de rapport : a8abd4be-6a4d-11e2-addb-001a4d1cf6a4

    Error – 29/01/2013 17:01:21 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour « C:Program FilesCommon
    FilesSpigotSearch SettingsSearchSettings64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language=”*”,processorArchitecture=”amd64″,publicKeyToken=”6595b64144ccf1df”,type=”win32″,version=”6.0.0.0″
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error – 29/01/2013 17:07:07 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « c:program filesspybot
    – search & destroyDelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie
    « c:program filesspybot – search & destroyDelZip179.dll » à la ligne 8. La valeur
    « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide.

    Error – 01/02/2013 06:51:48 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour « C:Program FilesCommon
    FilesSpigotSearch SettingsSearchSettings64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language=”*”,processorArchitecture=”amd64″,publicKeyToken=”6595b64144ccf1df”,type=”win32″,version=”6.0.0.0″
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error – 01/02/2013 06:57:22 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « c:program filesspybot
    – search & destroyDelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie
    « c:program filesspybot – search & destroyDelZip179.dll » à la ligne 8. La valeur
    « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide.

    Error – 01/02/2013 14:57:59 | Computer Name = Saida-PC | Source = Application Error | ID = 1000
    Description = Nom de l’application défaillante FLVToX.exe, version : 2.0.0.163,
    horodatage : 0x507ec2b0 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
    : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000001 ID du processus
    défaillant : 0x1af0 Heure de début de l’application défaillante : 0x01ce00adfede5137
    Chemin
    d’accès de l’application défaillante : C:Program FilesFree FLV ConverterFLVToX.exe
    Chemin
    d’accès du module défaillant: unknown ID de rapport : 4b990dc0-6ca1-11e2-9ae0-001a4d1cf6a4

    Error – 01/02/2013 14:58:51 | Computer Name = Saida-PC | Source = Application Error | ID = 1000
    Description = Nom de l’application défaillante FLVToX.exe, version : 2.0.0.163,
    horodatage : 0x507ec2b0 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage
    : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000001 ID du processus
    défaillant : 0x1988 Heure de début de l’application défaillante : 0x01ce00ae2140653a
    Chemin
    d’accès de l’application défaillante : C:Program FilesFree FLV ConverterFLVToX.exe
    Chemin
    d’accès du module défaillant: unknown ID de rapport : 6a8e4fcb-6ca1-11e2-9ae0-001a4d1cf6a4

    Error – 02/02/2013 11:45:10 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour « C:Program FilesCommon
    FilesSpigotSearch SettingsSearchSettings64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language=”*”,processorArchitecture=”amd64″,publicKeyToken=”6595b64144ccf1df”,type=”win32″,version=”6.0.0.0″
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error – 02/02/2013 11:49:43 | Computer Name = Saida-PC | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « c:program filesspybot
    – search & destroyDelZip179.dll ». Erreur dans le fichier de manifeste ou de stratégie
    « c:program filesspybot – search & destroyDelZip179.dll » à la ligne 8. La valeur
    « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide.

    [ Media Center Events ]
    Error – 16/03/2012 08:32:53 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
    Description = 13:32:46 – Erreur de connexion à Internet. 13:32:46 – Impossible
    de contacter le service..

    Error – 17/03/2012 15:23:09 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
    Description = 20:23:09 – Erreur de connexion à Internet. 20:23:09 – Impossible
    de contacter le service..

    Error – 17/03/2012 15:23:18 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
    Description = 20:23:14 – Erreur de connexion à Internet. 20:23:14 – Impossible
    de contacter le service..

    Error – 18/03/2012 18:51:20 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
    Description = 23:51:20 – Erreur de connexion à Internet. 23:51:20 – Impossible
    de contacter le service..

    Error – 18/03/2012 18:51:31 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
    Description = 23:51:25 – Erreur de connexion à Internet. 23:51:25 – Impossible
    de contacter le service..

    Error – 19/03/2012 13:02:13 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
    Description = 18:02:12 – Erreur de connexion à Internet. 18:02:13 – Impossible
    de contacter le service..

    Error – 19/03/2012 13:02:24 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
    Description = 18:02:18 – Erreur de connexion à Internet. 18:02:18 – Impossible
    de contacter le service..

    Error – 20/03/2012 05:07:15 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
    Description = 10:07:14 – Erreur de connexion à Internet. 10:07:14 – Impossible
    de contacter le service..

    Error – 20/03/2012 05:07:25 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
    Description = 10:07:20 – Erreur de connexion à Internet. 10:07:20 – Impossible
    de contacter le service..

    Error – 31/03/2012 07:40:28 | Computer Name = Saida-PC | Source = MCUpdate | ID = 0
    Description = 13:40:21 – Erreur de connexion à Internet. 13:40:21 – Impossible
    de contacter le service..

    [ System Events ]
    Error – 03/12/2013 11:35:41 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7023
    Description = Le service Windows Search s’est arrêté avec l’erreur : %%2

    Error – 03/12/2013 11:35:41 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7034
    Description = Le service Windows Search s’est terminé de façon inattendue pour la
    41ème fois.

    Error – 03/12/2013 11:36:12 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7023
    Description = Le service Windows Search s’est arrêté avec l’erreur : %%2

    Error – 03/12/2013 11:36:12 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7034
    Description = Le service Windows Search s’est terminé de façon inattendue pour la
    42ème fois.

    Error – 03/12/2013 11:36:42 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7023
    Description = Le service Windows Search s’est arrêté avec l’erreur : %%2

    Error – 03/12/2013 11:36:42 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7034
    Description = Le service Windows Search s’est terminé de façon inattendue pour la
    43ème fois.

    Error – 03/12/2013 11:40:35 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7023
    Description = Le service Windows Search s’est arrêté avec l’erreur : %%2

    Error – 03/12/2013 11:40:35 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7034
    Description = Le service Windows Search s’est terminé de façon inattendue pour la
    44ème fois.

    Error – 03/12/2013 11:41:05 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7023
    Description = Le service Windows Search s’est arrêté avec l’erreur : %%2

    Error – 03/12/2013 11:41:05 | Computer Name = Saida-PC | Source = Service Control Manager | ID = 7034
    Description = Le service Windows Search s’est terminé de façon inattendue pour la
    45ème fois.

    etoile127
    Participant
    Nombre d'articles : 14

    Suite OTL.Txt.Svp dites moi ce que je dois faire exactement,je suis trés nocive question informatique.Je vous remercie par avance :merci2:
    OTL logfile created on: 03/12/2013 16:01:19 – Run 1
    OTL by OldTimer – Version 3.2.69.0 Folder = C:UsersSaidaDownloadsPrograms
    Professional Service Pack 1 (Version = 6.1.7601) – Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16384)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 0,40 Gb Available Physical Memory | 20,15% Memory free
    5,00 Gb Paging File | 3,00 Gb Available in Paging File | 60,02% Paging File free
    Paging file location(s): C:pagefile.sys 3070 3070 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files
    Drive C: | 148,95 Gb Total Space | 24,99 Gb Free Space | 16,78% Space Free | Partition Type: NTFS
    Drive E: | 7,45 Gb Total Space | 5,74 Gb Free Space | 77,08% Space Free | Partition Type: FAT32

    Computer Name: SAIDA-PC | User Name: Saida | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC – [2013/12/03 11:03:37 | 002,861,328 | —- | M] (Microsoft Corporation) — C:WindowsSoftwareDistributionDownloadInstallAM_Delta.exe
    PRC – [2013/12/02 20:24:23 | 000,602,112 | —- | M] (OldTimer Tools) — C:UsersSaidaDownloadsProgramsOTL.exe
    PRC – [2013/11/30 20:08:51 | 002,420,248 | —- | M] () — C:Program FilesAVG Secure Searchvprot.exe
    PRC – [2013/11/30 20:08:48 | 001,734,680 | —- | M] (AVG Secure Search) — C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater17.1.2ToolbarUpdater.exe
    PRC – [2013/11/30 20:08:45 | 000,159,768 | —- | M] () — C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater17.1.2loggingserver.exe
    PRC – [2013/11/22 08:19:33 | 003,825,232 | —- | M] (Tonec Inc.) — C:Program FilesInternet Download ManagerIDMan.exe
    PRC – [2013/11/19 11:21:30 | 000,230,048 | —- | M] (Microsoft Corporation) — C:WindowsSystem32MpSigStub.exe
    PRC – [2013/11/14 19:16:50 | 000,508,144 | —- | M] (QFX Software Corporation) — C:Program FilesKeyScramblerKeyScrambler.exe
    PRC – [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.) — C:Program FilesGoogleChromeApplicationchrome.exe
    PRC – [2013/11/11 15:42:02 | 000,764,192 | —- | M] (IObit) — C:Program FilesIObitAdvanced SystemCare 7Monitor.exe
    PRC – [2013/10/25 12:07:38 | 001,120,032 | —- | M] () — C:Program FilesIObitAdvanced SystemCare 7RealTimeProtector.exe
    PRC – [2013/10/25 12:07:24 | 002,151,200 | —- | M] (IObit) — C:Program FilesIObitLiveUpdateLiveUpdate.exe
    PRC – [2013/10/25 12:07:00 | 000,878,368 | —- | M] (IObit) — C:Program FilesIObitAdvanced SystemCare 7ASCService.exe
    PRC – [2013/10/23 15:01:10 | 000,300,552 | —- | M] (Microsoft Corporation) — c:Program FilesMicrosoft Security ClientMpCmdRun.exe
    PRC – [2013/10/23 15:01:10 | 000,280,288 | —- | M] (Microsoft Corporation) — c:Program FilesMicrosoft Security ClientNisSrv.exe
    PRC – [2013/10/23 15:01:10 | 000,022,208 | —- | M] (Microsoft Corporation) — c:Program FilesMicrosoft Security ClientMsMpEng.exe
    PRC – [2013/10/23 14:55:28 | 000,948,440 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft Security Clientmsseces.exe
    PRC – [2013/09/23 00:17:34 | 004,411,952 | —- | M] (AVG Technologies CZ, s.r.o.) — C:Program FilesAVGAVG2013avgui.exe
    PRC – [2013/09/23 00:17:30 | 001,117,744 | —- | M] (AVG Technologies CZ, s.r.o.) — C:Program FilesAVGAVG2013avgnsx.exe
    PRC – [2013/09/08 17:25:06 | 001,786,704 | —- | M] (CybelSoft) — C:Program Filesma-config.comMaConfigAgent.exe
    PRC – [2013/09/04 09:20:38 | 001,432,080 | —- | M] (AVG Technologies CZ, s.r.o.) — C:Program FilesAVGAVG2013avgfws.exe
    PRC – [2013/08/23 13:29:54 | 001,174,152 | —- | M] (WiseCleaner.com) — C:Program FilesWiseWise Care 365WiseTray.exe
    PRC – [2013/08/16 17:09:02 | 001,549,120 | —- | M] (IObit) — C:Program FilesIObitIObit Malware FighterIMF.exe
    PRC – [2013/08/02 01:52:57 | 000,271,360 | —- | M] (Microsoft Corporation) — C:WindowsSystem32conhost.exe
    PRC – [2013/07/23 18:09:28 | 000,283,136 | —- | M] (AVG Technologies CZ, s.r.o.) — C:Program FilesAVGAVG2013avgwdsvc.exe
    PRC – [2013/07/10 00:33:22 | 000,452,144 | —- | M] (AVG Technologies CZ, s.r.o.) — C:Program FilesAVGAVG2013avgcsrvx.exe
    PRC – [2013/07/04 14:53:28 | 000,763,952 | —- | M] (AVG Technologies CZ, s.r.o.) — C:Program FilesAVGAVG2013avgrsx.exe
    PRC – [2013/07/04 14:53:10 | 004,939,312 | —- | M] (AVG Technologies CZ, s.r.o.) — C:Program FilesAVGAVG2013avgidsagent.exe
    PRC – [2013/04/25 15:54:10 | 000,335,168 | —- | M] (IObit) — C:Program FilesIObitIObit Malware FighterIMFsrv.exe
    PRC – [2013/04/04 13:50:32 | 000,701,512 | —- | M] (Malwarebytes Corporation) — C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe
    PRC – [2013/04/04 13:50:32 | 000,532,040 | —- | M] (Malwarebytes Corporation) — C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe
    PRC – [2013/03/18 01:38:48 | 000,799,280 | —- | M] (AVG Technologies CZ, s.r.o.) — C:Program FilesAVGAVG2013avgemcx.exe
    PRC – [2013/03/17 16:44:56 | 000,546,712 | —- | M] (Alps Electric Co., Ltd.) — C:Program FilesDellTPadApoint.exe
    PRC – [2013/03/17 16:44:56 | 000,057,720 | —- | M] (Alps Electric Co., Ltd.) — C:Program FilesDellTPadApMsgFwd.exe
    PRC – [2012/11/23 03:48:41 | 000,049,152 | —- | M] (Microsoft Corporation) — C:WindowsSystem32taskhost.exe
    PRC – [2012/06/05 11:07:54 | 000,054,744 | —- | M] (Alps Electric Co., Ltd.) — C:Program FilesDellTPadhidfind.exe
    PRC – [2012/06/05 11:07:54 | 000,054,640 | —- | M] (Alps Electric Co., Ltd.) — C:Program FilesDellTPadApntEx.exe
    PRC – [2011/03/21 12:55:30 | 000,196,928 | —- | M] (Nitro PDF Software) — C:Program FilesNitro PDFProfessionalNitroPDFDriverService.exe
    PRC – [2011/02/25 06:30:54 | 002,616,320 | —- | M] (Microsoft Corporation) — C:Windowsexplorer.exe
    PRC – [2010/11/20 13:16:54 | 000,100,864 | —- | M] (Microsoft Corporation) — C:WindowsSystem32audiodg.exe
    PRC – [2010/05/20 15:27:24 | 000,139,632 | —- | M] (Microsoft Corporation) — C:Program FilesMicrosoft LifeCamMSCamS32.exe
    PRC – [2009/01/26 15:31:10 | 001,153,368 | —- | M] (Safer Networking Ltd.) — C:Program FilesSpybot – Search & DestroySDWinSec.exe
    PRC – [2008/11/09 21:48:14 | 000,602,392 | —- | M] (Yahoo! Inc.) — C:Program FilesYahoo!SoftwareUpdateYahooAUService.exe

    ========== Modules (No Company Name) ==========

    MOD – [2013/12/01 17:32:25 | 000,358,400 | —- | M] () — C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsalelhddbbhepgpmgidjdcjakblofbmce3.5.3_0pluginsscreen_capture.dll
    MOD – [2013/11/30 20:08:54 | 000,519,704 | —- | M] () — C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater17.1.2log4cplusU.dll
    MOD – [2013/11/30 20:08:54 | 000,142,360 | —- | M] () — C:Program FilesCommon FilesAVG Secure SearchSiteSafetyInstaller17.1.2SiteSafety.dll
    MOD – [2013/11/30 20:08:51 | 002,420,248 | —- | M] () — C:Program FilesAVG Secure Searchvprot.exe
    MOD – [2013/11/14 12:29:31 | 000,399,312 | —- | M] () — C:Program FilesGoogleChromeApplication31.0.1650.57ppgooglenaclpluginchrome.dll
    MOD – [2013/11/14 12:29:29 | 004,055,504 | —- | M] () — C:Program FilesGoogleChromeApplication31.0.1650.57pdf.dll
    MOD – [2013/11/14 12:28:37 | 000,702,416 | —- | M] () — C:Program FilesGoogleChromeApplication31.0.1650.57libglesv2.dll
    MOD – [2013/11/14 12:28:36 | 000,099,792 | —- | M] () — C:Program FilesGoogleChromeApplication31.0.1650.57libegl.dll
    MOD – [2013/11/14 12:28:34 | 001,619,408 | —- | M] () — C:Program FilesGoogleChromeApplication31.0.1650.57ffmpegsumo.dll
    MOD – [2013/10/25 12:07:38 | 001,120,032 | —- | M] () — C:Program FilesIObitAdvanced SystemCare 7RealTimeProtector.exe
    MOD – [2013/01/15 18:48:26 | 000,348,992 | —- | M] () — C:Program FilesIObitAdvanced SystemCare 7madexcept_.bpl
    MOD – [2013/01/15 18:48:26 | 000,051,008 | —- | M] () — C:Program FilesIObitAdvanced SystemCare 7maddisAsm_.bpl
    MOD – [2013/01/15 18:48:24 | 000,183,616 | —- | M] () — C:Program FilesIObitAdvanced SystemCare 7madbasic_.bpl
    MOD – [2011/03/21 12:55:48 | 000,115,008 | —- | M] () — C:Program FilesNitro PDFProfessionalNPShellExtension.dll
    MOD – [2010/03/15 11:28:22 | 000,141,824 | —- | M] () — C:Program FilesWinRARRarExt.dll

    ========== Services (SafeList) ==========

    SRV – File not found [Auto | Running] — C:Program FilesSpybot — (SBSDWSCService)
    SRV – [2013/11/30 20:08:48 | 001,734,680 | —- | M] (AVG Secure Search) [Auto | Running] — C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater17.1.2ToolbarUpdater.exe — (vToolbarUpdater17.1.2)
    SRV – [2013/10/25 12:07:24 | 002,151,200 | —- | M] (IObit) [Auto | Running] — C:Program FilesIObitLiveUpdateLiveUpdate.exe — (LiveUpdateSvc)
    SRV – [2013/10/25 12:07:00 | 000,878,368 | —- | M] (IObit) [Auto | Running] — C:Program FilesIObitAdvanced SystemCare 7ASCService.exe — (AdvancedSystemCareService7)
    SRV – [2013/10/23 15:01:10 | 000,280,288 | —- | M] (Microsoft Corporation) [On_Demand | Running] — c:Program FilesMicrosoft Security ClientNisSrv.exe — (NisSrv)
    SRV – [2013/10/23 15:01:10 | 000,022,208 | —- | M] (Microsoft Corporation) [Auto | Running] — c:Program FilesMicrosoft Security ClientMsMpEng.exe — (MsMpSvc)
    SRV – [2013/10/09 19:18:01 | 000,257,416 | —- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] — C:WindowsSystem32MacromedFlashFlashPlayerUpdateService.exe — (AdobeFlashPlayerUpdateSvc)
    SRV – [2013/09/27 19:51:47 | 001,343,400 | —- | M] () [On_Demand | Stopped] — C:WindowsSystem32WatWatAdminSvc.exe — (WatAdminSvc)
    SRV – [2013/09/24 19:01:27 | 000,108,032 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSystem32IEEtwCollector.exe — (IEEtwCollectorService)
    SRV – [2013/09/08 17:25:06 | 001,786,704 | —- | M] (CybelSoft) [Auto | Running] — C:Program Filesma-config.comMaConfigAgent.exe — (MaConfigAgent)
    SRV – [2013/09/04 09:20:38 | 001,432,080 | —- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] — C:Program FilesAVGAVG2013avgfws.exe — (avgfws)
    SRV – [2013/07/23 18:09:28 | 000,283,136 | —- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] — C:Program FilesAVGAVG2013avgwdsvc.exe — (avgwd)
    SRV – [2013/07/04 14:53:10 | 004,939,312 | —- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] — C:Program FilesAVGAVG2013avgidsagent.exe — (AVGIDSAgent)
    SRV – [2013/05/27 05:57:27 | 000,680,960 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:Program FilesWindows DefenderMpSvc.dll — (WinDefend)
    SRV – [2013/04/25 17:12:00 | 000,580,232 | —- | M] (WiseCleaner.com) [Auto | Stopped] — C:Program FilesWiseWise Care 365BootTime.exe — (WiseBootAssistant)
    SRV – [2013/04/25 15:54:10 | 000,335,168 | —- | M] (IObit) [Auto | Running] — C:Program FilesIObitIObit Malware FighterIMFsrv.exe — (IMFservice)
    SRV – [2013/04/04 13:50:32 | 000,701,512 | —- | M] (Malwarebytes Corporation) [Auto | Running] — C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe — (MBAMService)
    SRV – [2011/03/21 12:55:30 | 000,196,928 | —- | M] (Nitro PDF Software) [Auto | Running] — C:Program FilesNitro PDFProfessionalNitroPDFDriverService.exe — (NitroDriverReadSpool)
    SRV – [2010/05/20 15:27:24 | 000,139,632 | —- | M] (Microsoft Corporation) [Auto | Running] — C:Program FilesMicrosoft LifeCamMSCamS32.exe — (MSCamSvc)
    SRV – [2009/07/14 02:16:15 | 000,016,384 | —- | M] (Microsoft Corporation) [On_Demand | Stopped] — C:WindowsSystem32StorSvc.dll — (StorSvc)
    SRV – [2009/07/14 02:16:13 | 000,025,088 | —- | M] (Microsoft Corporation) [Disabled | Stopped] — C:WindowsSystem32sensrsvc.dll — (SensrSvc)
    SRV – [2009/07/14 02:16:12 | 001,004,544 | —- | M] (Microsoft Corporation) [Disabled | Stopped] — C:WindowsSystem32PeerDistSvc.dll — (PeerDistSvc)
    SRV – [2008/11/09 21:48:14 | 000,602,392 | —- | M] (Yahoo! Inc.) [Auto | Running] — C:Program FilesYahoo!SoftwareUpdateYahooAUService.exe — (YahooAUService)

    ========== Driver Services (SafeList) ==========

    DRV – File not found [Kernel | Boot | Stopped] — — (sptd)
    DRV – File not found [Kernel | Boot | Stopped] — System32driversBootDefragDriver.sys — (BootDefragDriver)
    DRV – File not found [Kernel | Auto | Stopped] — — (ATE_PROCMON)
    DRV – File not found [File_System | Boot | Stopped] — — (77267374)
    DRV – [2013/11/30 20:08:55 | 000,037,664 | —- | M] (AVG Technologies) [Kernel | System | Running] — C:WindowsSystem32driversavgtpx86.sys — (avgtp)
    DRV – [2013/11/08 00:41:38 | 000,108,000 | —- | M] (Tonec Inc.) [Kernel | Auto | Running] — C:WindowsSystem32driversidmwfp.sys — (IDMWFP)
    DRV – [2013/09/27 09:53:06 | 000,104,768 | —- | M] (Microsoft Corporation) [Kernel | Auto | Running] — C:WindowsSystem32driversNisDrvWFP.sys — (NisDrv)
    DRV – [2013/09/10 00:34:48 | 000,022,328 | —- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] — C:WindowsSystem32driversavgidsshimx.sys — (AVGIDSShim)
    DRV – [2013/09/05 00:43:42 | 000,039,224 | —- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] — C:WindowsSystem32driversavgrkx86.sys — (Avgrkx86)
    DRV – [2013/08/20 06:02:14 | 000,084,248 | —- | M] (DEVGURU Co., LTD.(http://www.devguru.co.kr)) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversssudbus.sys — (dg_ssudbus)
    DRV – [2013/07/20 00:51:00 | 000,246,072 | —- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] — C:WindowsSystem32driversavglogx.sys — (Avglogx)
    DRV – [2013/07/20 00:50:56 | 000,208,184 | —- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] — C:WindowsSystem32driversavgidsdriverx.sys — (AVGIDSDriver)
    DRV – [2013/07/20 00:50:56 | 000,060,216 | —- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] — C:WindowsSystem32driversavgidshx.sys — (AVGIDSHX)
    DRV – [2013/07/20 00:50:50 | 000,171,320 | —- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] — C:WindowsSystem32driversavgldx86.sys — (Avgldx86)
    DRV – [2013/07/01 00:45:28 | 000,096,568 | —- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] — C:WindowsSystem32driversavgmfx86.sys — (Avgmfx86)
    DRV – [2013/05/31 15:53:18 | 000,209,016 | —- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] — C:WindowsSystem32driverskeyscrambler.sys — (KeyScrambler)
    DRV – [2013/04/09 16:46:21 | 000,016,880 | —- | M] (Intel Corporation) [Kernel | Boot | Running] — C:WindowsSystem32driversiusb3hcs.sys — (iusb3hcs)
    DRV – [2013/04/04 13:50:32 | 000,022,856 | —- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] — C:WindowsSystem32driversmbam.sys — (MBAMProtector)
    DRV – [2013/03/26 18:34:32 | 000,020,944 | —- | M] (IObit.com) [Kernel | On_Demand | Running] — C:Program FilesIObitIObit Malware FighterDriverswin7_x86UrlFilter.sys — (UrlFilter)
    DRV – [2013/03/26 18:34:30 | 000,031,752 | —- | M] (IObit.com) [Kernel | On_Demand | Running] — C:Program FilesIObitIObit Malware FighterDriverswin7_x86RegFilter.sys — (RegFilter)
    DRV – [2013/03/23 14:49:18 | 000,021,480 | —- | M] (IObit) [File_System | On_Demand | Running] — C:Program FilesIObitIObit Malware FighterDriverswin7_x86FileMonitor.sys — (FileMonitor)
    DRV – [2013/03/21 02:08:24 | 000,182,072 | —- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] — C:WindowsSystem32driversavgtdix.sys — (Avgtdix)
    DRV – [2013/03/17 16:44:56 | 000,373,112 | —- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] — C:WindowsSystem32driversApfiltr.sys — (ApfiltrService)
    DRV – [2013/03/14 16:51:18 | 000,015,872 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversusb80236.sys — (usbrndis6)
    DRV – [2013/02/19 20:32:54 | 010,919,200 | —- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] — C:WindowsSystem32driversnvlddmkm.sys — (nvlddmkm)
    DRV – [2013/01/16 18:22:43 | 000,014,848 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversrdpvideominiport.sys — (RdpVideoMiniport)
    DRV – [2013/01/16 18:22:40 | 000,049,664 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversTsUsbFlt.sys — (TsUsbFlt)
    DRV – [2012/09/06 20:02:49 | 000,015,248 | —- | M] (PenMount) [Kernel | On_Demand | Running] — C:WindowsSystem32driverspmkbdfltr.sys — (pmkbdfltr)
    DRV – [2012/09/04 10:39:32 | 000,050,296 | —- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] — C:WindowsSystem32driversavgfwd6x.sys — (Avgfwfd)
    DRV – [2011/12/18 12:44:22 | 000,016,384 | —- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversPELMOUSE.SYS — (pelmouse)
    DRV – [2011/12/15 19:29:42 | 000,026,624 | —- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driverstap0901.sys — (tap0901)
    DRV – [2011/07/28 18:37:10 | 000,045,288 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversdc3d.sys — (dc3d)
    DRV – [2011/07/21 19:55:50 | 000,016,640 | —- | M] (CybelSoft) [Kernel | On_Demand | Stopped] — C:Program Filesma-config.comDriversdriverhardwarev2.sys — (driverhardwarev2)
    DRV – [2010/11/20 13:30:15 | 000,175,360 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:WindowsSystem32driversvmbus.sys — (vmbus)
    DRV – [2010/11/20 13:30:15 | 000,040,704 | —- | M] (Microsoft Corporation) [Kernel | Boot | Running] — C:WindowsSystem32driversvmstorfl.sys — (storflt)
    DRV – [2010/11/20 13:30:15 | 000,028,032 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversstorvsc.sys — (storvsc)
    DRV – [2010/11/20 10:59:44 | 000,035,968 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driverswinusb.sys — (WinUsb)
    DRV – [2010/11/20 10:14:45 | 000,017,920 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversVMBusHID.sys — (VMBusHID)
    DRV – [2010/11/20 10:14:41 | 000,005,632 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversvms3cap.sys — (s3cap)
    DRV – [2010/09/16 19:49:00 | 001,559,552 | —- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversathur.sys — (athur)
    DRV – [2010/07/05 09:24:54 | 000,036,608 | —- | M] () [Kernel | On_Demand | Stopped] — C:WindowsSystem32FsUsbExDisk.Sys — (FsUsbExDisk)
    DRV – [2010/05/20 15:27:26 | 001,961,072 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversVX1000.sys — (VX1000)
    DRV – [2009/07/23 22:02:56 | 000,043,008 | —- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] — C:WindowsSystem32driversRtnicxp.sys — (RTL8023xp)
    DRV – [2009/07/14 00:45:33 | 000,083,456 | —- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driversserial.sys — (Serial)
    DRV – [2003/02/11 13:25:14 | 000,009,216 | —- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] — C:WindowsSystem32driverspelusblf.sys — (pelusblf)

    ========== Standard Registry (SafeList) ==========

    ========== Internet Explorer ==========

    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = about:blank
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Bar = about:blank
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = about:blank
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Default_Page_URL =
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerSearch,Default_Search_URL =
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerSearch,Search Bar =
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerSearch,Search Page =
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerSearch,Start Default_Page_URL =
    IE – HKLMSOFTWAREMicrosoftInternet ExplorerSearch,Start Page =
    IE – HKLM..SearchScopes,DefaultScope =
    IE – HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&FORM=IE8SRC
    IE – HKLM..SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

    IE – HKU.DEFAULT..URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} – No CLSID value found
    IE – HKU.DEFAULT..SearchScopes,DefaultScope =
    IE – HKU.DEFAULT..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&src=IE-SearchBox&FORM=IE11SR
    IE – HKU.DEFAULT..SearchScopes{295BEC74-2563-4708-80A2-9440850E387C}: “URL” = http://fr.search.yahoo.com/search?p=” onclick=”window.open(this.href);return false;{searchTerms}&fr=chr-tyc8
    IE – HKU.DEFAULT..SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE – HKU.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyEnable” = 0

    IE – HKUS-1-5-18..URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} – No CLSID value found
    IE – HKUS-1-5-18..SearchScopes,DefaultScope =
    IE – HKUS-1-5-18..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&src=IE-SearchBox&FORM=IE11SR
    IE – HKUS-1-5-18..SearchScopes{295BEC74-2563-4708-80A2-9440850E387C}: “URL” = http://fr.search.yahoo.com/search?p=” onclick=”window.open(this.href);return false;{searchTerms}&fr=chr-tyc8
    IE – HKUS-1-5-18..SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE – HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyEnable” = 0

    IE – HKUS-1-5-19..SearchScopes,DefaultScope =

    IE – HKUS-1-5-20..SearchScopes,DefaultScope =

    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com” onclick=”window.open(this.href);return false;
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = about:blank
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerMain,Search Bar = about:blank
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerMain,Search Page = about:blank
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerMain,Start Default_Page_URL =
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.com” onclick=”window.open(this.href);return false;
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp” onclick=”window.open(this.href);return false;
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = fr
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerMain,Start Page Redirect Cache_TIMESTAMP = B5 D0 4B 9C CA 9B CC 01 [binary data]
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerSearch,Default_Search_URL =
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerSearch,Search Bar =
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerSearch,Search Page =
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerSearch,Start Default_Page_URL =
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftInternet ExplorerSearch,Start Page =
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001..URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} – No CLSID value found
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001..URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} – No CLSID value found
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001..SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&src=IE-SearchBox&FORM=IE11SR
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001..SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLJ_frFR456
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001..SearchScopes{CB37CAD6-B969-41E8-8A3C-8EFEE6692A55}: “URL” = http://search.certified-toolbar.com?si=38268&st=bs&tid=77&q=” onclick=”window.open(this.href);return false;{searchTerms}
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyEnable” = 0
    IE – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SoftwareMicrosoftWindowsCurrentVersionInternet Settings: “ProxyOverride” =

    ========== FireFox ==========

    FF – HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:Windowssystem32MacromedFlashNPSWF32_11_9_900_117.dll ()
    FF – HKLMSoftwareMozillaPlugins@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:Program FilesCommon FilesAVG Secure SearchSiteSafetyInstaller17.1.2\npsitesafety.dll ()
    FF – HKLMSoftwareMozillaPlugins@java.com/DTPlugin,version=10.25.2: C:Windowssystem32npDeployJava1.dll (Oracle Corporation)
    FF – HKLMSoftwareMozillaPlugins@microsoft.com/GENUINE: disabled File not found
    FF – HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: c:Program FilesMicrosoft Silverlight5.1.20913.0npctrl.dll ( Microsoft Corporation)
    FF – HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=15.4.3502.0922: C:Program FilesWindows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)
    FF – HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=15.4.3538.0513: C:Program FilesWindows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)
    FF – HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=15.4.3555.0308: C:Program FilesWindows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)
    FF – HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:Program FilesGoogleUpdate1.3.21.165npGoogleUpdate3.dll (Google Inc.)
    FF – HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:Program FilesGoogleUpdate1.3.21.165npGoogleUpdate3.dll (Google Inc.)
    FF – HKLMSoftwareMozillaPlugins@videolan.org/vlc,version=2.0.8: C:Program FilesVideoLANVLCnpvlc.dll (VideoLAN)
    FF – HKCUSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:UsersSaidaAppDataLocalGoogleUpdate1.3.21.165npGoogleUpdate3.dll (Google Inc.)
    FF – HKCUSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:UsersSaidaAppDataLocalGoogleUpdate1.3.21.165npGoogleUpdate3.dll (Google Inc.)

    FF – HKEY_CURRENT_USERsoftwaremozillaFirefoxExtensions\mozilla_cc@internetdownloadmanager.com: C:UsersSaidaAppDataRoamingIDMidmmzcc5 [2013/11/26 17:28:49 | 000,000,000 | —D | M]
    FF – HKEY_CURRENT_USERsoftwaremozillaSeaMonkeyExtensions\mozilla_cc@internetdownloadmanager.com: C:UsersSaidaAppDataRoamingIDMidmmzcc5 [2013/11/26 17:28:49 | 000,000,000 | —D | M]

    [2013/12/01 16:57:04 | 000,000,000 | —D | M] (No name found) — C:UsersSaidaAppDataRoamingmozillaFirefoxProfilesextensions
    [2013/12/01 16:54:49 | 000,000,000 | —D | M] (No name found) — C:UsersSaidaAppDataRoamingmozillaFirefoxProfilesextensionsextensions
    [2013/11/22 17:05:18 | 000,000,000 | —D | M] (Advanced SystemCare Surfing Protection) — C:UsersSaidaAppDataRoamingmozillaFirefoxProfilesextensionsextensionsascsurfingprotection@iobit.com
    [2013/06/30 09:44:04 | 000,239,491 | —- | M] () (No name found) — C:UsersSaidaAppDataRoamingmozillafirefoxprofilesextensionstrtv3@trtv.com.xpi
    [2013/09/27 18:33:14 | 000,000,000 | —D | M] (No name found) — C:Program FilesMozilla Firefoxextensions

    ========== Chrome ==========

    CHR – default_search_provider: Google (Enabled)
    CHR – default_search_provider: search_url = {google:baseURL}search?q={searchTerms}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
    CHR – default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR – homepage:
    CHR – Extension: DownloadAll = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsajffocjdcmpgjmdfdfkdfdbkjafbkcke2.1.1_0
    CHR – Extension: Superbe capture d’cran : capturer et annoter = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsalelhddbbhepgpmgidjdcjakblofbmce3.5.3_0
    CHR – Extension: Mto (extension) = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsbeapnbfmjmjhhfpaoajfhjbbfnnlfpnc.9.0.7_0
    CHR – Extension: Adblock Plus = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionscfhdojbkjhnklbpkdaibdccddilifddb1.6.1_0
    CHR – Extension: Vimeo Download Videos = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsgeeljcibkkackafmeepgadbfgmpjmdeg3.0.0_0
    CHR – Extension: IDM Integration Module = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsjeaohhlajejodfjadcponpnjgkiikocn6.18.7_0
    CHR – Extension: AVG Secure Search = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsndibdjnfmopecpmkdieinmbadjfpblof17.1.2.1_0
    CHR – Extension: Advanced SystemCare Surfing Protection = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsnfengeggddojhakldhlpjdlddgkkjkdd1.0.0_0
    CHR – Extension: GreyGray = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsnhogbcndagiknbfomjgdeghehkljalhi1.0.0_0
    CHR – Extension: GoogleWallet = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda.0.5.0_1
    CHR – Extension: Adblock Pro = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsocifcklkibdehekfnmflempfgjhbedch2.8_0
    CHR – Extension: Print Friendly & PDF = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsohlencieiipommannpdfcmfdpjjmeolj2.3_0
    CHR – Extension: OneClick Cleaner for Chrome = C:UsersSaidaAppDataLocalGoogleChromeUser DataDefaultExtensionsoncckmaelaecccmaniihojgeopkcajfh.9.0.7_0

    O1 HOSTS File: ([2013/11/06 15:52:10 | 000,450,681 | R— | M]) – C:WindowsSystem32driversetchosts
    O1 – Hosts: 127.0.0.1 http://www.007guard.com
    O1 – Hosts: 127.0.0.1 007guard.com
    O1 – Hosts: 127.0.0.1 008i.com
    O1 – Hosts: 127.0.0.1 http://www.008k.com
    O1 – Hosts: 127.0.0.1 008k.com
    O1 – Hosts: 127.0.0.1 http://www.00hq.com
    O1 – Hosts: 127.0.0.1 00hq.com
    O1 – Hosts: 127.0.0.1 010402.com
    O1 – Hosts: 127.0.0.1 http://www.032439.com
    O1 – Hosts: 127.0.0.1 032439.com
    O1 – Hosts: 127.0.0.1 http://www.0scan.com
    O1 – Hosts: 127.0.0.1 0scan.com
    O1 – Hosts: 127.0.0.1 http://www.1000gratisproben.com
    O1 – Hosts: 127.0.0.1 1000gratisproben.com
    O1 – Hosts: 127.0.0.1 1001namen.com
    O1 – Hosts: 127.0.0.1 http://www.1001namen.com
    O1 – Hosts: 127.0.0.1 100888290cs.com
    O1 – Hosts: 127.0.0.1 http://www.100888290cs.com
    O1 – Hosts: 127.0.0.1 http://www.100sexlinks.com
    O1 – Hosts: 127.0.0.1 100sexlinks.com
    O1 – Hosts: 127.0.0.1 http://www.10sek.com
    O1 – Hosts: 127.0.0.1 10sek.com
    O1 – Hosts: 127.0.0.1 http://www.1-2005-search.com
    O1 – Hosts: 127.0.0.1 1-2005-search.com
    O1 – Hosts: 127.0.0.1 http://www.123fporn.info
    O1 – Hosts: 15468 more lines…
    O2 – BHO: (IDM integration (IDMIEHlprObj Class)) – {0055C089-8582-441B-A0BF-17B458C2A3A8} – C:Program FilesInternet Download ManagerIDMIECC.dll (Internet Download Manager, Tonec Inc.)
    O2 – BHO: (ExplorerWnd Helper) – {10921475-03CE-4E04-90CE-E2E7EF20C814} – C:Program FilesIObitIObit UninstallerUninstallExplorer32.dll (IObit)
    O2 – BHO: (Spybot-S&D IE Protection) – {53707962-6F74-2D53-2644-206D7942484F} – C:Program FilesSpybot – Search & DestroySDHelper.dll (Safer Networking Limited)
    O2 – BHO: (no name) – {95B7759C-8C7F-4BF1-B163-73684A933233} – No CLSID value found.
    O2 – BHO: (Advanced SystemCare Browser Protection) – {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} – C:Program FilesIObitSurfing ProtectionBrowerProtectASCPlugin_Protection.dll (IObit)
    O2 – BHO: (SingleInstance Class) – {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} – C:Program FilesYahoo!CompanionInstallscpn0YTSingleInstance.dll (Yahoo! Inc)
    O3 – HKLM..Toolbar: (no name) – !{03EB0E9C-7A91-4381-A220-9B52B641CDB1} – No CLSID value found.
    O3 – HKLM..Toolbar: (no name) – {95B7759C-8C7F-4BF1-B163-73684A933233} – No CLSID value found.
    O3 – HKLM..Toolbar: (no name) – 10 – No CLSID value found.
    O4 – HKLM..Run: [Apoint] C:Program FilesDellTPadApoint.exe (Alps Electric Co., Ltd.)
    O4 – HKLM..Run: [AVG_UI] C:Program FilesAVGAVG2013avgui.exe (AVG Technologies CZ, s.r.o.)
    O4 – HKLM..Run: [IObit Malware Fighter] C:Program FilesIObitIObit Malware FighterIMF.exe (IObit)
    O4 – HKLM..Run: [KeyScrambler] C:Program FilesKeyScramblerkeyscrambler.exe (QFX Software Corporation)
    O4 – HKLM..Run: [MSC] c:Program FilesMicrosoft Security Clientmsseces.exe (Microsoft Corporation)
    O4 – HKLM..Run: [vProt] C:Program FilesAVG Secure Searchvprot.exe ()
    O4 – HKU.DEFAULT..Run: [Advanced SystemCare 7] C:Program FilesIObitAdvanced SystemCare 7ASCTray.exe (IObit)
    O4 – HKUS-1-5-18..Run: [Advanced SystemCare 7] C:Program FilesIObitAdvanced SystemCare 7ASCTray.exe (IObit)
    O4 – HKUS-1-5-21-4121471940-3825467980-2753460516-1001..Run: [F650957478D12BD831629AC6E9B60F9A2BAB7454._service_run] C:Program FilesGoogleChromeApplicationchrome.exe (Google Inc.)
    O4 – HKUS-1-5-21-4121471940-3825467980-2753460516-1001..Run: [IDMan] C:Program FilesInternet Download ManagerIDMan.exe (Tonec Inc.)
    O4 – HKUS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (Microsoft Corporation)
    O4 – HKUS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (Microsoft Corporation)
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 255
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 5
    O6 – HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3
    O7 – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 221
    O7 – HKUS-1-5-21-4121471940-3825467980-2753460516-1001SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoLowDiskSpaceChecks = 1
    O8 – Extra context menu item: &Download All using 4shared Desktop – res://C” onclick=”window.open(this.href);return false;:UsersSaida4shared DesktopDesktop.32/D_ALL_LINK File not found
    O8 – Extra context menu item: &Download using 4shared Desktop – res://C” onclick=”window.open(this.href);return false;:UsersSaida4shared DesktopDesktop.32/D_ONE_LINK File not found
    O8 – Extra context menu item: Télécharger avec IDM – C:Program FilesInternet Download ManagerIEExt.htm ()
    O8 – Extra context menu item: Télécharger tous les liens avec IDM – C:Program FilesInternet Download ManagerIEGetAll.htm ()
    O9 – Extra ‘Tools’ menuitem : Spybot – Search & Destroy Configuration – {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} – C:Program FilesSpybot – Search & DestroySDHelper.dll (Safer Networking Limited)
    O13 – gopher Prefix: missing
    O15 – HKU.DEFAULT..Trusted Domains: ma-config.com ([]http in Trusted sites)
    O15 – HKU.DEFAULT..Trusted Domains: touslesdrivers.com ([]http in Trusted sites)
    O15 – HKUS-1-5-18..Trusted Domains: ma-config.com ([]http in Trusted sites)
    O15 – HKUS-1-5-18..Trusted Domains: touslesdrivers.com ([]http in Trusted sites)
    O16 – DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab” onclick=”window.open(this.href);return false; (Reg Error: Value error.)
    O16 – DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab” onclick=”window.open(this.href);return false; (Reg Error: Value error.)
    O16 – DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab” onclick=”window.open(this.href);return false; (Reg Error: Value error.)
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCCSServicesTcpipParametersInterfaces{06A55B50-31E1-48D5-B944-28BC4F85E63F}: DhcpNameServer = 192.168.42.129
    O17 – HKLMSystemCCSServicesTcpipParametersInterfaces{19344C00-6D8B-4FFB-AFCD-3D424A52766E}: DhcpNameServer = 192.168.0.254
    O17 – HKLMSystemCCSServicesTcpipParametersInterfaces{20F02C72-E83D-4311-A44D-1246E501389A}: DhcpNameServer = 192.168.42.129
    O18 – ProtocolHandlerlinkscanner – No CLSID value found
    O18 – ProtocolHandlerviprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} – C:Program FilesCommon FilesAVG Secure SearchViProtocolInstaller17.1.2ViProtocol.dll (AVG Secure Search)
    O20 – HKLM Winlogon: Shell – (explorer.exe) – C:Windowsexplorer.exe (Microsoft Corporation)
    O20 – HKLM Winlogon: UserInit – (C:Windowssystem32userinit.exe) – C:WindowsSystem32userinit.exe (Microsoft Corporation)
    O20 – HKLM Winlogon: VMApplet – (SystemPropertiesPerformance.exe) – C:WindowsSystem32SystemPropertiesPerformance.exe (Microsoft Corporation)
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – No CLSID value found.
    O32 – HKLM CDRom: AutoRun – 1
    O32 – AutoRun File – [2009/06/10 22:42:20 | 000,000,024 | —- | M] () – C:autoexec.bat — [ NTFS ]
    O32 – AutoRun File – [2012/02/03 12:35:01 | 000,000,000 | -H-D | M] – C:Autorun.inf — [ NTFS ]
    O34 – HKLM BootExecute: (autocheck autochk *)
    O35 – HKLM..comfile [open] — “%1” %*
    O35 – HKLM..exefile [open] — “%1” %*
    O37 – HKLM…com [@ = comfile] — “%1” %*
    O37 – HKLM…exe [@ = exefile] — “%1” %*
    O38 – SubSystems\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 – SubSystems\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 – SubSystems\Windows: (ServerDll=sxssrv,4)

    etoile127
    Participant
    Nombre d'articles : 14

    Resuite
    NetSvcs: FastUserSwitchingCompatibility – File not found
    NetSvcs: Ias – C:WindowsSystem32ias.dll (Microsoft Corporation)
    NetSvcs: Nla – File not found
    NetSvcs: Ntmssvc – File not found
    NetSvcs: NWCWorkstation – File not found
    NetSvcs: Nwsapagent – File not found
    NetSvcs: SRService – File not found
    NetSvcs: WmdmPmSp – File not found
    NetSvcs: LogonHours – File not found
    NetSvcs: PCAudit – File not found
    NetSvcs: helpsvc – File not found
    NetSvcs: uploadmgr – File not found

    MsConfig – StartUpReg: SpybotSD TeaTimer – hkey= – key= – Reg Error: Value error. File not found
    MsConfig – StartUpReg: swg – hkey= – key= – c:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (Google Inc.)
    MsConfig – StartUpReg: vProt – hkey= – key= – Reg Error: Value error. File not found
    MsConfig – State: “startup” – 2

    SafeBootMin: 77267374.sys – File not found
    SafeBootMin: Base – Driver Group
    SafeBootMin: Boot Bus Extender – Driver Group
    SafeBootMin: Boot file system – Driver Group
    SafeBootMin: File system – Driver Group
    SafeBootMin: Filter – Driver Group
    SafeBootMin: HelpSvc – Service
    SafeBootMin: IMFservice – C:Program FilesIObitIObit Malware FighterIMFsrv.exe (IObit)
    SafeBootMin: MsMpSvc – c:Program FilesMicrosoft Security ClientMsMpEng.exe (Microsoft Corporation)
    SafeBootMin: NTDS – File not found
    SafeBootMin: PCI Configuration – Driver Group
    SafeBootMin: PNP Filter – Driver Group
    SafeBootMin: Primary disk – Driver Group
    SafeBootMin: sacsvr – Service
    SafeBootMin: SCSI Class – Driver Group
    SafeBootMin: System Bus Extender – Driver Group
    SafeBootMin: vmms – Service
    SafeBootMin: WinDefend – C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} – Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} – CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} – DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} – Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} – Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} – Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} – Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} – PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} – SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} – System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} – Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} – Volume shadow copy
    SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} – IEEE 1394 Bus host controllers
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} – Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} – Human Interface Devices
    SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} – SBP2 IEEE 1394 Devices
    SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} – SecurityDevices

    SafeBootNet: 77267374.sys – File not found
    SafeBootNet: Base – Driver Group
    SafeBootNet: Boot Bus Extender – Driver Group
    SafeBootNet: Boot file system – Driver Group
    SafeBootNet: File system – Driver Group
    SafeBootNet: Filter – Driver Group
    SafeBootNet: HelpSvc – Service
    SafeBootNet: Messenger – Service
    SafeBootNet: MsMpSvc – c:Program FilesMicrosoft Security ClientMsMpEng.exe (Microsoft Corporation)
    SafeBootNet: NDIS Wrapper – Driver Group
    SafeBootNet: NetBIOSGroup – Driver Group
    SafeBootNet: NetDDEGroup – Driver Group
    SafeBootNet: Network – Driver Group
    SafeBootNet: NetworkProvider – Driver Group
    SafeBootNet: NTDS – File not found
    SafeBootNet: PCI Configuration – Driver Group
    SafeBootNet: PNP Filter – Driver Group
    SafeBootNet: PNP_TDI – Driver Group
    SafeBootNet: Primary disk – Driver Group
    SafeBootNet: rdsessmgr – Service
    SafeBootNet: sacsvr – Service
    SafeBootNet: SCSI Class – Driver Group
    SafeBootNet: Streams Drivers – Driver Group
    SafeBootNet: System Bus Extender – Driver Group
    SafeBootNet: TDI – Driver Group
    SafeBootNet: vmms – Service
    SafeBootNet: WinDefend – C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)
    SafeBootNet: WudfUsbccidDriver – Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} – Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} – CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} – DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} – Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} – Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} – Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} – Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} – Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} – NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} – NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} – NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} – PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} – SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} – System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} – Floppy disk drive
    SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} – Smart card readers
    SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} – Volume shadow copy
    SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} – IEEE 1394 Bus host controllers
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} – Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} – Human Interface Devices
    SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} – SBP2 IEEE 1394 Devices
    SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} – SecurityDevices

    ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} – Reg Error: Value error.
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} – Microsoft Windows Media Player 12.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} – %SystemRoot%system32regsvr32.exe /s /n /i:/UserInstall %SystemRoot%system32themeui.dll
    ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} – Reg Error: Value error.
    ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} – Reg Error: Value error.
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} – Offline Browsing Pack
    ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} – .NET Framework
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} – “%ProgramFiles%Windows MailWinMail.exe” OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} – DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} – Internet Explorer Help
    ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} – .NET Framework
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} – Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} – Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} – Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} – Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} – MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} – Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} – .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} – regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} – C:WindowsSystem32ie4uinit.exe -UserConfig
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} – C:Windowssystem32Rundll32.exe C:Windowssystem32mscories.dll,Install
    ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} – “C:Program FilesGoogleChromeApplication31.0.1650.57Installerchrmstp.exe” –configure-user-settings –verbose-logging –system-level –multi-install –chrome
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} – Dynamic HTML Data Binding
    ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} – Reg Error: Value error.
    ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} – Reg Error: Value error.
    ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} – .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} – Internet Explorer Core Fonts
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} – HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} – Active Directory Service Interface
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} – %SystemRoot%system32unregmp2.exe /ShowWMP

    Drivers32: msacm.l3acm – C:WindowsSystem32l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: MSVideo8 – C:WindowsSystem32vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid – C:WindowsSystem32iccvid.dll (Radius Inc.)
    Drivers32: vidc.XVID – C:WindowsSystem32xvidvfw.dll ()

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point
    PhysicalDisk0 MBR saved to C:PhysicalMBR.bin

    ========== Files/Folders – Created Within 30 Days ==========

    [2013/12/02 20:02:42 | 000,000,000 | —D | C] — C:UsbFix
    [2013/12/01 18:20:17 | 000,000,000 | —D | C] — C:ProgramDataTEMP
    [2013/12/01 18:15:22 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingDealply
    [2013/12/01 18:09:57 | 000,000,000 | —D | C] — C:Program FilesIminentToolbar
    [2013/12/01 16:52:17 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingNosibay
    [2013/12/01 13:35:46 | 000,000,000 | —D | C] — C:UsersSaidaAppDataLocalAVG Secure Search
    [2013/11/30 20:12:01 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingTuneUp Software
    [2013/11/30 20:10:25 | 000,000,000 | —D | C] — C:ProgramDataAVG Secure Search
    [2013/11/30 20:09:56 | 000,000,000 | —D | C] — C:Program FilesCommon FilesAVG Secure Search
    [2013/11/30 20:09:32 | 000,000,000 | —D | C] — C:Program FilesAVG Secure Search
    [2013/11/28 20:56:13 | 000,000,000 | —D | C] — C:UsersSaidaAppDataLocalSoftware
    [2013/11/28 19:45:22 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsFreeMi UPnP Media Server
    [2013/11/27 17:03:08 | 000,000,000 | —D | C] — C:WindowsMigration
    [2013/11/27 16:46:40 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome
    [2013/11/26 17:25:08 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingIDM
    [2013/11/26 17:24:57 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Download Manager
    [2013/11/26 17:24:57 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsInternet Download Manager
    [2013/11/26 17:24:53 | 000,000,000 | —D | C] — C:Program FilesInternet Download Manager
    [2013/11/22 17:05:45 | 000,000,000 | —D | C] — C:ProgramData{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
    [2013/11/22 17:05:14 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsIObit Uninstaller
    [2013/11/22 17:05:05 | 000,000,000 | —D | C] — C:ProgramDataProductData
    [2013/11/22 17:04:33 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsAdvanced SystemCare 7
    [2013/11/18 20:55:55 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoaming4shared Desktop
    [2013/11/18 20:55:48 | 000,000,000 | —D | C] — C:ProgramData4shared Desktop
    [2013/11/18 20:55:34 | 000,000,000 | —D | C] — C:UsersSaida4shared Desktop
    [2013/11/18 17:09:07 | 000,000,000 | —D | C] — C:UsersSaidaAppDataRoamingQFX Software
    [2013/11/18 17:09:07 | 000,000,000 | —D | C] — C:ProgramDataQFX Software
    [2013/11/18 17:08:47 | 000,000,000 | —D | C] — C:ProgramDataMicrosoftWindowsStart MenuProgramsKeyScrambler
    [2013/11/18 17:08:19 | 000,209,016 | —- | C] (QFX Software Corporation) — C:WindowsSystem32driverskeyscrambler.sys
    [2013/11/18 17:07:32 | 000,000,000 | —D | C] — C:Program FilesKeyScrambler
    [2013/11/18 15:41:24 | 000,000,000 | —D | C] — C:Program FilesMicrosoft Security Client
    [2013/11/13 16:17:56 | 000,220,160 | —- | C] (Microsoft Corporation) — C:WindowsSystem32ncrypt.dll
    [2013/11/13 16:17:56 | 000,015,872 | —- | C] (Microsoft Corporation) — C:WindowsSystem32sspisrv.dll
    [2013/11/13 16:17:43 | 001,796,096 | —- | C] (Microsoft Corporation) — C:WindowsSystem32authui.dll
    [2013/11/13 16:17:43 | 000,152,576 | —- | C] (Microsoft Corporation) — C:WindowsSystem32SmartcardCredentialProvider.dll
    [2013/11/13 16:17:40 | 000,656,896 | —- | C] (Microsoft Corporation) — C:WindowsSystem32nshwfp.dll
    [2013/11/13 16:17:40 | 000,216,576 | —- | C] (Microsoft Corporation) — C:WindowsSystem32FWPUCLNT.DLL
    [2013/11/12 14:56:16 | 000,000,000 | —D | C] — C:IObit
    [2013/11/11 20:23:52 | 001,824,000 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32WavesGUILib.dll
    [2013/11/11 20:23:51 | 000,819,648 | —- | C] (TOSHIBA Corporation) — C:WindowsSystem32tadefxapo2.dll
    [2013/11/11 20:23:51 | 000,058,264 | —- | C] (TOSHIBA CORPORATION.) — C:WindowsSystem32TepeqAPO.dll
    [2013/11/11 20:23:50 | 000,604,928 | —- | C] (DTS, Inc.) — C:WindowsSystem32sltech32.dll
    [2013/11/11 20:23:49 | 000,218,368 | —- | C] (TODO: ) — C:WindowsSystem32slprp32.dll
    [2013/11/11 20:23:47 | 000,938,752 | —- | C] (SRS Labs, Inc.) — C:WindowsSystem32slcnt32.dll
    [2013/11/11 20:23:44 | 000,823,040 | —- | C] (DTS, Inc.) — C:WindowsSystem32sl3apo32.dll
    [2013/11/11 20:23:43 | 000,912,432 | —- | C] (Sony Corporation) — C:WindowsSystem32SFSS_APO.dll
    [2013/11/11 20:23:37 | 001,596,488 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RTSndMgr.cpl
    [2013/11/11 20:23:32 | 000,798,520 | —- | C] (ASUSTeKcomputer.Inc Inc) — C:WindowsSystem32RTKSMSettingsIPC.dll
    [2013/11/11 20:23:29 | 004,222,104 | —- | C] (ASUSTeKcomputer.Inc Inc) — C:WindowsSystem32RTKSMlfx.dll
    [2013/11/11 20:23:26 | 002,546,904 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkPgExt.dll
    [2013/11/11 20:23:22 | 000,122,072 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkCoInstII.dll
    [2013/11/11 20:23:20 | 000,769,752 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkApoApi.dll
    [2013/11/11 20:23:18 | 002,327,768 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkAPO.dll
    [2013/11/11 20:22:49 | 032,882,688 | —- | C] (Realtek Semiconductor Corp.) — C:WindowsSystem32RCoRes.dat
    [2013/11/11 20:22:46 | 007,162,128 | —- | C] (Dolby Laboratories) — C:WindowsSystem32R4EEP32A.dll
    [2013/11/11 20:22:46 | 000,106,768 | —- | C] (Dolby Laboratories) — C:WindowsSystem32R4EEL32A.dll
    [2013/11/11 20:22:45 | 000,352,016 | —- | C] (Dolby Laboratories) — C:WindowsSystem32R4EED32A.dll
    [2013/11/11 20:22:45 | 000,091,920 | —- | C] (Dolby Laboratories) — C:WindowsSystem32R4EEA32A.dll
    [2013/11/11 20:22:45 | 000,062,224 | —- | C] (Dolby Laboratories) — C:WindowsSystem32R4EEG32A.dll
    [2013/11/11 20:22:43 | 000,852,016 | —- | C] (Sony Corporation) — C:WindowsSystem32MISS_APO.dll
    [2013/11/11 20:22:36 | 000,509,184 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxVolumeSDAPO.dll
    [2013/11/11 20:22:35 | 000,761,088 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxVoiceAPO20.dll
    [2013/11/11 20:22:35 | 000,642,304 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxSpeechAPO.dll
    [2013/11/11 20:22:34 | 003,443,968 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioVnN.dll
    [2013/11/11 20:21:57 | 027,368,704 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioVnA.dll
    [2013/11/11 20:21:49 | 001,677,568 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioRealtek2.dll
    [2013/11/11 20:21:24 | 013,880,576 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioRealtek.dll
    [2013/11/11 20:21:20 | 001,935,104 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioEQ.dll
    [2013/11/11 20:21:17 | 000,859,392 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPOShell.dll
    [2013/11/11 20:21:16 | 001,097,984 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO50.dll
    [2013/11/11 20:21:15 | 000,873,728 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO40.dll
    [2013/11/11 20:21:14 | 000,509,184 | —- | C] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO30.dll
    [2013/11/11 20:20:36 | 002,395,680 | —- | C] (Fortemedia Corporation) — C:WindowsSystem32FMAPO.dll
    [2013/11/11 20:20:35 | 000,346,056 | —- | C] (DTS) — C:WindowsSystem32DTSU2PREC32.dll
    [2013/11/11 20:20:34 | 000,426,952 | —- | C] (DTS) — C:WindowsSystem32DTSU2PLFX32.dll
    [2013/11/11 20:20:33 | 000,402,888 | —- | C] (DTS) — C:WindowsSystem32DTSU2PGFX32.dll
    [2013/11/11 20:20:21 | 006,178,136 | —- | C] (Dolby Laboratories) — C:WindowsSystem32DDPP32A.dll
    [2013/11/11 20:20:20 | 000,269,144 | —- | C] (Dolby Laboratories) — C:WindowsSystem32DDPO32A.dll
    [2013/11/11 20:20:18 | 001,439,064 | —- | C] (Dolby Laboratories) — C:WindowsSystem32DDPD32A.dll
    [2013/11/11 20:20:18 | 000,220,504 | —- | C] (Dolby Laboratories) — C:WindowsSystem32DDPA32.dll
    [2013/11/11 20:20:03 | 000,092,584 | —- | C] (Real Sound Lab SIA) — C:WindowsSystem32CONEQMSAPOGUILibrary.dll
    [2013/11/11 20:19:35 | 000,181,960 | —- | C] (Andrea Electronics Corporation) — C:WindowsSystem32AERTACap.dll
    [2013/11/11 20:19:35 | 000,095,840 | —- | C] (Andrea Electronics Corporation) — C:WindowsSystem32AERTARen.dll
    [2013/11/09 06:08:40 | 000,108,000 | —- | C] (Tonec Inc.) — C:WindowsSystem32driversidmwfp.sys

    ========== Files – Modified Within 30 Days ==========

    [2013/12/03 16:15:05 | 000,001,002 | —- | M] () — C:WindowstasksAdobe Flash Player Updater.job
    [2013/12/03 16:10:59 | 000,000,512 | —- | M] () — C:PhysicalMBR.bin
    [2013/12/03 15:56:02 | 000,001,054 | —- | M] () — C:WindowstasksGoogleUpdateTaskMachineUA.job
    [2013/12/03 15:47:32 | 000,065,536 | —- | M] () — C:WindowsSystem32Ikeext.etl
    [2013/12/03 15:47:30 | 000,001,814 | —- | M] () — C:WindowstasksDeeal_fr 0.2-firefoxinstaller.job
    [2013/12/03 15:47:30 | 000,001,054 | —- | M] () — C:WindowstasksGoogleUpdateTaskMachineCore.job
    [2013/12/03 15:47:24 | 000,001,888 | —- | M] () — C:WindowstasksDeeal_fr 0.2-chromeinstaller.job
    [2013/12/03 15:47:24 | 000,001,192 | —- | M] () — C:WindowstasksDeeal_fr 0.2-codedownloader.job
    [2013/12/03 15:47:24 | 000,000,398 | —- | M] () — C:WindowstasksWise Care 365.job
    [2013/12/03 15:46:52 | 000,067,584 | –S- | M] () — C:Windowsbootstat.dat
    [2013/12/03 15:46:40 | 1610,260,480 | -HS- | M] () — C:hiberfil.sys
    [2013/12/03 15:38:19 | 000,001,607 | —- | M] () — C:UsersSaidaDesktopSFTGC.exe – Raccourci (2).lnk
    [2013/12/03 15:36:12 | 000,747,660 | —- | M] () — C:WindowsSystem32perfh00C.dat
    [2013/12/03 15:36:12 | 000,654,270 | —- | M] () — C:WindowsSystem32perfh009.dat
    [2013/12/03 15:36:12 | 000,150,184 | —- | M] () — C:WindowsSystem32perfc00C.dat
    [2013/12/03 15:36:12 | 000,122,142 | —- | M] () — C:WindowsSystem32perfc009.dat
    [2013/12/02 20:36:46 | 000,001,587 | —- | M] () — C:UsersSaidaDesktopOTL.exe – Raccourci.lnk
    [2013/12/02 20:16:02 | 000,001,607 | —- | M] () — C:UsersSaidaDesktopSFTGC.exe – Raccourci.lnk
    [2013/12/02 20:03:35 | 000,001,622 | —- | M] () — C:UsersSaidaDesktopUsbFix.exe – Raccourci.lnk
    [2013/12/02 20:00:12 | 000,001,660 | —- | M] () — C:UsersSaidaDesktopadwcleaner.exe – Raccourci.lnk
    [2013/12/02 00:14:25 | 000,010,110 | —- | M] () — C:Windowswininit.ini
    [2013/12/01 18:25:12 | 000,000,918 | —- | M] () — C:WindowsSystem32InstallUtil.InstallLog
    [2013/12/01 18:15:46 | 000,000,290 | —- | M] () — C:WindowstasksDealply.job
    [2013/11/30 20:08:55 | 000,037,664 | —- | M] (AVG Technologies) — C:WindowsSystem32driversavgtpx86.sys
    [2013/11/30 19:23:29 | 000,300,144 | —- | M] () — C:WindowsSystem32FNTCACHE.DAT
    [2013/11/30 18:19:02 | 000,043,920 | -H– | M] () — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/11/30 18:19:02 | 000,043,920 | -H– | M] () — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/11/29 15:01:00 | 000,000,262 | —- | M] () — C:WindowstasksWinThruster_DEFAULT.job
    [2013/11/28 19:45:21 | 000,001,121 | —- | M] () — C:UsersPublicDesktopFreeMi UPnP Media Server.lnk
    [2013/11/27 16:51:50 | 000,000,270 | —- | M] () — C:WindowstasksWinThruster_UPDATES.job
    [2013/11/27 16:46:40 | 000,002,163 | —- | M] () — C:UsersPublicDesktopGoogle Chrome.lnk
    [2013/11/26 19:03:25 | 000,002,039 | —- | M] () — C:UsersPublicDesktopAdvanced SystemCare 7.lnk
    [2013/11/26 17:04:54 | 000,000,117 | —- | M] () — C:UsersSaidaDesktop+ d’astuces sur majax31.ws (2).url
    [2013/11/22 17:05:16 | 000,001,059 | —- | M] () — C:UsersPublicDesktopIObit Uninstaller.lnk
    [2013/11/19 15:00:39 | 000,000,378 | —- | M] () — C:WindowstasksWise Turbo Checker.job
    [2013/11/19 11:21:30 | 000,230,048 | —- | M] (Microsoft Corporation) — C:WindowsSystem32MpSigStub.exe
    [2013/11/18 15:41:55 | 000,001,912 | —- | M] () — C:Windowsepplauncher.mif
    [2013/11/12 18:13:13 | 000,867,240 | —- | M] (Oracle Corporation) — C:WindowsSystem32npDeployJava1.dll
    [2013/11/12 18:13:13 | 000,789,416 | —- | M] (Oracle Corporation) — C:WindowsSystem32deployJava1.dll
    [2013/11/11 21:10:54 | 000,000,000 | -H– | M] () — C:ProgramDataDP45977C.lfl
    [2013/11/11 20:23:53 | 001,824,000 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32WavesGUILib.dll
    [2013/11/11 20:23:51 | 000,819,648 | —- | M] (TOSHIBA Corporation) — C:WindowsSystem32tadefxapo2.dll
    [2013/11/11 20:23:51 | 000,058,264 | —- | M] (TOSHIBA CORPORATION.) — C:WindowsSystem32TepeqAPO.dll
    [2013/11/11 20:23:50 | 000,604,928 | —- | M] (DTS, Inc.) — C:WindowsSystem32sltech32.dll
    [2013/11/11 20:23:49 | 000,218,368 | —- | M] (TODO: ) — C:WindowsSystem32slprp32.dll
    [2013/11/11 20:23:48 | 000,938,752 | —- | M] (SRS Labs, Inc.) — C:WindowsSystem32slcnt32.dll
    [2013/11/11 20:23:46 | 000,823,040 | —- | M] (DTS, Inc.) — C:WindowsSystem32sl3apo32.dll
    [2013/11/11 20:23:44 | 000,912,432 | —- | M] (Sony Corporation) — C:WindowsSystem32SFSS_APO.dll
    [2013/11/11 20:23:41 | 005,681,192 | —- | M] () — C:WindowsSystem32driversrtvienna.dat
    [2013/11/11 20:23:38 | 001,596,488 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RTSndMgr.cpl
    [2013/11/11 20:23:32 | 000,798,520 | —- | M] (ASUSTeKcomputer.Inc Inc) — C:WindowsSystem32RTKSMSettingsIPC.dll
    [2013/11/11 20:23:31 | 004,222,104 | —- | M] (ASUSTeKcomputer.Inc Inc) — C:WindowsSystem32RTKSMlfx.dll
    [2013/11/11 20:23:29 | 002,546,904 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkPgExt.dll
    [2013/11/11 20:23:22 | 000,122,072 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkCoInstII.dll
    [2013/11/11 20:23:20 | 002,327,768 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkAPO.dll
    [2013/11/11 20:23:20 | 000,769,752 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RtkApoApi.dll
    [2013/11/11 20:22:58 | 000,646,313 | —- | M] () — C:WindowsSystem32driversRTAIODAT.DAT
    [2013/11/11 20:22:56 | 032,882,688 | —- | M] (Realtek Semiconductor Corp.) — C:WindowsSystem32RCoRes.dat
    [2013/11/11 20:22:49 | 007,162,128 | —- | M] (Dolby Laboratories) — C:WindowsSystem32R4EEP32A.dll
    [2013/11/11 20:22:46 | 000,106,768 | —- | M] (Dolby Laboratories) — C:WindowsSystem32R4EEL32A.dll
    [2013/11/11 20:22:45 | 000,352,016 | —- | M] (Dolby Laboratories) — C:WindowsSystem32R4EED32A.dll
    [2013/11/11 20:22:45 | 000,091,920 | —- | M] (Dolby Laboratories) — C:WindowsSystem32R4EEA32A.dll
    [2013/11/11 20:22:45 | 000,062,224 | —- | M] (Dolby Laboratories) — C:WindowsSystem32R4EEG32A.dll
    [2013/11/11 20:22:44 | 000,852,016 | —- | M] (Sony Corporation) — C:WindowsSystem32MISS_APO.dll
    [2013/11/11 20:22:37 | 000,509,184 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxVolumeSDAPO.dll
    [2013/11/11 20:22:36 | 000,761,088 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxVoiceAPO20.dll
    [2013/11/11 20:22:35 | 003,443,968 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioVnN.dll
    [2013/11/11 20:22:35 | 000,642,304 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxSpeechAPO.dll
    [2013/11/11 20:22:34 | 027,368,704 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioVnA.dll
    [2013/11/11 20:21:52 | 001,677,568 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioRealtek2.dll
    [2013/11/11 20:21:48 | 013,880,576 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioRealtek.dll
    [2013/11/11 20:21:22 | 001,935,104 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioEQ.dll
    [2013/11/11 20:21:17 | 001,097,984 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO50.dll
    [2013/11/11 20:21:17 | 000,859,392 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPOShell.dll
    [2013/11/11 20:21:16 | 000,873,728 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO40.dll
    [2013/11/11 20:21:15 | 000,509,184 | —- | M] (Waves Audio Ltd.) — C:WindowsSystem32MaxxAudioAPO30.dll
    [2013/11/11 20:20:38 | 002,395,680 | —- | M] (Fortemedia Corporation) — C:WindowsSystem32FMAPO.dll
    [2013/11/11 20:20:36 | 000,346,056 | —- | M] (DTS) — C:WindowsSystem32DTSU2PREC32.dll
    [2013/11/11 20:20:35 | 000,426,952 | —- | M] (DTS) — C:WindowsSystem32DTSU2PLFX32.dll
    [2013/11/11 20:20:34 | 000,402,888 | —- | M] (DTS) — C:WindowsSystem32DTSU2PGFX32.dll
    [2013/11/11 20:20:22 | 006,178,136 | —- | M] (Dolby Laboratories) — C:WindowsSystem32DDPP32A.dll
    [2013/11/11 20:20:21 | 000,269,144 | —- | M] (Dolby Laboratories) — C:WindowsSystem32DDPO32A.dll
    [2013/11/11 20:20:20 | 001,439,064 | —- | M] (Dolby Laboratories) — C:WindowsSystem32DDPD32A.dll
    [2013/11/11 20:20:18 | 000,220,504 | —- | M] (Dolby Laboratories) — C:WindowsSystem32DDPA32.dll
    [2013/11/11 20:20:03 | 000,092,584 | —- | M] (Real Sound Lab SIA) — C:WindowsSystem32CONEQMSAPOGUILibrary.dll
    [2013/11/11 20:19:37 | 000,502,584 | —- | M] () — C:WindowsSystem32audioLibVc.dll
    [2013/11/11 20:19:35 | 000,188,696 | —- | M] () — C:WindowsSystem32AcpiServiceVnA.dll
    [2013/11/11 20:19:35 | 000,181,960 | —- | M] (Andrea Electronics Corporation) — C:WindowsSystem32AERTACap.dll
    [2013/11/11 20:19:35 | 000,095,840 | —- | M] (Andrea Electronics Corporation) — C:WindowsSystem32AERTARen.dll
    [2013/11/09 20:43:26 | 772,743,745 | —- | M] () — C:UsersSaidaDocumentsTrap.For.Cinderella.2013.VOSTFR.FANSUB.BRRiP.XViD-LOLOTE_2hWxRk9V5r.AVI
    [2013/11/08 00:41:38 | 000,108,000 | —- | M] (Tonec Inc.) — C:WindowsSystem32driversidmwfp.sys
    [2013/11/06 15:52:10 | 000,450,681 | R— | M] () — C:WindowsSystem32driversetchosts
    [2013/11/04 19:22:00 | 000,001,078 | —- | M] () — C:WindowstasksGoogleUpdateTaskUserS-1-5-21-4121471940-3825467980-2753460516-1001UA.job

    ========== Files Created – No Company Name ==========

    [2013/12/03 15:37:18 | 000,001,607 | —- | C] () — C:UsersSaidaDesktopSFTGC.exe – Raccourci (2).lnk
    [2013/12/02 20:48:07 | 000,000,512 | —- | C] () — C:PhysicalMBR.bin
    [2013/12/02 20:35:52 | 000,001,587 | —- | C] () — C:UsersSaidaDesktopOTL.exe – Raccourci.lnk
    [2013/12/02 20:15:56 | 000,001,607 | —- | C] () — C:UsersSaidaDesktopSFTGC.exe – Raccourci.lnk
    [2013/12/02 20:03:07 | 000,001,622 | —- | C] () — C:UsersSaidaDesktopUsbFix.exe – Raccourci.lnk
    [2013/12/02 20:00:12 | 000,001,660 | —- | C] () — C:UsersSaidaDesktopadwcleaner.exe – Raccourci.lnk
    [2013/12/01 18:15:46 | 000,000,290 | —- | C] () — C:WindowstasksDealply.job
    [2013/12/01 18:13:05 | 000,001,192 | —- | C] () — C:WindowstasksDeeal_fr 0.2-codedownloader.job
    [2013/12/01 18:13:00 | 000,001,814 | —- | C] () — C:WindowstasksDeeal_fr 0.2-firefoxinstaller.job
    [2013/12/01 18:12:56 | 000,001,888 | —- | C] () — C:WindowstasksDeeal_fr 0.2-chromeinstaller.job
    [2013/12/01 18:06:57 | 000,000,918 | —- | C] () — C:WindowsSystem32InstallUtil.InstallLog
    [2013/11/30 19:23:05 | 000,300,144 | —- | C] () — C:WindowsSystem32FNTCACHE.DAT
    [2013/11/28 19:34:28 | 772,743,745 | —- | C] () — C:UsersSaidaDocumentsTrap.For.Cinderella.2013.VOSTFR.FANSUB.BRRiP.XViD-LOLOTE_2hWxRk9V5r.AVI
    [2013/11/27 16:46:40 | 000,002,163 | —- | C] () — C:UsersPublicDesktopGoogle Chrome.lnk
    [2013/11/26 17:05:21 | 000,000,117 | —- | C] () — C:UsersSaidaDesktop+ d’astuces sur majax31.ws (2).url
    [2013/11/22 17:05:16 | 000,001,059 | —- | C] () — C:UsersPublicDesktopIObit Uninstaller.lnk
    [2013/11/22 17:04:35 | 000,002,039 | —- | C] () — C:UsersPublicDesktopAdvanced SystemCare 7.lnk
    [2013/11/18 15:41:55 | 000,001,912 | —- | C] () — C:Windowsepplauncher.mif
    [2013/11/18 15:41:49 | 000,002,077 | —- | C] () — C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Security Essentials.lnk
    [2013/11/11 21:10:54 | 000,000,000 | -H– | C] () — C:ProgramDataDP45977C.lfl
    [2013/11/11 20:23:38 | 005,681,192 | —- | C] () — C:WindowsSystem32driversrtvienna.dat
    [2013/11/11 20:22:57 | 000,646,313 | —- | C] () — C:WindowsSystem32driversRTAIODAT.DAT
    [2013/11/11 20:19:36 | 000,502,584 | —- | C] () — C:WindowsSystem32audioLibVc.dll
    [2013/11/11 20:19:34 | 000,188,696 | —- | C] () — C:WindowsSystem32AcpiServiceVnA.dll
    [2013/08/24 19:10:02 | 000,000,149 | —- | C] () — C:WindowsAZPR3.INI
    [2012/07/22 12:06:40 | 000,000,438 | RHS- | C] () — C:ProgramDatantuser.pol
    [2012/05/03 16:12:59 | 000,267,476 | —- | C] () — C:UsersSaidaAppDataLocalcensus.cache
    [2012/05/03 16:12:26 | 000,141,606 | —- | C] () — C:UsersSaidaAppDataLocalars.cache
    [2012/04/10 12:19:51 | 000,000,097 | —- | C] () — C:ProgramDataMicrosoft.SqlServer.Compact.351.32.bc
    [2012/03/05 16:53:10 | 000,163,968 | —- | C] () — C:WindowsSystem32driversTrueSight.sys
    [2012/01/19 14:03:39 | 000,010,110 | —- | C] () — C:Windowswininit.ini
    [2012/01/10 20:30:05 | 000,383,238 | —- | C] () — C:WindowsSystem32libmp3lame-0.dll
    [2011/12/31 16:52:46 | 000,765,952 | —- | C] () — C:WindowsSystem32xvidcore.dll
    [2011/12/31 16:52:46 | 000,180,224 | —- | C] () — C:WindowsSystem32xvidvfw.dll
    [2011/12/18 18:32:35 | 000,073,728 | —- | C] () — C:WindowsSystem32RtNicProp32.dll
    [2011/11/06 12:51:57 | 000,013,824 | —- | C] () — C:UsersSaidaAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== ZeroAccess Check ==========

    [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () — C:WindowsassemblyDesktop.ini

    [HKEY_CURRENT_USERSoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]

    [HKEY_CURRENT_USERSoftwareClassesclsid{fbeb8a05-beee-4442-804e-409d6c4515e9}InProcServer32]

    [HKEY_LOCAL_MACHINESoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]
    “” = %SystemRoot%system32shell32.dll — [2013/07/26 02:55:59 | 012,872,704 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Apartment

    [HKEY_LOCAL_MACHINESoftwareClassesclsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}InProcServer32]
    “” = %systemroot%system32wbemfastprox.dll — [2010/11/20 13:19:02 | 000,606,208 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Free

    [HKEY_LOCAL_MACHINESoftwareClassesclsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InProcServer32]
    “” = %systemroot%system32wbemwbemess.dll — [2009/07/14 02:16:17 | 000,342,528 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Both

    ========== LOP Check ==========

    [2013/11/19 14:41:06 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoaming4shared Desktop
    [2013/09/10 19:29:37 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAbsolute Uninstaller
    [2011/11/07 13:25:23 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingApowersoft
    [2012/11/29 17:58:45 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAVG
    [2012/11/08 18:39:52 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAVG2013
    [2011/12/02 20:24:35 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingCanneverbe Limited
    [2013/12/01 18:15:22 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDealply
    [2013/09/16 09:56:03 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDiskDefrag
    [2013/12/03 15:45:09 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDMCache
    [2012/01/01 12:34:39 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDownloaded Installations
    [2013/10/01 14:46:31 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingGlarySoft
    [2013/12/03 15:42:32 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingIDM
    [2013/11/22 17:04:36 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingIObit
    [2012/11/12 13:20:06 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingLeadertech
    [2013/12/03 15:49:32 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingNitro PDF
    [2012/01/14 00:48:45 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingNotepad++
    [2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingOrbit
    [2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingPDF Software
    [2012/01/12 20:37:22 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingProgSense
    [2013/11/25 22:37:18 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingQFX Software
    [2013/06/26 16:07:02 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingSkyMonk
    [2011/12/25 11:58:29 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingSoftware Informer
    [2011/12/27 16:42:54 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingthecleaner
    [2013/11/30 20:12:01 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingTuneUp Software
    [2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingUniblue
    [2013/06/26 16:07:02 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingURSoft
    [2011/12/07 14:01:43 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingVitySoft
    [2012/01/01 17:29:55 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingVS Revo Group
    [2012/01/17 21:09:37 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingW3i, LLC
    [2012/07/13 16:27:20 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingWindows Live Writer
    [2013/12/03 15:48:43 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingWise Care 365
    [2012/01/12 22:04:15 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingXi

    ========== Purity Check ==========

    ========== Custom Scans ==========


    [2013/11/19 14:41:06 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoaming4shared Desktop
    [2013/09/10 19:29:37 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAbsolute Uninstaller
    [2013/09/07 17:29:28 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAdobe
    [2011/11/07 13:25:23 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingApowersoft
    [2013/11/11 20:07:24 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingApple Computer
    [2012/11/29 17:58:45 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAVG
    [2012/11/08 18:39:52 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAVG2013
    [2013/09/07 17:29:27 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingAVS4YOU
    [2011/12/02 20:24:35 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingCanneverbe Limited
    [2013/12/01 18:15:22 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDealply
    [2013/09/16 09:56:03 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDiskDefrag
    [2013/12/03 15:45:09 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDMCache
    [2012/01/01 12:34:39 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingDownloaded Installations
    [2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingdvdcss
    [2013/10/01 14:46:31 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingGlarySoft
    [2013/09/25 16:05:33 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingGoogle
    [2013/12/03 15:42:32 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingIDM
    [2013/11/22 17:04:36 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingIObit
    [2012/11/12 13:20:06 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingLeadertech
    [2013/09/07 19:30:36 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingMacromedia
    [2013/10/13 19:16:01 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingMalwarebytes
    [2013/11/16 16:30:28 | 000,000,000 | –SD | M] — C:UsersSaidaAppDataRoamingMicrosoft
    [2013/09/09 19:45:11 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingMozilla
    [2013/12/03 15:49:32 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingNitro PDF
    [2013/12/01 18:12:26 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingNosibay
    [2012/01/14 00:48:45 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingNotepad++
    [2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingOrbit
    [2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingPDF Software
    [2012/01/12 20:37:22 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingProgSense
    [2013/11/25 22:37:18 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingQFX Software
    [2013/06/18 19:52:06 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingReal
    [2013/06/26 16:07:02 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingSkyMonk
    [2011/12/25 11:58:29 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingSoftware Informer
    [2011/12/27 16:42:54 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingthecleaner
    [2013/11/30 20:12:01 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingTuneUp Software
    [2013/09/07 17:29:47 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingUniblue
    [2013/06/26 16:07:02 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingURSoft
    [2011/12/07 14:01:43 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingVitySoft
    [2013/11/29 19:46:56 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingvlc
    [2012/01/01 17:29:55 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingVS Revo Group
    [2012/01/17 21:09:37 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingW3i, LLC
    [2012/07/13 16:27:20 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingWindows Live Writer
    [2011/11/05 16:55:11 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingWinRAR
    [2013/12/03 15:48:43 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingWise Care 365
    [2012/01/12 22:04:15 | 000,000,000 | —D | M] — C:UsersSaidaAppDataRoamingXi


    [2013/10/02 17:04:20 | 000,119,808 | R— | M] () — C:UsersSaidaAppDataRoamingMicrosoftInstaller{5F8683B5-5056-411C-B808-B289E29E9BBB}icons.exe
    [2012/01/14 13:26:39 | 000,183,096 | —- | M] (Microsoft Corporation) — C:UsersSaidaAppDataRoamingMicrosoftOutil de notification de cadeaux MSNmsnotif.exe
    [2012/01/31 17:05:30 | 000,315,512 | —- | M] (RealNetworks, Inc.) — C:UsersSaidaAppDataRoamingRealUpdateUpgradeHelperRealPlayer9.01rnupgagent.exe
    [2012/06/09 11:04:18 | 006,985,920 | —- | M] (Uniblue Systems Ltd ) — C:UsersSaidaAppDataRoamingUniblueRegistryBooster_tempub.exe


    [2011/02/26 06:19:21 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fcexplorer.exe
    [2009/07/14 02:14:20 | 002,613,248 | —- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430explorer.exe
    [2011/02/26 06:51:13 | 002,614,784 | —- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373explorer.exe
    [2009/10/31 06:45:39 | 002,614,272 | —- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1explorer.exe
    [2011/02/26 06:33:07 | 002,614,784 | —- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cefexplorer.exe
    [2010/11/20 13:17:09 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87caexplorer.exe
    [2011/02/25 06:30:54 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E — C:Windowsexplorer.exe
    [2011/02/25 06:30:54 | 002,616,320 | —- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84explorer.exe
    [2009/08/03 06:49:47 | 002,613,248 | —- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6explorer.exe
    [2009/08/03 06:35:50 | 002,613,248 | —- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878explorer.exe
    [2009/10/31 07:00:51 | 002,614,272 | —- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 — C:Windowswinsxsx86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691explorer.exe


    [2009/07/14 02:14:36 | 000,259,072 | —- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 — C:WindowsSystem32services.exe
    [2009/07/14 02:14:36 | 000,259,072 | —- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 — C:Windowswinsxsx86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967bservices.exe


    [2009/07/14 02:14:45 | 000,096,256 | —- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 — C:WindowsSystem32wininit.exe
    [2009/07/14 02:14:45 | 000,096,256 | —- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 — C:Windowswinsxsx86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13wininit.exe


    [2009/10/28 07:17:59 | 000,285,696 | —- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD — C:Windowswinsxsx86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177winlogon.exe
    [2009/10/28 06:52:08 | 000,285,696 | —- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 — C:Windowswinsxsx86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2winlogon.exe
    [2010/11/20 13:17:54 | 000,286,720 | —- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 — C:WindowsSystem32winlogon.exe
    [2010/11/20 13:17:54 | 000,286,720 | —- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 — C:Windowswinsxsx86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500winlogon.exe
    [2009/07/14 02:14:45 | 000,285,696 | —- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF — C:Windowswinsxsx86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166winlogon.exe
    [2013/04/04 13:50:32 | 000,218,184 | —- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC — C:Program FilesMalwarebytes’ Anti-MalwareChameleonwinlogon.exe


    “” = %systemroot%system32wbemwbemess.dll — [2009/07/14 02:16:17 | 000,342,528 | —- | M] (Microsoft Corporation)
    “ThreadingModel” = Both


    “Debug” =
    “” = mnmsrvc
    “Kmode” = SystemRootSystem32win32k.sys
    “Optional” = [binary data]
    “Required” = DebugWindows [binary data]
    “Windows” = %SystemRoot%system32csrss.exe ObjectDirectory=Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
    [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystemsCSRSS]
    “CsrSrvSharedSectionBase” = 2137980928


    “ProfilesDirectory” = %SystemDrive%Users — [2013/09/07 17:28:07 | 000,000,000 | R–D | M]
    “Default” = %SystemDrive%UsersDefault — [2013/09/29 19:32:34 | 000,000,000 | RH-D | M]
    “Public” = %SystemDrive%UsersPublic — [2013/10/12 17:12:43 | 000,000,000 | R–D | M]
    “ProgramData” = %SystemDrive%ProgramData — [2013/12/02 00:14:25 | 000,000,000 | -H-D | M]
    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-18]
    “Flags” = 12
    “State” = 0
    “RefCount” = 1
    “Sid” = 01 01 00 00 00 00 00 05 12 00 00 00 [binary data]
    “ProfileImagePath” = %systemroot%system32configsystemprofile — [2013/11/25 22:37:22 | 000,000,000 | —D | M]
    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-19]
    “ProfileImagePath” = C:WindowsServiceProfilesLocalService — [2013/12/03 15:47:04 | 000,000,000 | —D | M]
    “Flags” = 0
    “State” = 0
    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-20]
    “ProfileImagePath” = C:WindowsServiceProfilesNetworkService — [2013/12/03 15:46:57 | 000,000,000 | —D | M]
    “Flags” = 0
    “State” = 0
    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-21-4121471940-3825467980-2753460516-1001]
    “ProfileImagePath” = C:UsersSaida — [2013/12/01 17:53:44 | 000,000,000 | —D | M]
    “Flags” = 0
    “State” = 0
    “Sid” = 01 05 00 00 00 00 00 05 15 00 00 00 C4 AB A8 F5 4C 02 04 E4 24 79 1E A4 E9 03 00 00 [binary data]
    “ProfileLoadTimeLow” = 0
    “ProfileLoadTimeHigh” = 0
    “RefCount” = 3
    “RunLogonScriptSync” = 0
    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-21-4121471940-3825467980-2753460516-1003]
    “ProfileImagePath” = C:UsersUpdatusUser — [2013/12/03 15:53:03 | 000,000,000 | —D | M]
    “Flags” = 0
    “State” = 0
    “Sid” = 01 05 00 00 00 00 00 05 15 00 00 00 C4 AB A8 F5 4C 02 04 E4 24 79 1E A4 EB 03 00 00 [binary data]
    “ProfileLoadTimeLow” = 0
    “ProfileLoadTimeHigh” = 0
    “RefCount” = 0
    [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileListS-1-5-21-4121471940-3825467980-2753460516-1004]
    “ProfileImagePath” = C:UsersUpdatusUser — [2013/12/03 15:53:03 | 000,000,000 | —D | M]
    “Flags” = 0
    “State” = 0
    “Sid” = 01 05 00 00 00 00 00 05 15 00 00 00 C4 AB A8 F5 4C 02 04 E4 24 79 1E A4 EC 03 00 00 [binary data]
    “ProfileLoadTimeLow” = 0
    “ProfileLoadTimeHigh” = 0
    “RefCount” = 1


    “CompletionChar” = 64
    “DefaultColor” = 0
    “EnableExtensions” = 1
    “PathCompletionChar” = 64


    “CompletionChar” = 9
    “DefaultColor” = 0
    “EnableExtensions” = 1
    “PathCompletionChar” = 9


    Serveur : UnKnown
    Address: 192.168.0.254


    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\ReinstallCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –make-default-browser [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\HideIconsCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –hide-icons [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\ShowIconsCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –show-icons [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle Chromeshellopencommand\: “C:Program FilesGoogleChromeApplicationchrome.exe” [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\ShowIconsCommand: “C:WindowsSystem32ie4uinit.exe” -show [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\ReinstallCommand: “C:WindowsSystem32ie4uinit.exe” -reinstall [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\HideIconsCommand: “C:WindowsSystem32ie4uinit.exe” -hide [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEshellnaomcommand\: “C:Program FilesInternet Exploreriexplore.exe” -extoff [2013/09/24 19:01:56 | 000,806,080 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEshellopencommand\: C:Program FilesInternet Exploreriexplore.exe [2013/09/24 19:01:56 | 000,806,080 | —- | M] (Microsoft Corporation)


    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\ReinstallCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –make-default-browser [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\HideIconsCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –hide-icons [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle ChromeInstallInfo\ShowIconsCommand: “C:Program FilesGoogleChromeApplicationchrome.exe” –show-icons [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetGoogle Chromeshellopencommand\: “C:Program FilesGoogleChromeApplicationchrome.exe” [2013/11/14 12:29:33 | 000,863,184 | —- | M] (Google Inc.)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\ShowIconsCommand: “C:WindowsSystem32ie4uinit.exe” -show [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\ReinstallCommand: “C:WindowsSystem32ie4uinit.exe” -reinstall [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEInstallInfo\HideIconsCommand: “C:WindowsSystem32ie4uinit.exe” -hide [2013/09/24 19:01:44 | 000,208,896 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEshellnaomcommand\: “C:Program FilesInternet Exploreriexplore.exe” -extoff [2013/09/24 19:01:56 | 000,806,080 | —- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINEsoftwareclientsstartmenuinternetIEXPLORE.EXEshellopencommand\: C:Program FilesInternet Exploreriexplore.exe [2013/09/24 19:01:56 | 000,806,080 | —- | M] (Microsoft Corporation)

    ========== Alternate Data Streams ==========

    @Alternate Data Stream – 14 bytes -> C:Windowssystem.ini:c1_encryption_d
    @Alternate Data Stream – 126 bytes -> C:ProgramDataTEMP:373E1720

    etoile127
    Participant
    Nombre d'articles : 14

    Si j’ai mis les copie-coller,je ne suis pas arrivée à heberger les rapports sur ce site
    http://www.cjoint.com/” onclick=”window.open(this.href);return false;
    Je ne suis pas douer en informatique. :merci2: :merci2:

    etoile127
    Participant
    Nombre d'articles : 14

    Encore moi,je tape sur correction et voile le rapport
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!
    Error: Unable to interpret in the current context!

    OTL by OldTimer – Version 3.2.69.0 log created on 12032013_173650
    Je m’excuse de vous prendre la tète avec tout ça.Au faites pourquoi quand je lance le scan avec SFTGC,je ne peux plus avoir accès à internet et plus d’icone sur le bureau.Donc obliger de redémarrer le pc :merci2:

7 sujets de 1 à 7 (sur un total de 7)
  • Vous devez être connecté pour répondre à ce sujet.