Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  LOGICIELS

||-  Vista

|||-  

Quizz inopportuns RESOLU

 

michel69
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

Quizz inopportuns RESOLU

Prévenir les modérateurs en cas d'abus 
wallou83
wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 24/08/2011 à 10:47:45  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour , depuis qque temps , des annonces publicitaires inopportunes s'affichent : pratiquement toutes des jeux , voire des sites de rencontre .
 Que faire pour empêcher cela ?
 Merci d'avance

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 24/08/2011 à 12:14:33  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 déjà quel est ton navigateur?

 Fait ceci pour voir un peu plus s.t.p


 * Télécharge >> OTL <<sur ton bureau.

 * Fait un double-clic sur l'icône d'OTL pour le lancer
 /!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 * Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 * Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal " soit cochée.

 * Copies et colles le contenue de cette citation dans la partie inférieure d'OTL " Personnalisation"
 



 
 NetSvcs
 %systemroot%\system32\drivers\​*.sys /lockedfiles
 msconfig
 safebootminimal
 safebootnetwork
 activex
 drivers32
 %ALLUSERSPROFILE%\Application Data\*.
 %ALLUSERSPROFILE%\Application Data\*.exe /s
 %APPDATA%\*.
 %APPDATA%\*.exe /s
 %SYSTEMDRIVE%\*.exe
 netsvcs
 /md5start
 dwm.exe
 taskhost.exe
 taskeng.exe
 wscntfy.exe
 ctfmon.exe
 rdpclip.exe
 volsnap.sys
 sptd.sys
 explorer.exe
 userinit.exe
 winlogon.exe
 wininit.exe
 tcpip.sys
 Sfloppy.sys
 Changer.sys
 cdrom.sys
 disk.sys
 ndis.sys
 usbscan.sys
 usbprint.sys
 tdtcp.sys
 tdpipe.sys
 swmidi.sys
 splitter.sys
 rdpwd.sys
 eventlog.dll
 scecli.dll
 netlogon.dll
 cngaudit.dll
 sceclt.dll
 ntelogon.dll
 logevent.dll
 RASACD.SYS
 iaStor.sys
 nvstor.sys
 atapi.sys
 IdeChnDr.sys
 viasraid.sys
 AGP440.sys
 vaxscsi.sys
 nvatabus.sys
 viamraid.sys
 nvata.sys
 nvgts.sys
 iastorv.sys
 ViPrt.sys
 eNetHook.dll
 ahcix86.sys
 KR10N.sys
 nvstor32.sys
 ahcix86s.sys
 nvrd32.sys
 /md5stop
 %systemroot%\*. /mp /s
 %systemroot%\system32\*.dll /lockedfiles
 %systemroot%\Tasks\*.job /lockedfiles
 



 * Cliques sur l'icône "Analyse" (en haut à gauche) .
 * Laisse le scan aller à son terme sans te servir du PC
 * A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
 * Copie et colle le ou les rapports dans ta réponse stp...
 * Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
 Mets le rapport ici car il prend bien de la place.
 http://mydoc.tk
 ou la
 http://www.cijoint.fr/index.php

 :salut:

(Publicité)
wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 24/08/2011 à 15:29:44  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 


 Bernard 53 merci de cette réponse rapide .
 Je vais essayer de faire ce que tu m'as dit .
 Encore que je ne sois pas à l'aise avec ces rapports qu'il faut coller copier .

wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 24/08/2011 à 15:42:45  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
J'ai oublié : Google chrome .
 J'ai eu Firefox à une époque .

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 24/08/2011 à 16:57:05  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 

wallou83 a écrit :

 

 Bernard 53 merci de cette réponse rapide .
 Je vais essayer de faire ce que tu m'as dit .
 Encore que je ne sois pas à l'aise avec ces rapports qu'il faut coller copier .
 




 Tu vas voir se n'est pas compliqué   ;)

(Publicité)
wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 24/08/2011 à 18:47:05  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 j'ai essayé sans réussir : le rapport n'a pas été copiécollé.Je réessaterai demain si le temps me le permet
 Merci et à +



La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 24/08/2011 à 19:08:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 avec ses liens.

 Mets le rapport ici car il prend bien de la place.
 http://mydoc.tk
 ou la
 http://www.cijoint.fr/index.php

 Tu n'as pas besoin de faire un copier coller, il faut juste choisir ton rapport puis valider et récupérer le lien à mettre ici.

wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 25/08/2011 à 16:47:47  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 



 TL logfile created on: 25/08/2011 17:21:34 - Run 1
 OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Michel\Downloads
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3.00 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 57.54% Memory free
 6.21 Gb Paging File | 4.76 Gb Available in Paging File | 76.75% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 293.34 Gb Total Space | 188.87 Gb Free Space | 64.39% Space Free | Partition Type: NTFS
 Drive D: | 162.66 Gb Total Space | 153.07 Gb Free Space | 94.11% Space Free | Partition Type: NTFS
 
 Computer Name: PC-DE-MICHEL | User Name: Michel | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - [2011/08/25 17:19:36 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Michel\Downloads\OTL.​exe
 PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 PRC - [2011/04/21 15:31:04 | 000,982,656 | ---- | M] (PCTUTO) -- C:\Program Files\pctuto\pctuto.exe
 PRC - [2011/03/02 18:43:58 | 000,663,168 | ---- | M] (PCTuto) -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\autoupdater.ex​e
 PRC - [2011/02/23 01:39:24 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.e​xe
 PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 PRC - [2008/05/06 15:53:34 | 000,196,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidserv​ice.exe
 PRC - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\e​DSService.exe
 PRC - [2008/01/25 19:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.​exe
 PRC - [2008/01/21 04:24:22 | 000,520,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
 PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
 PRC - [2008/01/09 19:43:28 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.Supervisor.exe
 PRC - [2007/12/19 19:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe
 PRC - [2007/10/17 11:38:20 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe
 PRC - [2007/09/10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 PRC - [2007/09/06 12:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.e​xe
 PRC - [2004/11/26 11:43:34 | 000,090,112 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.e​xe
 PRC - [1997/10/14 16:38:52 | 000,040,960 | ---- | M] (Caere Corporation) -- C:\Program Files\Caere\OmniPagePro80\OPwa​re32.exe
 
 
 ========== Modules (No Company Name) ==========
 
 MOD - [2011/08/13 10:45:25 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Manage​ment\4117485024b0f652b9fbb66ff​5025896\System.Management.ni.d​ll
 MOD - [2011/08/12 15:54:32 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Servic​eProce#\1cc11918d8dd561391bba0​5c61de7573\System.ServiceProce​ss.ni.dll
 MOD - [2011/08/12 15:54:29 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Runtim​e.Remo#\a6d889aa69fd51c100352f​23c7cebd22\System.Runtime.Remo​ting.ni.dll
 MOD - [2011/08/12 15:53:44 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Config​uration\29c6ef7f07d89496c72a1b​bf718aed5d\System.Configuratio​n.ni.dll
 MOD - [2011/08/12 15:49:21 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Xml\4c​3cda96b8f12220da20f2f8d1b9439c​\System.Xml.ni.dll
 MOD - [2011/08/12 15:49:08 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Window​s.Forms\c50d9d540acecdef29c312​01e203a331\System.Windows.Form​s.ni.dll
 MOD - [2011/08/12 15:49:00 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Drawin​g\d8d83838f9840bde901df516ba3d​e588\System.Drawing.ni.dll
 MOD - [2011/08/12 15:48:04 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System\b9ea0d​414c4861120bfb7365d8ec0939\Sys​tem.ni.dll
 MOD - [2011/08/12 15:39:37 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\mscorlib\f6de​b187f24bb3185841092b89fbfdbb\m​scorlib.ni.dll
 MOD - [2011/08/06 04:21:25 | 000,400,440 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\ppGoogleNaClPluginChr​ome.dll
 MOD - [2011/08/06 04:21:24 | 004,118,072 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\pdf.dll
 MOD - [2011/08/06 04:19:58 | 000,104,520 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\avutil-50.dll
 MOD - [2011/08/06 04:19:56 | 000,203,848 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\avformat-52.dll
 MOD - [2011/08/06 04:19:55 | 001,846,344 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\avcodec-52.dll
 MOD - [2011/08/06 02:29:30 | 006,338,720 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\gcswf32.dll
 MOD - [2011/08/06 02:29:30 | 006,338,720 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\APPLIC~1\130782~​1.112\gcswf32.dll
 MOD - [2009/03/30 06:42:26 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\m​scorlib.resources\2.0.0.0_fr_b​77a5c561934e089\mscorlib.resou​rces.dll
 MOD - [2008/01/09 19:43:12 | 000,057,344 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.DialogManager.dll
 MOD - [2008/01/09 19:42:54 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.PasswordSetting.dll
 MOD - [2007/12/19 19:09:42 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\fr\eSetti​ngs.Plugin.resources.dll
 MOD - [2007/12/19 19:09:38 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings​.Plugin.dll
 MOD - [2007/12/19 19:09:00 | 000,011,264 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\fr\eSetti​ngs.Presenter.resources.dll
 MOD - [2007/12/19 19:08:54 | 000,155,648 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings​.Presenter.dll
 MOD - [2007/12/19 19:08:28 | 003,420,160 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings​.View.dll
 MOD - [2007/12/19 19:08:10 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings.Model.Com​puterInterfaces.dll
 MOD - [2007/10/17 11:38:24 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\fr\ePe​rformance.Plugin.resources.dll
 MOD - [2007/10/17 11:38:20 | 000,045,056 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Plugin.dll
 MOD - [2007/10/17 11:38:00 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Model.dll
 MOD - [2007/10/17 11:38:00 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Presenter.dll
 MOD - [2007/10/17 11:37:58 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Library.dll
 MOD - [2007/10/17 10:55:10 | 000,020,480 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Model.Interface.dll
 MOD - [2007/10/17 10:55:10 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\MemCheck.Interface.​dll
 MOD - [2007/02/13 06:26:30 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\ServiceIn​terface.dll
 MOD - [2004/07/26 17:11:50 | 000,028,672 | ---- | M] () -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\DetMethod​.dll
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
 SRV - [2010/07/19 14:59:54 | 000,259,440 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfserv​ice.exe -- (maconfservice)
 SRV - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\e​DSService.exe -- (eDataSecurity Service)
 SRV - [2008/01/25 19:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.​exe -- (Acer HomeMedia Connect Service)
 SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
 SRV - [2007/12/19 19:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe -- (eSettingsService)
 SRV - [2007/10/17 11:38:20 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe -- (AcerMemUsageCheckService)
 SRV - [2007/09/10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe -- (eRecoveryService)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\as​wSnx.sys -- (aswSnx)
 DRV - [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\as​wSP.sys -- (aswSP)
 DRV - [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\as​wTdi.sys -- (aswTdi)
 DRV - [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\as​wRdr.sys -- (aswRdr)
 DRV - [2011/07/04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\as​wMonFlt.sys -- (aswMonFlt)
 DRV - [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\as​wFsBlk.sys -- (aswFsBlk)
 DRV - [2011/02/23 02:57:00 | 010,468,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nv​lddmkm.sys -- (nvlddmkm)
 DRV - [2010/05/01 14:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\dr​iverhardwarev2.sys -- (driverhardwarev2)
 DRV - [2008/09/08 14:04:46 | 000,093,232 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TP​kd.sys -- (TPkd)
 DRV - [2008/05/06 17:53:20 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nv​stor32.sys -- (nvstor32)
 DRV - [2008/05/06 17:53:20 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nv​rd32.sys -- (nvrd32)
 DRV - [2008/04/28 19:02:42 | 000,042,528 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nv​hda32v.sys -- (NVHDA)
 DRV - [2007/11/18 03:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nv​mfdx32.sys -- (NVENETFD)
 DRV - [2007/11/06 10:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zn​tport.sys -- (zntport)
 DRV - [2007/11/06 10:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TV​icPort.sys -- (tvicport)
 DRV - [2007/07/07 15:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nv​smu.sys -- (nvsmu)
 DRV - [2007/07/03 04:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
 DRV - [2007/05/02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss​_mdm.sys -- (ss_mdm)
 DRV - [2007/05/02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss​_mdfl.sys -- (ss_mdfl)
 DRV - [2007/05/02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss​_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
 DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\St​arOpen.sys -- (StarOpen)
 DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\af​c.sys -- (Afc)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Secondar​y_Page_URL = http://global.acer.com [binary data]
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SearchDefaultBra​nded = 1
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://www.google.fr/webhp?sou [...] r&ie=UTF-8
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,StartPageCache = 1
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Search,Default_Search​_URL = http://www.google.com/ie
 IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E​3C153A1} - C:\Program Files\Freeze.com\NetAssistant\​NetAssistant.dll (W3i, LLC)
 IE - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.search.defau​ltenginename: "Google"
 FF - prefs.js..browser.search.defau​lturl: "http://search.yahoo.com/searc​h?ei=UTF-8&fr=ytff-&p="
 FF - prefs.js..browser.search.param​.yahoo-fr: "moz2-ytff-"
 FF - prefs.js..browser.search.param​.yahoo-fr-cjkt: "moz2-ytff-"
 FF - prefs.js..browser.startup.home​page: "http://search.babylon.com/?ba​bsrc=HP_ss&mntrId=d8e5a4ce0000​0000000000218568979e&tlver=1.4​.19.19&affID=17161"
 FF - prefs.js..extensions.enabledIt​ems: {b9db16a4-6edc-47ec-a1f4-b8629​2ed211d}:4.8.4
 FF - prefs.js..extensions.enabledIt​ems: {e9d9d92d-7918-49d4-a93a-afc80​9e21eb7}:2.7.2.0
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0020-ABCDE​FFEDCBA}:6.0.20
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0021-ABCDE​FFEDCBA}:6.0.21
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0022-ABCDE​FFEDCBA}:6.0.22
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0023-ABCDE​FFEDCBA}:6.0.23
 FF - prefs.js..extensions.enabledIt​ems: {4D9AE42B-F4C0-40e6-AEDB-4EC6E​42B77AF}:1.2.1.0
 FF - prefs.js..keyword.URL: "http://search.babylon.com/?ba​bsrc=SP_ss&mntrId=d8e5a4ce0000​0000000000218568979e&tlver=1.4​.19.19&instlRef=sst&affID=1716​1&q="
 
 
 FF - HKLM\Software\MozillaPlugins\@​adobe.com/FlashPlayer: C:\Windows\system32\Macromed\F​lash\NPSWF32.dll ()
 FF - HKLM\Software\MozillaPlugins\@​Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@​google.com/npPicasa2,version=2​.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
 FF - HKLM\Software\MozillaPlugins\@​google.com/npPicasa3,version=3​.0.0: C:\Program Files\Google\Picasa3\npPicasa3​.dll (Google, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​ma-config.com/HardwareDetectio​n: C:\Program Files\ma-config.com\nphardware​detection.dll (Cybelsoft)
 FF - HKLM\Software\MozillaPlugins\@​Microsoft.com/NpCtrl,version=1​.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl​.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WLPG,version=15.​4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WLPG,version=15.​4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDete​ct13.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\A​dobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Users\Michel\AppData\Local\​Google\Update\1.3.21.65\npGoog​leUpdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Users\Michel\AppData\Local\​Google\Update\1.3.21.65\npGoog​leUpdate3.dll (Google Inc.)
 
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rbox@spointer.com: C:\Program Files\OfferBox\extensions-3.1.​3878.129\offerbox@spointer.com
 
 [2009/07/06 16:46:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Extensions
 [2011/05/14 12:12:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions
 [2010/04/28 19:30:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{20a8​2645-c095-46ed-80e3-0882576053​4b}
 [2010/08/19 15:01:23 | 000,000,000 | ---D | M] (mywebsites.pro-FR Toolbar) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{3372​7f97-486d-4d19-97c3-23f432ef93​fc}(26)
 [2010/08/05 19:58:35 | 000,000,000 | ---D | M] ("Plugin Orange Installeur" ) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{4D9A​E42B-F4C0-40e6-AEDB-4EC6E42B77​AF}
 [2011/03/16 09:59:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{b9db​16a4-6edc-47ec-a1f4-b86292ed21​1d}
 [2011/03/29 16:41:59 | 000,000,000 | ---D | M] (Glarysoft Community Toolbar) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{e9d9​d92d-7918-49d4-a93a-afc809e21e​b7}
 [2011/03/29 17:00:01 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\ffxtl​br@babylon.com
 [2011/04/01 12:04:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\stage​d
 [2011/04/01 15:40:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
 [2010/06/09 15:08:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0020-ABCDEFFEDCBA}
 [2010/08/16 11:58:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0021-ABCDEFFEDCBA}
 [2010/12/04 17:58:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0022-ABCDEFFEDCBA}
 [2011/01/21 17:24:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0023-ABCDEFFEDCBA}
 File not found (No name found) --
 File not found (No name found) -- C:\USERS\MICHEL\APPDATA\ROAMIN​G\MOZILLA\FIREFOX\PROFILES\7EU​RJRMK.DEFAULT\EXTENSIONS\ENGIN​E@CONDUIT.COM
 [2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.​dll
 [2011/03/29 17:00:02 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.​xml
 
 O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1       localhost
 O1 - Hosts: ::1             localhost
 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - No CLSID value found.
 O2 - BHO: (PCTBHO Class) - {293A63F7-C3B6-423a-9845-901AC​0A7EE6E} - C:\Program Files\PCTuto\pctutoBHO.dll (PCTUTO)
 O2 - BHO: (Fast Search by Surf Canyon) - {5AB7104A-B71F-49AD-9154-F7F88​06AE848} - C:\Program Files\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
 O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\A​ctiveToolBand.dll (Egis)
 O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.7.6406.1642\swg.dll (Google Inc.)
 O2 - BHO: (NetAssistant) - {E38FA08E-F56A-4169-ABF5-5C71E​3C153A1} - C:\Program Files\Freeze.com\NetAssistant\​NetAssistant.dll (W3i, LLC)
 O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\e​DStoolbar.dll (Egis Incorporated.)
 O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
 O4 - HKLM..\Run: [EPSON Stylus DX4200 Series] C:\Windows\System32\spool\DRIV​ERS\W32X86\3\E_FATIAEE.EXE (SEIKO EPSON CORPORATION)
 O4 - HKLM..\Run: [eRecoveryService]  File not found
 O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidserv​ice.exe (NVIDIA Corporation)
 O4 - HKLM..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro80\opwa​re32.exe (Caere Corporation)
 O4 - HKLM..\Run: [pctuto] C:\Program Files\PCTuto\pctuto.exe (PCTUTO)
 O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.e​xe (Ulead Systems, Inc.)
 O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 O4 - HKLM..\RunOnce: [autoupdater] C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\autoupdater.ex​e (PCTuto)
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.sc​r (Google Inc.)
 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_6CE5017F567343​CA.dll (Google Inc.)
 O13 - gopher Prefix: missing
 O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
 O15 - HKCU\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)
 O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_26)
 O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_26)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_26)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-00010​23952c1} - C:\Program Files\Skyline\TerraExplorer\Te​rraExplorerX.dll (Skyline software systems Inc.)
 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.​exe) - C:\Windows\System32\userinit.e​xe (Microsoft Corporation)
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 NetSvcs: FastUserSwitchingCompatibility -  File not found
 NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
 NetSvcs: Nla -  File not found
 NetSvcs: Ntmssvc -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: SRService -  File not found
 NetSvcs: WmdmPmSp -  File not found
 NetSvcs: LogonHours -  File not found
 NetSvcs: PCAudit -  File not found
 NetSvcs: helpsvc -  File not found
 NetSvcs: uploadmgr -  File not found
 
 MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windo​ws^Start Menu^Programs^Startup^ASETRES.​EXE -  - File not found
 MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windo​ws^Start Menu^Programs^Startup^Démarrag​e d'Office.lnk - C:\PROGRA~1\MICROS~2\Office\OS​A.EXE - ()
 MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windo​ws^Start Menu^Programs^Startup^Gestionn​aire Microsoft Office.lnk - C:\PROGRA~1\MICROS~2\Office\MS​OFFICE.EXE - (Microsoft Corporation)
 MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windo​ws^Start Menu^Programs^Startup^Microsof​t Recherche accélérée.lnk - C:\PROGRA~1\MICROS~2\Office\FI​NDFAST.EXE - (Microsoft Corporation)
 MsConfig - StartUpReg: Acer Empowering Technology Monitor - hkey= - key= - C:\Acer\Empowering Technology\SysMonitor.exe ()
 MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe (Adobe Systems Incorporated)
 MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
 MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Acer\Empowering Technology\eDataSecurity\x86\e​DSLoader.exe (Egis Incorporated)
 MsConfig - StartUpReg: EEventManager - hkey= - key= - C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
 MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
 MsConfig - StartUpReg: PCMMediaSharing - hkey= - key= - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSha​ring.exe ()
 MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
 MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
 MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe (Google Inc.)
 MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
 MsConfig - State: "startup" - 2
 
 SafeBootMin: AppMgmt - Service
 SafeBootMin: Base - Driver Group
 SafeBootMin: Boot Bus Extender - Driver Group
 SafeBootMin: Boot file system - Driver Group
 SafeBootMin: File system - Driver Group
 SafeBootMin: Filter - Driver Group
 SafeBootMin: HelpSvc - Service
 SafeBootMin: mcmscsvc - Service
 SafeBootMin: MCODS - Service
 SafeBootMin: NTDS -  File not found
 SafeBootMin: PCI Configuration - Driver Group
 SafeBootMin: PNP Filter - Driver Group
 SafeBootMin: Primary disk - Driver Group
 SafeBootMin: sacsvr - Service
 SafeBootMin: SCSI Class - Driver Group
 SafeBootMin: System Bus Extender - Driver Group
 SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootMin: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootMin: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootMin: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootMin: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootMin: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootMin: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootMin: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 SafeBootNet: AppMgmt - Service
 SafeBootNet: Base - Driver Group
 SafeBootNet: Boot Bus Extender - Driver Group
 SafeBootNet: Boot file system - Driver Group
 SafeBootNet: File system - Driver Group
 SafeBootNet: Filter - Driver Group
 SafeBootNet: HelpSvc - Service
 SafeBootNet: mcmscsvc - Service
 SafeBootNet: MCODS - Service
 SafeBootNet: Messenger - Service
 SafeBootNet: MpfService - Service
 SafeBootNet: NDIS Wrapper - Driver Group
 SafeBootNet: NetBIOSGroup - Driver Group
 SafeBootNet: NetDDEGroup - Driver Group
 SafeBootNet: Network - Driver Group
 SafeBootNet: NetworkProvider - Driver Group
 SafeBootNet: NTDS -  File not found
 SafeBootNet: PCI Configuration - Driver Group
 SafeBootNet: PNP Filter - Driver Group
 SafeBootNet: PNP_TDI - Driver Group
 SafeBootNet: Primary disk - Driver Group
 SafeBootNet: rdsessmgr - Service
 SafeBootNet: sacsvr - Service
 SafeBootNet: SCSI Class - Driver Group
 SafeBootNet: Streams Drivers - Driver Group
 SafeBootNet: System Bus Extender - Driver Group
 SafeBootNet: TDI - Driver Group
 SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootNet: WudfPf - Driver
 SafeBootNet: WudfUsbccidDriver - Driver
 SafeBootNet: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootNet: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootNet: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootNet: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootNet: {4D36E972-E325-11CE-BFC1-08002​BE10318} - Net
 SafeBootNet: {4D36E973-E325-11CE-BFC1-08002​BE10318} - NetClient
 SafeBootNet: {4D36E974-E325-11CE-BFC1-08002​BE10318} - NetService
 SafeBootNet: {4D36E975-E325-11CE-BFC1-08002​BE10318} - NetTrans
 SafeBootNet: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootNet: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F​805F530} - Smart card readers
 SafeBootNet: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401​C608500} - Java (Sun)
 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA0​0B4E220} -
 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c​74c7e95} - Microsoft Windows Media Player 11.0
 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508​C9228ED} - %SystemRoot%\system32\regsvr32​.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.​dll
 ActiveX: {3af36230-a269-11d1-b5bf-0000f​8051515} - Offline Browsing Pack
 ActiveX: {3C3901C5-3455-3E0A-A214-0B093​A5070A6} - .NET Framework
 ActiveX: {44BBA840-CC51-11CF-AAFA-00AA0​0B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
 ActiveX: {44BBA848-CC51-11CF-AAFA-00AA0​0B6015C} -
 ActiveX: {44BBA855-CC51-11CF-AAFA-00AA0​0B6015F} - DirectDrawEx
 ActiveX: {45ea75a0-a269-11d1-b5bf-0000f​8051515} - Internet Explorer Help
 ActiveX: {4f645220-306d-11d2-995d-00c04​f98bbc9} - Microsoft Windows Script 5.6
 ActiveX: {5fd399c0-a70a-11d1-9948-00c04​f98bbc9} - Internet Explorer Setup Tools
 ActiveX: {630b1da0-b465-11d1-9948-00c04​f98bbc9} - Browsing Enhancements
 ActiveX: {6BF52A52-394A-11d3-B153-00C04​F79FAA6} - Microsoft Windows Media Player
 ActiveX: {6fab99d0-bab8-11d1-994a-00c04​f98bbc9} - MSN Site Access
 ActiveX: {7790769C-0471-11d2-AF11-00C04​FA35D02} - Address Book 7
 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E​41B1089} - .NET Framework
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4340} - regsvr32.exe /s /n /i:U shell32.dll
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4383} - C:\Windows\system32\ie4uinit.e​xe -BaseSettings
 ActiveX: {89B4C1CD-B018-4511-B0A1-5476D​BF70820} - C:\Windows\system32\Rundll32.e​xe C:\Windows\system32\mscories.d​ll,Install
 ActiveX: {9381D8F2-0288-11D0-9501-00AA0​0B911A5} - Dynamic HTML Data Binding
 ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789​CFEFCDD} - .NET Framework
 ActiveX: {C9E9A340-D1F1-11D0-821E-44455​3540600} - Internet Explorer Core Fonts
 ActiveX: {CDD7975E-60F8-41d5-8149-19E51​D6F71D0} - Windows Movie Maker v2.1
 ActiveX: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} - Macromedia Shockwave Flash
 ActiveX: {de5aed00-a4bf-11d1-9948-00c04​f98bbc9} - HTML Help
 ActiveX: {E92B03AB-B707-11d2-9CBD-0000F​87A369E} - Active Directory Service Interface
 ActiveX: >{22d6f312-b0f6-11d0-94ab-0080​c74c7e95} - C:\Windows\system32\unregmp2.e​xe /ShowWMP
 ActiveX: >{26923b43-4d38-484f-9b9e-de46​0746276c} - C:\Windows\system32\ie4uinit.e​xe -UserIconConfig
 ActiveX: >{60B49E34-C7CC-11D0-8953-00A0​C90347FF} - "C:\Windows\System32\rundll32.​exe" "C:\Windows\System32\iedkcs32.​dll",BrandIEActiveSetup SIGNUP
 
 Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
 Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.a​cm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.ac​m (http://www.mp3dev.org/)
 Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
 Drivers32: vidc.i420 - i420vfw.dll File not found
 Drivers32: VIDC.IV31 - C:\Windows\System32\ir32_32.dl​l (Intel(R) Corporation)
 Drivers32: VIDC.IV32 - C:\Windows\System32\ir32_32.dl​l (Intel(R) Corporation)
 Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.dl​l (Intel(R) Corporation)
 Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dl​l ()
 Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dl​l (www.helixcommunity.org)
 Drivers32: vidc.yvu9 - C:\Windows\System32\iyvu9_32.d​ll ()
 
 NetSvcs: FastUserSwitchingCompatibility -  File not found
 NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
 NetSvcs: Nla -  File not found
 NetSvcs: Ntmssvc -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: SRService -  File not found
 NetSvcs: WmdmPmSp -  File not found
 NetSvcs: LogonHours -  File not found
 NetSvcs: PCAudit -  File not found
 NetSvcs: helpsvc -  File not found
 NetSvcs: uploadmgr -  File not found
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2011/08/24 11:23:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
 [2011/08/19 19:55:27 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Roamin​g\www.shadowexplorer.com
 [2011/08/16 19:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Fotosizer
 [2011/08/16 19:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\Fotosizer
 [2011/08/15 18:54:16 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{EEDB429D-F87F-48CE-92A5-03A9E​D0A4505}
 [2011/08/15 18:54:06 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{66EAA76B-09D3-4E4B-B8A7-AA71F​180B44C}
 [2011/08/14 15:12:40 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{D93AD032-6C68-49C0-A18B-6E332​E89C991}
 [2011/08/14 15:12:30 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{E90CCDB4-048A-420A-AC4E-DBB38​3EED31A}
 [2011/08/12 15:41:19 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
 [2011/08/12 15:41:17 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.d​ll
 [2011/08/12 15:41:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
 [2011/08/12 15:41:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dl​l
 [2011/08/12 15:41:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
 [2011/08/12 12:15:34 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
 [2011/08/12 12:15:20 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.e​xe
 [2011/08/12 12:15:20 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.e​xe
 [2011/08/09 19:00:12 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{D6F5137C-EE52-490A-B298-5D167​35DB826}
 [2011/08/09 19:00:02 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{4454EE35-F4E4-4027-A45F-A546F​D639575}
 [2011/08/09 18:59:41 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{372B4B94-4921-4F57-8A45-68D99​3FFC2D0}
 [2011/08/08 15:44:56 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{C85E8843-6315-48BB-BC1E-7424F​41498BE}
 [2011/08/07 10:51:35 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{A5318D35-F192-44CE-BFE5-EF197​50D29AF}
 [2011/08/07 10:49:36 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{EE10E8BB-A636-4D62-8717-63F9D​972C384}
 [2011/08/05 16:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Google Earth
 [2011/08/04 18:19:46 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{D522882D-5A5C-42CC-B2EB-90DB3​7312A33}
 [2011/08/04 18:11:18 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{80A3A616-CF79-4C00-AB7D-DA85F​5BB605F}
 [2011/08/04 18:10:57 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{9649D32C-2087-42BA-98F7-B0C09​7F495CE}
 [2011/08/01 18:56:43 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{4203D287-3C02-4207-BDFD-4462B​17BE8EB}
 [2011/08/01 18:56:15 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{7CB33AFD-B12A-4FDD-81D9-B5194​9759A47}
 [2009/07/03 01:38:58 | 000,049,152 | ---- | C] ( ) -- C:\Windows\INTEROP.IWSHRUNTIME​LIBRARY.DLL
 [2009/07/02 17:14:00 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent​.exe
 
 ========== Files - Modified Within 30 Days ==========
 
 [2011/08/25 17:21:05 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.d​at
 [2011/08/25 17:21:05 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.d​at
 [2011/08/25 17:21:05 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.d​at
 [2011/08/25 17:21:05 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.d​at
 [2011/08/25 17:18:54 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
 [2011/08/25 17:18:25 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
 [2011/08/25 17:15:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2011/08/25 17:15:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2011/08/25 17:15:51 | 000,366,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.D​AT
 [2011/08/25 17:15:50 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2011/08/25 17:15:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2011/08/25 17:15:16 | 3220,324,352 | -HS- | M] () -- C:\hiberfil.sys
 [2011/08/25 17:15:15 | 196,332,228 | ---- | M] () -- C:\Windows\MEMORY.DMP
 [2011/08/24 19:10:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-187918334-1475​485724-498475476-1000UA.job
 [2011/08/24 19:08:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2011/08/24 18:10:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-187918334-1475​485724-498475476-1000Core.job
 [2011/08/22 19:19:18 | 000,003,404 | ---- | M] () -- C:\Users\Michel\Documents\cc_2​0110822_191915.reg
 [2011/08/17 09:58:11 | 000,002,593 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\lemechanttgvpaca - Recherche Google.lnk
 [2011/08/16 19:14:01 | 000,000,844 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Fotosizer.lnk
 [2011/08/16 19:14:01 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Fotosi​zer.lnk
 [2011/08/15 18:57:14 | 000,177,664 | ---- | M] () -- C:\Users\Michel\AppData\Local\​DCBC2A71-70D8-4DAN-EHR8-E0D61D​EA3FDF.ini
 [2011/08/13 16:42:21 | 000,002,077 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk
 [2011/08/13 10:33:04 | 000,001,879 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Geoportail.lnk
 [2011/08/13 10:32:31 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlaye​rCPLApp.cpl
 [2011/08/10 19:23:43 | 000,002,527 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\carte risques incendie var - Recherche Google.lnk
 [2011/08/05 17:17:21 | 000,019,112 | ---- | M] () -- C:\Users\Michel\Documents\cc_2​0110805_171716.reg
 [2011/08/05 16:10:23 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Google​ Earth.lnk
 [2011/08/05 15:48:27 | 000,588,751 | ---- | M] () -- C:\Users\Michel\Documents\Cart​e Grise YETI001.jpg
 [2011/08/04 18:07:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Ms​ft_User_WpdMtpDr_01_07_00.Wdf
 [2011/08/02 19:35:15 | 001,821,096 | ---- | M] () -- C:\Users\Michel\Documents\dess​us de lit.JPG
 [2011/08/02 19:35:15 | 001,804,444 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6736.JPG
 [2011/08/02 19:35:15 | 001,782,997 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6742.JPG
 [2011/08/02 19:35:15 | 001,781,391 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6759.JPG
 [2011/08/02 19:35:15 | 001,777,524 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6755.JPG
 [2011/08/02 19:35:15 | 001,765,224 | ---- | M] () -- C:\Users\Michel\Documents\dess​us de lit 1.JPG
 
 ========== Files Created - No Company Name ==========
 
 [2011/08/25 17:15:15 | 196,332,228 | ---- | C] () -- C:\Windows\MEMORY.DMP
 [2011/08/22 19:19:17 | 000,003,404 | ---- | C] () -- C:\Users\Michel\Documents\cc_2​0110822_191915.reg
 [2011/08/16 19:14:01 | 000,000,844 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Fotosizer.lnk
 [2011/08/16 19:14:01 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Fotosi​zer.lnk
 [2011/08/13 16:42:21 | 000,002,077 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk
 [2011/08/13 10:33:04 | 000,001,879 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Geoportail.lnk
 [2011/08/10 19:23:43 | 000,002,527 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\carte risques incendie var - Recherche Google.lnk
 [2011/08/10 19:22:12 | 000,002,593 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\lemechanttgvpaca - Recherche Google.lnk
 [2011/08/05 17:17:18 | 000,019,112 | ---- | C] () -- C:\Users\Michel\Documents\cc_2​0110805_171716.reg
 [2011/08/05 16:10:23 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Google​ Earth.lnk
 [2011/08/05 15:48:27 | 000,588,751 | ---- | C] () -- C:\Users\Michel\Documents\Cart​e Grise YETI001.jpg
 [2011/08/04 18:07:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Ms​ft_User_WpdMtpDr_01_07_00.Wdf
 [2011/08/02 19:35:15 | 001,821,096 | ---- | C] () -- C:\Users\Michel\Documents\dess​us de lit.JPG
 [2011/08/02 19:35:15 | 001,804,444 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6736.JPG
 [2011/08/02 19:35:15 | 001,782,997 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6742.JPG
 [2011/08/02 19:35:15 | 001,781,391 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6759.JPG
 [2011/08/02 19:35:15 | 001,777,524 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6755.JPG
 [2011/08/02 19:35:14 | 001,765,224 | ---- | C] () -- C:\Users\Michel\Documents\dess​us de lit 1.JPG
 [2011/07/19 18:19:52 | 000,041,472 | ---- | C] () -- C:\Windows\unscan30.exe
 [2011/07/19 18:18:37 | 000,000,572 | ---- | C] () -- C:\Windows\maxlink.ini
 [2011/07/19 18:18:35 | 000,000,000 | ---- | C] () -- C:\Windows\OP70.INI
 [2010/11/03 19:54:20 | 000,000,680 | ---- | C] () -- C:\Users\Michel\AppData\Local\​d3d9caps.dat
 [2010/06/03 10:35:38 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.​dt
 [2010/06/03 10:33:36 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\St​arOpen.sys
 [2010/03/23 11:54:53 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
 [2010/03/23 11:54:53 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
 [2010/03/23 11:54:49 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.d​ll
 [2010/03/23 11:54:49 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dl​l
 [2010/03/23 11:54:48 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
 [2010/03/18 20:19:06 | 000,026,340 | ---- | C] () -- C:\Users\Michel\AppData\Roamin​g\UserTile.png
 [2009/08/19 09:52:30 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuth​n.dll
 [2009/08/19 09:52:30 | 000,107,612 | ---- | C] () -- C:\Windows\System32\Structured​QuerySchema.bin
 [2009/07/22 15:41:00 | 000,000,408 | ---- | C] () -- C:\Users\Michel\AppData\Roamin​g\wklnhst.dat
 [2009/07/06 17:24:43 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrint​erDB.dat
 [2009/07/06 17:24:43 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn131.dat
 [2009/07/06 17:24:43 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn121.dat
 [2009/07/06 17:24:43 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn1.dat
 [2009/07/06 17:24:43 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn3.dat
 [2009/07/06 17:24:43 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn5.dat
 [2009/07/06 17:24:43 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn2.dat
 [2009/07/06 17:24:43 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn4.dat
 [2009/07/06 17:24:43 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn6.dat
 [2009/07/06 17:24:43 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_DU.dat
 [2009/07/06 17:24:43 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_PT.dat
 [2009/07/06 17:24:43 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_BP.dat
 [2009/07/06 17:24:43 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_ES.dat
 [2009/07/06 17:24:43 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_FR.dat
 [2009/07/06 17:24:43 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_CF.dat
 [2009/07/06 17:24:43 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_IT.dat
 [2009/07/06 17:24:43 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_GE.dat
 [2009/07/06 17:24:43 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_EN.dat
 [2009/07/06 17:24:43 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
 [2009/07/06 17:23:46 | 000,065,793 | ---- | C] () -- C:\Windows\System32\esfw7a.bin
 [2009/07/06 17:23:36 | 000,000,025 | ---- | C] () -- C:\Windows\CDE V200DEFGIPSRUk.ini
 [2009/07/06 17:16:20 | 000,000,022 | ---- | C] () -- C:\Windows\exchng.ini
 [2009/07/06 17:16:19 | 000,000,957 | ---- | C] () -- C:\Windows\ODBCINST.INI
 [2009/07/06 17:16:19 | 000,000,611 | ---- | C] () -- C:\Windows\ODBC.INI
 [2009/07/06 17:11:24 | 000,177,664 | ---- | C] () -- C:\Users\Michel\AppData\Local\​DCBC2A71-70D8-4DAN-EHR8-E0D61D​EA3FDF.ini
 [2009/07/06 16:17:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\Structured​QuerySchemaTrivial.bin
 [2009/07/02 17:17:26 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
 [2009/07/02 17:17:26 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
 [2009/07/02 17:15:00 | 000,077,824 | ---- | C] () -- C:\Windows\System32\drivers\IN​T15_DETECT.EXE
 [2009/07/02 17:14:00 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyA​gentUser.exe
 [2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudar​t_20.dll
 [2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTr​aditionalChinese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSw​edish.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSp​anish.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSi​mplifiedChinese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPo​rtugese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKo​rean.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJa​panese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGe​rman.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFr​ench.dll
 [2008/03/21 22:27:47 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dl​l
 [2008/03/21 20:49:26 | 000,001,108 | ---- | C] () -- C:\Windows\generic.ini
 [2008/03/21 20:49:26 | 000,000,138 | ---- | C] () -- C:\Windows\Alaunch.ini
 [2008/03/21 13:56:21 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\in​t15_64.sys
 [2008/03/21 13:02:25 | 000,003,636 | ---- | C] () -- C:\Windows\System32\drivers\nv​phy.bin
 [2008/01/21 10:40:50 | 000,678,804 | ---- | C] () -- C:\Windows\System32\perfh00C.d​at
 [2008/01/21 10:40:50 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.d​at
 [2008/01/21 10:40:50 | 000,126,420 | ---- | C] () -- C:\Windows\System32\perfc00C.d​at
 [2008/01/21 10:40:50 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.d​at
 [2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
 [2006/11/02 14:47:37 | 000,366,832 | ---- | C] () -- C:\Windows\System32\FNTCACHE.D​AT
 [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE​.dll
 [2006/11/02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.d​at
 [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.d​at
 [2006/11/02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.d​at
 [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.d​at
 [2006/11/02 12:25:24 | 000,000,256 | ---- | C] () -- C:\Windows\System32\brmsi05f.b​in
 [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
 [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
 [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
 [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.i​ni
 [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 [2002/03/17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000062.DLL
 [2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_​vcd.dll
 [2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
 [2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.​dll
 [2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_​MMX.dll
 [1998/10/10 03:00:00 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.d​ll
 [1997/08/29 00:00:00 | 000,048,640 | ---- | C] () -- C:\Windows\System32\WRKGADM.EX​E
 [1997/08/29 00:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\System32\XLREC.DLL
 [1997/08/29 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\RECNCL.DLL
 [1997/08/29 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\ODBCSTF.DL​L
 [1997/08/29 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
 [1997/08/29 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\VAFR232.DL​L
 [1997/08/29 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.D​LL
 
 ========== Custom Scans ==========
 
 
 < %systemroot%\system32\drivers\​*.sys /lockedfiles  >
 
 < %ALLUSERSPROFILE%\Application Data\*.  >
 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s  >
 
 < %APPDATA%\*.  >
 [2008/03/21 13:35:58 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Acer GameZone Console
 [2009/07/06 19:24:04 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Adobe
 [2011/05/14 11:28:59 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive
 [2011/07/08 18:57:28 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\ArchiFacile
 [2010/09/09 17:35:50 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\ArcSoft
 [2009/08/28 16:03:07 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Artweaver
 [2011/04/21 19:40:32 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\AVS4YOU
 [2011/06/14 19:07:32 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Broad Intelligence
 [2011/03/22 12:04:28 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\BSD Concept
 [2011/01/04 16:36:36 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\CasaPortale.de
 [2011/03/25 17:26:15 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\DivX
 [2010/03/26 17:30:44 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\dvdcss
 [2011/04/28 16:19:12 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\EasyBurner
 [2011/05/06 16:27:51 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\EPSON
 [2011/07/27 05:23:28 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\FinalMediaPlayer
 [2011/07/13 19:37:56 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\FreeVideoConverter
 [2009/07/06 16:23:50 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Google
 [2009/07/06 15:43:12 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Identities
 [2009/07/06 17:24:42 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\InstallShield
 [2011/02/12 17:57:12 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\LibreOffice
 [2009/07/06 15:43:56 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Macromedia
 [2006/11/02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Media Center Programs
 [2011/08/05 17:16:33 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Media Player Classic
 [2011/07/19 17:45:35 | 000,000,000 | --SD | M] -- C:\Users\Michel\AppData\Roamin​g\Microsoft
 [2009/07/06 16:46:29 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Mozilla
 [2011/05/05 19:39:30 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\OpenCandy
 [2010/04/02 11:48:48 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\OpenOffice.org
 [2010/10/12 10:13:52 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\PACE Anti-Piracy
 [2011/07/13 19:37:56 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\PCTuto
 [2010/03/18 20:19:05 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\PeerNetworking
 [2010/03/23 12:00:12 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Python-Eggs
 [2011/07/06 18:47:11 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\RegistryKeys
 [2011/05/05 19:41:21 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Reviversoft
 [2010/06/03 14:13:53 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Samsung
 [2009/07/22 15:41:01 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Template
 [2011/07/27 05:23:16 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Ulead Systems
 [2010/03/29 11:55:02 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\vlc
 [2010/03/26 15:21:24 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\widestream
 [2011/08/19 19:55:27 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\www.shadowexplorer.com
 
 < %APPDATA%\*.exe /s  >
 [2011/02/24 14:31:48 | 000,671,360 | ---- | M] (Agence-Exclusive) -- C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive\Agence-Excl​usive\autoupdater.exe
 [2011/02/24 14:31:58 | 000,777,856 | ---- | M] (Agence-Exclusive) -- C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive\Agence-Excl​usive\UpdatePCTuto.exe
 [2011/02/18 05:00:00 | 005,233,406 | ---- | M] (Macromedia, Inc.) -- C:\Users\Michel\AppData\Roamin​g\BSD Concept\Heredis12\Arbre3D.exe
 [2011/02/18 05:00:00 | 000,572,928 | ---- | M] () -- C:\Users\Michel\AppData\Roamin​g\BSD Concept\Heredis12\HTML\h8html.​exe
 [2010/03/24 21:04:43 | 001,956,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Michel\AppData\Roamin​g\Macromedia\Flash Player\www.macromedia.com\bin\​fpupdateax\fpupdateax.exe
 [2011/05/05 19:39:31 | 000,416,160 | ---- | M] () -- C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\Lates​tDLMgr.exe
 [2011/02/09 20:34:30 | 004,446,904 | ---- | M] (ReviverSoft                                                 ) -- C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\Regis​tryReviverSetup-ppi_.exe
 [2011/02/09 20:34:30 | 000,059,688 | ---- | M] () -- C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\RevSt​arter.exe
 [2011/03/02 18:43:58 | 000,663,168 | ---- | M] (PCTuto) -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\autoupdater.ex​e
 [2011/03/02 18:43:58 | 000,769,664 | ---- | M] (Agence-Exclusive) -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\UpdatePCTuto.e​xe
 [2011/08/25 17:19:16 | 000,020,480 | ---- | M] () -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\Software\itsTV​\4.0.0.2362363\su_fr.exe
 
 < %SYSTEMDRIVE%\*.exe  >
 
 
 < MD5 for: AGP440.SYS  >
 [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\drivers\AG​P440.sys
 [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_5​1b95d75\AGP440.sys
 [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_f​750e484\AGP440.sys
 [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6001.​18000_none_ba12ed3bbeb0d97a\AG​P440.sys
 [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6002.​18005_none_bbfe6647bbd2a4c6\AG​P440.sys
 [2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825C​EAD7D8 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_9​20a2c1f\AGP440.sys
 
 < MD5 for: ATAPI.SYS  >
 [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\System32\drivers\at​api.sys
 [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_b12​d8e84\atapi.sys
 [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6002.18​005_none_df23a1261eab99e8\atap​i.sys
 [2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562D​E40ED9 -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_cc1​8792d\atapi.sys
 [2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562D​E40ED9 -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6001.18​000_none_dd38281a2189ce9c\atap​i.sys
 [2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7E​C7300F -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_c6c​2e699\atapi.sys
 
 < MD5 for: CDROM.SYS  >
 [2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1​778B57 -- C:\Windows\System32\DriverStor​e\FileRepository\cdrom.inf_a29​e71c6\cdrom.sys
 [2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1​778B57 -- C:\Windows\winsxs\x86_cdrom.in​f_31bf3856ad364e35_6.0.6001.18​000_none_5fa95be2a3c76a4a\cdro​m.sys
 [2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD72809702427643​0DB314 -- C:\Windows\System32\drivers\cd​rom.sys
 [2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD72809702427643​0DB314 -- C:\Windows\System32\DriverStor​e\FileRepository\cdrom.inf_c94​9a5b6\cdrom.sys
 [2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD72809702427643​0DB314 -- C:\Windows\winsxs\x86_cdrom.in​f_31bf3856ad364e35_6.0.6002.18​005_none_6194d4eea0e93596\cdro​m.sys
 [2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5​E4D303 -- C:\Windows\System32\DriverStor​e\FileRepository\cdrom.inf_e48​7f727\cdrom.sys
 
 < MD5 for: CNGAUDIT.DLL  >
 [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D​5FED4D -- C:\Windows\System32\cngaudit.d​ll
 [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D​5FED4D -- C:\Windows\winsxs\x86_microsof​t-windows-cngaudit-dll_31bf385​6ad364e35_6.0.6000.16386_none_​e62d292932a96ce6\cngaudit.dll
 
 < MD5 for: CTFMON.EXE  >
 [2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB​72296B -- C:\Windows\System32\ctfmon.exe
 [2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB​72296B -- C:\Windows\winsxs\x86_microsof​t-windows-t..cesframework-ctfm​on_31bf3856ad364e35_6.0.6000.1​6386_none_9af9cad793a67953\ctf​mon.exe
 
 < MD5 for: DISK.SYS  >
 [2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8​F1AF6A -- C:\Windows\System32\drivers\di​sk.sys
 [2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8​F1AF6A -- C:\Windows\System32\DriverStor​e\FileRepository\disk.inf_5c85​0fad\disk.sys
 [2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8​F1AF6A -- C:\Windows\winsxs\x86_disk.inf​_31bf3856ad364e35_6.0.6002.180​05_none_fbb1faf0714e4ea6\disk.​sys
 [2008/01/21 04:23:20 | 000,055,3

(Publicité)
wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 25/08/2011 à 16:49:53  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 

wallou83 a écrit :

 


 TL logfile created on: 25/08/2011 17:21:34 - Run 1
 OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Michel\Downloads
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 3.00 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 57.54% Memory free
 6.21 Gb Paging File | 4.76 Gb Available in Paging File | 76.75% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]

 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 293.34 Gb Total Space | 188.87 Gb Free Space | 64.39% Space Free | Partition Type: NTFS
 Drive D: | 162.66 Gb Total Space | 153.07 Gb Free Space | 94.11% Space Free | Partition Type: NTFS

 Computer Name: PC-DE-MICHEL | User Name: Michel | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 ========== Processes (SafeList) ==========

 PRC - [2011/08/25 17:19:36 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Michel\Downloads\OTL.​exe
 PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 PRC - [2011/04/21 15:31:04 | 000,982,656 | ---- | M] (PCTUTO) -- C:\Program Files\pctuto\pctuto.exe
 PRC - [2011/03/02 18:43:58 | 000,663,168 | ---- | M] (PCTuto) -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\autoupdater.ex​e
 PRC - [2011/02/23 01:39:24 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.e​xe
 PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 PRC - [2008/05/06 15:53:34 | 000,196,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidserv​ice.exe
 PRC - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\e​DSService.exe
 PRC - [2008/01/25 19:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.​exe
 PRC - [2008/01/21 04:24:22 | 000,520,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntvdm.exe
 PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
 PRC - [2008/01/09 19:43:28 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.Supervisor.exe
 PRC - [2007/12/19 19:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe
 PRC - [2007/10/17 11:38:20 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe
 PRC - [2007/09/10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 PRC - [2007/09/06 12:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.e​xe
 PRC - [2004/11/26 11:43:34 | 000,090,112 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.e​xe
 PRC - [1997/10/14 16:38:52 | 000,040,960 | ---- | M] (Caere Corporation) -- C:\Program Files\Caere\OmniPagePro80\OPwa​re32.exe


 ========== Modules (No Company Name) ==========

 MOD - [2011/08/13 10:45:25 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Manage​ment\4117485024b0f652b9fbb66ff​5025896\System.Management.ni.d​ll
 MOD - [2011/08/12 15:54:32 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Servic​eProce#\1cc11918d8dd561391bba0​5c61de7573\System.ServiceProce​ss.ni.dll
 MOD - [2011/08/12 15:54:29 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Runtim​e.Remo#\a6d889aa69fd51c100352f​23c7cebd22\System.Runtime.Remo​ting.ni.dll
 MOD - [2011/08/12 15:53:44 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Config​uration\29c6ef7f07d89496c72a1b​bf718aed5d\System.Configuratio​n.ni.dll
 MOD - [2011/08/12 15:49:21 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Xml\4c​3cda96b8f12220da20f2f8d1b9439c​\System.Xml.ni.dll
 MOD - [2011/08/12 15:49:08 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Window​s.Forms\c50d9d540acecdef29c312​01e203a331\System.Windows.Form​s.ni.dll
 MOD - [2011/08/12 15:49:00 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Drawin​g\d8d83838f9840bde901df516ba3d​e588\System.Drawing.ni.dll
 MOD - [2011/08/12 15:48:04 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System\b9ea0d​414c4861120bfb7365d8ec0939\Sys​tem.ni.dll
 MOD - [2011/08/12 15:39:37 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\mscorlib\f6de​b187f24bb3185841092b89fbfdbb\m​scorlib.ni.dll
 MOD - [2011/08/06 04:21:25 | 000,400,440 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\ppGoogleNaClPluginChr​ome.dll
 MOD - [2011/08/06 04:21:24 | 004,118,072 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\pdf.dll
 MOD - [2011/08/06 04:19:58 | 000,104,520 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\avutil-50.dll
 MOD - [2011/08/06 04:19:56 | 000,203,848 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\avformat-52.dll
 MOD - [2011/08/06 04:19:55 | 001,846,344 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\avcodec-52.dll
 MOD - [2011/08/06 02:29:30 | 006,338,720 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.112\gcswf32.dll
 MOD - [2011/08/06 02:29:30 | 006,338,720 | ---- | M] () -- C:\Users\Michel\AppData\Local\​Google\Chrome\APPLIC~1\130782~​1.112\gcswf32.dll
 MOD - [2009/03/30 06:42:26 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\m​scorlib.resources\2.0.0.0_fr_b​77a5c561934e089\mscorlib.resou​rces.dll
 MOD - [2008/01/09 19:43:12 | 000,057,344 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.DialogManager.dll
 MOD - [2008/01/09 19:42:54 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.PasswordSetting.dll
 MOD - [2007/12/19 19:09:42 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\fr\eSetti​ngs.Plugin.resources.dll
 MOD - [2007/12/19 19:09:38 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings​.Plugin.dll
 MOD - [2007/12/19 19:09:00 | 000,011,264 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\fr\eSetti​ngs.Presenter.resources.dll
 MOD - [2007/12/19 19:08:54 | 000,155,648 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings​.Presenter.dll
 MOD - [2007/12/19 19:08:28 | 003,420,160 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings​.View.dll
 MOD - [2007/12/19 19:08:10 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings.Model.Com​puterInterfaces.dll
 MOD - [2007/10/17 11:38:24 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\fr\ePe​rformance.Plugin.resources.dll
 MOD - [2007/10/17 11:38:20 | 000,045,056 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Plugin.dll
 MOD - [2007/10/17 11:38:00 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Model.dll
 MOD - [2007/10/17 11:38:00 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Presenter.dll
 MOD - [2007/10/17 11:37:58 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Library.dll
 MOD - [2007/10/17 10:55:10 | 000,020,480 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Model.Interface.dll
 MOD - [2007/10/17 10:55:10 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\MemCheck.Interface.​dll
 MOD - [2007/02/13 06:26:30 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\ServiceIn​terface.dll
 MOD - [2004/07/26 17:11:50 | 000,028,672 | ---- | M] () -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\DetMethod​.dll


 ========== Win32 Services (SafeList) ==========

 SRV - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
 SRV - [2010/07/19 14:59:54 | 000,259,440 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfserv​ice.exe -- (maconfservice)
 SRV - [2008/03/05 00:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\e​DSService.exe -- (eDataSecurity Service)
 SRV - [2008/01/25 19:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.​exe -- (Acer HomeMedia Connect Service)
 SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
 SRV - [2007/12/19 19:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe -- (eSettingsService)
 SRV - [2007/10/17 11:38:20 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe -- (AcerMemUsageCheckService)
 SRV - [2007/09/10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe -- (eRecoveryService)


 ========== Driver Services (SafeList) ==========

 DRV - [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\as​wSnx.sys -- (aswSnx)
 DRV - [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\as​wSP.sys -- (aswSP)
 DRV - [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\as​wTdi.sys -- (aswTdi)
 DRV - [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\as​wRdr.sys -- (aswRdr)
 DRV - [2011/07/04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\as​wMonFlt.sys -- (aswMonFlt)
 DRV - [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\as​wFsBlk.sys -- (aswFsBlk)
 DRV - [2011/02/23 02:57:00 | 010,468,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nv​lddmkm.sys -- (nvlddmkm)
 DRV - [2010/05/01 14:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\dr​iverhardwarev2.sys -- (driverhardwarev2)
 DRV - [2008/09/08 14:04:46 | 000,093,232 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TP​kd.sys -- (TPkd)
 DRV - [2008/05/06 17:53:20 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nv​stor32.sys -- (nvstor32)
 DRV - [2008/05/06 17:53:20 | 000,132,128 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nv​rd32.sys -- (nvrd32)
 DRV - [2008/04/28 19:02:42 | 000,042,528 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nv​hda32v.sys -- (NVHDA)
 DRV - [2007/11/18 03:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nv​mfdx32.sys -- (NVENETFD)
 DRV - [2007/11/06 10:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zn​tport.sys -- (zntport)
 DRV - [2007/11/06 10:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TV​icPort.sys -- (tvicport)
 DRV - [2007/07/07 15:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nv​smu.sys -- (nvsmu)
 DRV - [2007/07/03 04:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
 DRV - [2007/05/02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss​_mdm.sys -- (ss_mdm)
 DRV - [2007/05/02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss​_mdfl.sys -- (ss_mdfl)
 DRV - [2007/05/02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss​_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
 DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\St​arOpen.sys -- (StarOpen)
 DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\af​c.sys -- (Afc)


 ========== Standard Registry (SafeList) ==========


 ========== Internet Explorer ==========

 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/

 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Secondar​y_Page_URL = http://global.acer.com [binary data]
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SearchDefaultBra​nded = 1
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://www.google.fr/webhp?sou [...] r&ie=UTF-8
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,StartPageCache = 1
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Search,Default_Search​_URL = http://www.google.com/ie
 IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E​3C153A1} - C:\Program Files\Freeze.com\NetAssistant\​NetAssistant.dll (W3i, LLC)
 IE - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 ========== FireFox ==========

 FF - prefs.js..browser.search.defau​ltenginename: "Google"
 FF - prefs.js..browser.search.defau​lturl: "http://search.yahoo.com/searc​h?ei=UTF-8&fr=ytff-&p="
 FF - prefs.js..browser.search.param​.yahoo-fr: "moz2-ytff-"
 FF - prefs.js..browser.search.param​.yahoo-fr-cjkt: "moz2-ytff-"
 FF - prefs.js..browser.startup.home​page: "http://search.babylon.com/?ba​bsrc=HP_ss&mntrId=d8e5a4ce0000​0000000000218568979e&tlver=1.4​.19.19&affID=17161"
 FF - prefs.js..extensions.enabledIt​ems: {b9db16a4-6edc-47ec-a1f4-b8629​2ed211d}:4.8.4
 FF - prefs.js..extensions.enabledIt​ems: {e9d9d92d-7918-49d4-a93a-afc80​9e21eb7}:2.7.2.0
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0020-ABCDE​FFEDCBA}:6.0.20
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0021-ABCDE​FFEDCBA}:6.0.21
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0022-ABCDE​FFEDCBA}:6.0.22
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0023-ABCDE​FFEDCBA}:6.0.23
 FF - prefs.js..extensions.enabledIt​ems: {4D9AE42B-F4C0-40e6-AEDB-4EC6E​42B77AF}:1.2.1.0
 FF - prefs.js..keyword.URL: "http://search.babylon.com/?ba​bsrc=SP_ss&mntrId=d8e5a4ce0000​0000000000218568979e&tlver=1.4​.19.19&instlRef=sst&affID=1716​1&q="


 FF - HKLM\Software\MozillaPlugins\@​adobe.com/FlashPlayer: C:\Windows\system32\Macromed\F​lash\NPSWF32.dll ()
 FF - HKLM\Software\MozillaPlugins\@​Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@​google.com/npPicasa2,version=2​.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
 FF - HKLM\Software\MozillaPlugins\@​google.com/npPicasa3,version=3​.0.0: C:\Program Files\Google\Picasa3\npPicasa3​.dll (Google, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​ma-config.com/HardwareDetectio​n: C:\Program Files\ma-config.com\nphardware​detection.dll (Cybelsoft)
 FF - HKLM\Software\MozillaPlugins\@​Microsoft.com/NpCtrl,version=1​.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl​.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WLPG,version=15.​4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WLPG,version=15.​4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDete​ct13.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\A​dobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Users\Michel\AppData\Local\​Google\Update\1.3.21.65\npGoog​leUpdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Users\Michel\AppData\Local\​Google\Update\1.3.21.65\npGoog​leUpdate3.dll (Google Inc.)

 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rbox@spointer.com: C:\Program Files\OfferBox\extensions-3.1.​3878.129\offerbox@spointer.com

 [2009/07/06 16:46:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Extensions
 [2011/05/14 12:12:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions
 [2010/04/28 19:30:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{20a8​2645-c095-46ed-80e3-0882576053​4b}
 [2010/08/19 15:01:23 | 000,000,000 | ---D | M] (mywebsites.pro-FR Toolbar) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{3372​7f97-486d-4d19-97c3-23f432ef93​fc}(26)
 [2010/08/05 19:58:35 | 000,000,000 | ---D | M] ("Plugin Orange Installeur" ) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{4D9A​E42B-F4C0-40e6-AEDB-4EC6E42B77​AF}
 [2011/03/16 09:59:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{b9db​16a4-6edc-47ec-a1f4-b86292ed21​1d}
 [2011/03/29 16:41:59 | 000,000,000 | ---D | M] (Glarysoft Community Toolbar) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{e9d9​d92d-7918-49d4-a93a-afc809e21e​b7}
 [2011/03/29 17:00:01 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\ffxtl​br@babylon.com
 [2011/04/01 12:04:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\stage​d
 [2011/04/01 15:40:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
 [2010/06/09 15:08:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0020-ABCDEFFEDCBA}
 [2010/08/16 11:58:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0021-ABCDEFFEDCBA}
 [2010/12/04 17:58:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0022-ABCDEFFEDCBA}
 [2011/01/21 17:24:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0023-ABCDEFFEDCBA}
 File not found (No name found) --
 File not found (No name found) -- C:\USERS\MICHEL\APPDATA\ROAMIN​G\MOZILLA\FIREFOX\PROFILES\7EU​RJRMK.DEFAULT\EXTENSIONS\ENGIN​E@CONDUIT.COM
 [2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.​dll
 [2011/03/29 17:00:02 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.​xml

 O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1       localhost
 O1 - Hosts: ::1             localhost
 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - No CLSID value found.
 O2 - BHO: (PCTBHO Class) - {293A63F7-C3B6-423a-9845-901AC​0A7EE6E} - C:\Program Files\PCTuto\pctutoBHO.dll (PCTUTO)
 O2 - BHO: (Fast Search by Surf Canyon) - {5AB7104A-B71F-49AD-9154-F7F88​06AE848} - C:\Program Files\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
 O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\A​ctiveToolBand.dll (Egis)
 O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.7.6406.1642\swg.dll (Google Inc.)
 O2 - BHO: (NetAssistant) - {E38FA08E-F56A-4169-ABF5-5C71E​3C153A1} - C:\Program Files\Freeze.com\NetAssistant\​NetAssistant.dll (W3i, LLC)
 O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\e​DStoolbar.dll (Egis Incorporated.)
 O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
 O4 - HKLM..\Run: [EPSON Stylus DX4200 Series] C:\Windows\System32\spool\DRIV​ERS\W32X86\3\E_FATIAEE.EXE (SEIKO EPSON CORPORATION)
 O4 - HKLM..\Run: [eRecoveryService]  File not found
 O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidserv​ice.exe (NVIDIA Corporation)
 O4 - HKLM..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro80\opwa​re32.exe (Caere Corporation)
 O4 - HKLM..\Run: [pctuto] C:\Program Files\PCTuto\pctuto.exe (PCTUTO)
 O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.e​xe (Ulead Systems, Inc.)
 O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 O4 - HKLM..\RunOnce: [autoupdater] C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\autoupdater.ex​e (PCTuto)
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.sc​r (Google Inc.)
 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_6CE5017F567343​CA.dll (Google Inc.)
 O13 - gopher Prefix: missing
 O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
 O15 - HKCU\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)
 O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_26)
 O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_26)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_26)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-00010​23952c1} - C:\Program Files\Skyline\TerraExplorer\Te​rraExplorerX.dll (Skyline software systems Inc.)
 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.​exe) - C:\Windows\System32\userinit.e​xe (Microsoft Corporation)
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 NetSvcs: FastUserSwitchingCompatibility -  File not found
 NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
 NetSvcs: Nla -  File not found
 NetSvcs: Ntmssvc -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: SRService -  File not found
 NetSvcs: WmdmPmSp -  File not found
 NetSvcs: LogonHours -  File not found
 NetSvcs: PCAudit -  File not found
 NetSvcs: helpsvc -  File not found
 NetSvcs: uploadmgr -  File not found

 MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windo​ws^Start Menu^Programs^Startup^ASETRES.​EXE -  - File not found
 MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windo​ws^Start Menu^Programs^Startup^Démarrag​e d'Office.lnk - C:\PROGRA~1\MICROS~2\Office\OS​A.EXE - ()
 MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windo​ws^Start Menu^Programs^Startup^Gestionn​aire Microsoft Office.lnk - C:\PROGRA~1\MICROS~2\Office\MS​OFFICE.EXE - (Microsoft Corporation)
 MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windo​ws^Start Menu^Programs^Startup^Microsof​t Recherche accélérée.lnk - C:\PROGRA~1\MICROS~2\Office\FI​NDFAST.EXE - (Microsoft Corporation)
 MsConfig - StartUpReg: Acer Empowering Technology Monitor - hkey= - key= - C:\Acer\Empowering Technology\SysMonitor.exe ()
 MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe (Adobe Systems Incorporated)
 MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
 MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Acer\Empowering Technology\eDataSecurity\x86\e​DSLoader.exe (Egis Incorporated)
 MsConfig - StartUpReg: EEventManager - hkey= - key= - C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
 MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
 MsConfig - StartUpReg: PCMMediaSharing - hkey= - key= - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSha​ring.exe ()
 MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
 MsConfig - StartUpReg: Skytel - hkey= - key= - C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
 MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
 MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe (Google Inc.)
 MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
 MsConfig - State: "startup" - 2

 SafeBootMin: AppMgmt - Service
 SafeBootMin: Base - Driver Group
 SafeBootMin: Boot Bus Extender - Driver Group
 SafeBootMin: Boot file system - Driver Group
 SafeBootMin: File system - Driver Group
 SafeBootMin: Filter - Driver Group
 SafeBootMin: HelpSvc - Service
 SafeBootMin: mcmscsvc - Service
 SafeBootMin: MCODS - Service
 SafeBootMin: NTDS -  File not found
 SafeBootMin: PCI Configuration - Driver Group
 SafeBootMin: PNP Filter - Driver Group
 SafeBootMin: Primary disk - Driver Group
 SafeBootMin: sacsvr - Service
 SafeBootMin: SCSI Class - Driver Group
 SafeBootMin: System Bus Extender - Driver Group
 SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootMin: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootMin: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootMin: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootMin: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootMin: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootMin: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootMin: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices

 SafeBootNet: AppMgmt - Service
 SafeBootNet: Base - Driver Group
 SafeBootNet: Boot Bus Extender - Driver Group
 SafeBootNet: Boot file system - Driver Group
 SafeBootNet: File system - Driver Group
 SafeBootNet: Filter - Driver Group
 SafeBootNet: HelpSvc - Service
 SafeBootNet: mcmscsvc - Service
 SafeBootNet: MCODS - Service
 SafeBootNet: Messenger - Service
 SafeBootNet: MpfService - Service
 SafeBootNet: NDIS Wrapper - Driver Group
 SafeBootNet: NetBIOSGroup - Driver Group
 SafeBootNet: NetDDEGroup - Driver Group
 SafeBootNet: Network - Driver Group
 SafeBootNet: NetworkProvider - Driver Group
 SafeBootNet: NTDS -  File not found
 SafeBootNet: PCI Configuration - Driver Group
 SafeBootNet: PNP Filter - Driver Group
 SafeBootNet: PNP_TDI - Driver Group
 SafeBootNet: Primary disk - Driver Group
 SafeBootNet: rdsessmgr - Service
 SafeBootNet: sacsvr - Service
 SafeBootNet: SCSI Class - Driver Group
 SafeBootNet: Streams Drivers - Driver Group
 SafeBootNet: System Bus Extender - Driver Group
 SafeBootNet: TDI - Driver Group
 SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SafeBootNet: WudfPf - Driver
 SafeBootNet: WudfUsbccidDriver - Driver
 SafeBootNet: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootNet: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootNet: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootNet: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootNet: {4D36E972-E325-11CE-BFC1-08002​BE10318} - Net
 SafeBootNet: {4D36E973-E325-11CE-BFC1-08002​BE10318} - NetClient
 SafeBootNet: {4D36E974-E325-11CE-BFC1-08002​BE10318} - NetService
 SafeBootNet: {4D36E975-E325-11CE-BFC1-08002​BE10318} - NetTrans
 SafeBootNet: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootNet: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F​805F530} - Smart card readers
 SafeBootNet: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices

 ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401​C608500} - Java (Sun)
 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA0​0B4E220} -
 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c​74c7e95} - Microsoft Windows Media Player 11.0
 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508​C9228ED} - %SystemRoot%\system32\regsvr32​.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.​dll
 ActiveX: {3af36230-a269-11d1-b5bf-0000f​8051515} - Offline Browsing Pack
 ActiveX: {3C3901C5-3455-3E0A-A214-0B093​A5070A6} - .NET Framework
 ActiveX: {44BBA840-CC51-11CF-AAFA-00AA0​0B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
 ActiveX: {44BBA848-CC51-11CF-AAFA-00AA0​0B6015C} -
 ActiveX: {44BBA855-CC51-11CF-AAFA-00AA0​0B6015F} - DirectDrawEx
 ActiveX: {45ea75a0-a269-11d1-b5bf-0000f​8051515} - Internet Explorer Help
 ActiveX: {4f645220-306d-11d2-995d-00c04​f98bbc9} - Microsoft Windows Script 5.6
 ActiveX: {5fd399c0-a70a-11d1-9948-00c04​f98bbc9} - Internet Explorer Setup Tools
 ActiveX: {630b1da0-b465-11d1-9948-00c04​f98bbc9} - Browsing Enhancements
 ActiveX: {6BF52A52-394A-11d3-B153-00C04​F79FAA6} - Microsoft Windows Media Player
 ActiveX: {6fab99d0-bab8-11d1-994a-00c04​f98bbc9} - MSN Site Access
 ActiveX: {7790769C-0471-11d2-AF11-00C04​FA35D02} - Address Book 7
 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E​41B1089} - .NET Framework
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4340} - regsvr32.exe /s /n /i:U shell32.dll
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4383} - C:\Windows\system32\ie4uinit.e​xe -BaseSettings
 ActiveX: {89B4C1CD-B018-4511-B0A1-5476D​BF70820} - C:\Windows\system32\Rundll32.e​xe C:\Windows\system32\mscories.d​ll,Install
 ActiveX: {9381D8F2-0288-11D0-9501-00AA0​0B911A5} - Dynamic HTML Data Binding
 ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789​CFEFCDD} - .NET Framework
 ActiveX: {C9E9A340-D1F1-11D0-821E-44455​3540600} - Internet Explorer Core Fonts
 ActiveX: {CDD7975E-60F8-41d5-8149-19E51​D6F71D0} - Windows Movie Maker v2.1
 ActiveX: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} - Macromedia Shockwave Flash
 ActiveX: {de5aed00-a4bf-11d1-9948-00c04​f98bbc9} - HTML Help
 ActiveX: {E92B03AB-B707-11d2-9CBD-0000F​87A369E} - Active Directory Service Interface
 ActiveX: >{22d6f312-b0f6-11d0-94ab-0080​c74c7e95} - C:\Windows\system32\unregmp2.e​xe /ShowWMP
 ActiveX: >{26923b43-4d38-484f-9b9e-de46​0746276c} - C:\Windows\system32\ie4uinit.e​xe -UserIconConfig
 ActiveX: >{60B49E34-C7CC-11D0-8953-00A0​C90347FF} - "C:\Windows\System32\rundll32.​exe" "C:\Windows\System32\iedkcs32.​dll",BrandIEActiveSetup SIGNUP

 Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
 Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.a​cm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.ac​m (http://www.mp3dev.org/)
 Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
 Drivers32: vidc.i420 - i420vfw.dll File not found
 Drivers32: VIDC.IV31 - C:\Windows\System32\ir32_32.dl​l (Intel(R) Corporation)
 Drivers32: VIDC.IV32 - C:\Windows\System32\ir32_32.dl​l (Intel(R) Corporation)
 Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.dl​l (Intel(R) Corporation)
 Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dl​l ()
 Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dl​l (www.helixcommunity.org)
 Drivers32: vidc.yvu9 - C:\Windows\System32\iyvu9_32.d​ll ()

 NetSvcs: FastUserSwitchingCompatibility -  File not found
 NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
 NetSvcs: Nla -  File not found
 NetSvcs: Ntmssvc -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: SRService -  File not found
 NetSvcs: WmdmPmSp -  File not found
 NetSvcs: LogonHours -  File not found
 NetSvcs: PCAudit -  File not found
 NetSvcs: helpsvc -  File not found
 NetSvcs: uploadmgr -  File not found

 ========== Files/Folders - Created Within 30 Days ==========

 [2011/08/24 11:23:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
 [2011/08/19 19:55:27 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Roamin​g\www.shadowexplorer.com
 [2011/08/16 19:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Fotosizer
 [2011/08/16 19:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\Fotosizer
 [2011/08/15 18:54:16 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{EEDB429D-F87F-48CE-92A5-03A9E​D0A4505}
 [2011/08/15 18:54:06 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{66EAA76B-09D3-4E4B-B8A7-AA71F​180B44C}
 [2011/08/14 15:12:40 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{D93AD032-6C68-49C0-A18B-6E332​E89C991}
 [2011/08/14 15:12:30 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{E90CCDB4-048A-420A-AC4E-DBB38​3EED31A}
 [2011/08/12 15:41:19 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
 [2011/08/12 15:41:17 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.d​ll
 [2011/08/12 15:41:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
 [2011/08/12 15:41:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dl​l
 [2011/08/12 15:41:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
 [2011/08/12 12:15:34 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
 [2011/08/12 12:15:20 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.e​xe
 [2011/08/12 12:15:20 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.e​xe
 [2011/08/09 19:00:12 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{D6F5137C-EE52-490A-B298-5D167​35DB826}
 [2011/08/09 19:00:02 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{4454EE35-F4E4-4027-A45F-A546F​D639575}
 [2011/08/09 18:59:41 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{372B4B94-4921-4F57-8A45-68D99​3FFC2D0}
 [2011/08/08 15:44:56 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{C85E8843-6315-48BB-BC1E-7424F​41498BE}
 [2011/08/07 10:51:35 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{A5318D35-F192-44CE-BFE5-EF197​50D29AF}
 [2011/08/07 10:49:36 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{EE10E8BB-A636-4D62-8717-63F9D​972C384}
 [2011/08/05 16:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Google Earth
 [2011/08/04 18:19:46 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{D522882D-5A5C-42CC-B2EB-90DB3​7312A33}
 [2011/08/04 18:11:18 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{80A3A616-CF79-4C00-AB7D-DA85F​5BB605F}
 [2011/08/04 18:10:57 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{9649D32C-2087-42BA-98F7-B0C09​7F495CE}
 [2011/08/01 18:56:43 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{4203D287-3C02-4207-BDFD-4462B​17BE8EB}
 [2011/08/01 18:56:15 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{7CB33AFD-B12A-4FDD-81D9-B5194​9759A47}
 [2009/07/03 01:38:58 | 000,049,152 | ---- | C] ( ) -- C:\Windows\INTEROP.IWSHRUNTIME​LIBRARY.DLL
 [2009/07/02 17:14:00 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent​.exe

 ========== Files - Modified Within 30 Days ==========

 [2011/08/25 17:21:05 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.d​at
 [2011/08/25 17:21:05 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.d​at
 [2011/08/25 17:21:05 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.d​at
 [2011/08/25 17:21:05 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.d​at
 [2011/08/25 17:18:54 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
 [2011/08/25 17:18:25 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
 [2011/08/25 17:15:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2011/08/25 17:15:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2011/08/25 17:15:51 | 000,366,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.D​AT
 [2011/08/25 17:15:50 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2011/08/25 17:15:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2011/08/25 17:15:16 | 3220,324,352 | -HS- | M] () -- C:\hiberfil.sys
 [2011/08/25 17:15:15 | 196,332,228 | ---- | M] () -- C:\Windows\MEMORY.DMP
 [2011/08/24 19:10:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-187918334-1475​485724-498475476-1000UA.job
 [2011/08/24 19:08:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2011/08/24 18:10:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-187918334-1475​485724-498475476-1000Core.job
 [2011/08/22 19:19:18 | 000,003,404 | ---- | M] () -- C:\Users\Michel\Documents\cc_2​0110822_191915.reg
 [2011/08/17 09:58:11 | 000,002,593 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\lemechanttgvpaca - Recherche Google.lnk
 [2011/08/16 19:14:01 | 000,000,844 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Fotosizer.lnk
 [2011/08/16 19:14:01 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Fotosi​zer.lnk
 [2011/08/15 18:57:14 | 000,177,664 | ---- | M] () -- C:\Users\Michel\AppData\Local\​DCBC2A71-70D8-4DAN-EHR8-E0D61D​EA3FDF.ini
 [2011/08/13 16:42:21 | 000,002,077 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk
 [2011/08/13 10:33:04 | 000,001,879 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Geoportail.lnk
 [2011/08/13 10:32:31 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlaye​rCPLApp.cpl
 [2011/08/10 19:23:43 | 000,002,527 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\carte risques incendie var - Recherche Google.lnk
 [2011/08/05 17:17:21 | 000,019,112 | ---- | M] () -- C:\Users\Michel\Documents\cc_2​0110805_171716.reg
 [2011/08/05 16:10:23 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
 [2011/08/05 15:48:27 | 000,588,751 | ---- | M] () -- C:\Users\Michel\Documents\Cart​e Grise YETI001.jpg
 [2011/08/04 18:07:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Ms​ft_User_WpdMtpDr_01_07_00.Wdf
 [2011/08/02 19:35:15 | 001,821,096 | ---- | M] () -- C:\Users\Michel\Documents\dess​us de lit.JPG
 [2011/08/02 19:35:15 | 001,804,444 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6736.JPG
 [2011/08/02 19:35:15 | 001,782,997 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6742.JPG
 [2011/08/02 19:35:15 | 001,781,391 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6759.JPG
 [2011/08/02 19:35:15 | 001,777,524 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6755.JPG
 [2011/08/02 19:35:15 | 001,765,224 | ---- | M] () -- C:\Users\Michel\Documents\dess​us de lit 1.JPG

 ========== Files Created - No Company Name ==========

 [2011/08/25 17:15:15 | 196,332,228 | ---- | C] () -- C:\Windows\MEMORY.DMP
 [2011/08/22 19:19:17 | 000,003,404 | ---- | C] () -- C:\Users\Michel\Documents\cc_2​0110822_191915.reg
 [2011/08/16 19:14:01 | 000,000,844 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Fotosizer.lnk
 [2011/08/16 19:14:01 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Fotosi​zer.lnk
 [2011/08/13 16:42:21 | 000,002,077 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk
 [2011/08/13 10:33:04 | 000,001,879 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Geoportail.lnk
 [2011/08/10 19:23:43 | 000,002,527 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\carte risques incendie var - Recherche Google.lnk
 [2011/08/10 19:22:12 | 000,002,593 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\lemechanttgvpaca - Recherche Google.lnk
 [2011/08/05 17:17:18 | 000,019,112 | ---- | C] () -- C:\Users\Michel\Documents\cc_2​0110805_171716.reg
 [2011/08/05 16:10:23 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
 [2011/08/05 15:48:27 | 000,588,751 | ---- | C] () -- C:\Users\Michel\Documents\Cart​e Grise YETI001.jpg
 [2011/08/04 18:07:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Ms​ft_User_WpdMtpDr_01_07_00.Wdf
 [2011/08/02 19:35:15 | 001,821,096 | ---- | C] () -- C:\Users\Michel\Documents\dess​us de lit.JPG
 [2011/08/02 19:35:15 | 001,804,444 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6736.JPG
 [2011/08/02 19:35:15 | 001,782,997 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6742.JPG
 [2011/08/02 19:35:15 | 001,781,391 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6759.JPG
 [2011/08/02 19:35:15 | 001,777,524 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6755.JPG
 [2011/08/02 19:35:14 | 001,765,224 | ---- | C] () -- C:\Users\Michel\Documents\dess​us de lit 1.JPG
 [2011/07/19 18:19:52 | 000,041,472 | ---- | C] () -- C:\Windows\unscan30.exe
 [2011/07/19 18:18:37 | 000,000,572 | ---- | C] () -- C:\Windows\maxlink.ini
 [2011/07/19 18:18:35 | 000,000,000 | ---- | C] () -- C:\Windows\OP70.INI
 [2010/11/03 19:54:20 | 000,000,680 | ---- | C] () -- C:\Users\Michel\AppData\Local\​d3d9caps.dat
 [2010/06/03 10:35:38 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.​dt
 [2010/06/03 10:33:36 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\St​arOpen.sys
 [2010/03/23 11:54:53 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
 [2010/03/23 11:54:53 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
 [2010/03/23 11:54:49 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.d​ll
 [2010/03/23 11:54:49 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dl​l
 [2010/03/23 11:54:48 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
 [2010/03/18 20:19:06 | 000,026,340 | ---- | C] () -- C:\Users\Michel\AppData\Roamin​g\UserTile.png
 [2009/08/19 09:52:30 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuth​n.dll
 [2009/08/19 09:52:30 | 000,107,612 | ---- | C] () -- C:\Windows\System32\Structured​QuerySchema.bin
 [2009/07/22 15:41:00 | 000,000,408 | ---- | C] () -- C:\Users\Michel\AppData\Roamin​g\wklnhst.dat
 [2009/07/06 17:24:43 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrint​erDB.dat
 [2009/07/06 17:24:43 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn131.dat
 [2009/07/06 17:24:43 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn121.dat
 [2009/07/06 17:24:43 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn1.dat
 [2009/07/06 17:24:43 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn3.dat
 [2009/07/06 17:24:43 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn5.dat
 [2009/07/06 17:24:43 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn2.dat
 [2009/07/06 17:24:43 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn4.dat
 [2009/07/06 17:24:43 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn6.dat
 [2009/07/06 17:24:43 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_DU.dat
 [2009/07/06 17:24:43 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_PT.dat
 [2009/07/06 17:24:43 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_BP.dat
 [2009/07/06 17:24:43 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_ES.dat
 [2009/07/06 17:24:43 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_FR.dat
 [2009/07/06 17:24:43 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_CF.dat
 [2009/07/06 17:24:43 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_IT.dat
 [2009/07/06 17:24:43 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_GE.dat
 [2009/07/06 17:24:43 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_EN.dat
 [2009/07/06 17:24:43 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
 [2009/07/06 17:23:46 | 000,065,793 | ---- | C] () -- C:\Windows\System32\esfw7a.bin
 [2009/07/06 17:23:36 | 000,000,025 | ---- | C] () -- C:\Windows\CDE V200DEFGIPSRUk.ini
 [2009/07/06 17:16:20 | 000,000,022 | ---- | C] () -- C:\Windows\exchng.ini
 [2009/07/06 17:16:19 | 000,000,957 | ---- | C] () -- C:\Windows\ODBCINST.INI
 [2009/07/06 17:16:19 | 000,000,611 | ---- | C] () -- C:\Windows\ODBC.INI
 [2009/07/06 17:11:24 | 000,177,664 | ---- | C] () -- C:\Users\Michel\AppData\Local\​DCBC2A71-70D8-4DAN-EHR8-E0D61D​EA3FDF.ini
 [2009/07/06 16:17:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\Structured​QuerySchemaTrivial.bin
 [2009/07/02 17:17:26 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
 [2009/07/02 17:17:26 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
 [2009/07/02 17:15:00 | 000,077,824 | ---- | C] () -- C:\Windows\System32\drivers\IN​T15_DETECT.EXE
 [2009/07/02 17:14:00 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyA​gentUser.exe
 [2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudar​t_20.dll
 [2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTr​aditionalChinese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSw​edish.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSp​anish.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSi​mplifiedChinese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPo​rtugese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKo​rean.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJa​panese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGe​rman.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFr​ench.dll
 [2008/03/21 22:27:47 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dl​l
 [2008/03/21 20:49:26 | 000,001,108 | ---- | C] () -- C:\Windows\generic.ini
 [2008/03/21 20:49:26 | 000,000,138 | ---- | C] () -- C:\Windows\Alaunch.ini
 [2008/03/21 13:56:21 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\in​t15_64.sys
 [2008/03/21 13:02:25 | 000,003,636 | ---- | C] () -- C:\Windows\System32\drivers\nv​phy.bin
 [2008/01/21 10:40:50 | 000,678,804 | ---- | C] () -- C:\Windows\System32\perfh00C.d​at
 [2008/01/21 10:40:50 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.d​at
 [2008/01/21 10:40:50 | 000,126,420 | ---- | C] () -- C:\Windows\System32\perfc00C.d​at
 [2008/01/21 10:40:50 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.d​at
 [2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
 [2006/11/02 14:47:37 | 000,366,832 | ---- | C] () -- C:\Windows\System32\FNTCACHE.D​AT
 [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE​.dll
 [2006/11/02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.d​at
 [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.d​at
 [2006/11/02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.d​at
 [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.d​at
 [2006/11/02 12:25:24 | 000,000,256 | ---- | C] () -- C:\Windows\System32\brmsi05f.b​in
 [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
 [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
 [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
 [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.i​ni
 [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 [2002/03/17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000062.DLL
 [2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_​vcd.dll
 [2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
 [2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.​dll
 [2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_​MMX.dll
 [1998/10/10 03:00:00 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.d​ll
 [1997/08/29 00:00:00 | 000,048,640 | ---- | C] () -- C:\Windows\System32\WRKGADM.EX​E
 [1997/08/29 00:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\System32\XLREC.DLL
 [1997/08/29 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\RECNCL.DLL
 [1997/08/29 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\ODBCSTF.DL​L
 [1997/08/29 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
 [1997/08/29 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\VAFR232.DL​L
 [1997/08/29 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.D​LL

 ========== Custom Scans ==========


 < %systemroot%\system32\drivers\​*.sys /lockedfiles  >

 < %ALLUSERSPROFILE%\Application Data\*.  >

 < %ALLUSERSPROFILE%\Application Data\*.exe /s  >

 < %APPDATA%\*.  >
 [2008/03/21 13:35:58 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Acer GameZone Console
 [2009/07/06 19:24:04 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Adobe
 [2011/05/14 11:28:59 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive
 [2011/07/08 18:57:28 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\ArchiFacile
 [2010/09/09 17:35:50 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\ArcSoft
 [2009/08/28 16:03:07 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Artweaver
 [2011/04/21 19:40:32 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\AVS4YOU
 [2011/06/14 19:07:32 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Broad Intelligence
 [2011/03/22 12:04:28 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\BSD Concept
 [2011/01/04 16:36:36 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\CasaPortale.de
 [2011/03/25 17:26:15 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\DivX
 [2010/03/26 17:30:44 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\dvdcss
 [2011/04/28 16:19:12 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\EasyBurner
 [2011/05/06 16:27:51 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\EPSON
 [2011/07/27 05:23:28 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\FinalMediaPlayer
 [2011/07/13 19:37:56 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\FreeVideoConverter
 [2009/07/06 16:23:50 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Google
 [2009/07/06 15:43:12 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Identities
 [2009/07/06 17:24:42 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\InstallShield
 [2011/02/12 17:57:12 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\LibreOffice
 [2009/07/06 15:43:56 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Macromedia
 [2006/11/02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Media Center Programs
 [2011/08/05 17:16:33 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Media Player Classic
 [2011/07/19 17:45:35 | 000,000,000 | --SD | M] -- C:\Users\Michel\AppData\Roamin​g\Microsoft
 [2009/07/06 16:46:29 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Mozilla
 [2011/05/05 19:39:30 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\OpenCandy
 [2010/04/02 11:48:48 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\OpenOffice.org
 [2010/10/12 10:13:52 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\PACE Anti-Piracy
 [2011/07/13 19:37:56 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\PCTuto
 [2010/03/18 20:19:05 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\PeerNetworking
 [2010/03/23 12:00:12 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Python-Eggs
 [2011/07/06 18:47:11 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\RegistryKeys
 [2011/05/05 19:41:21 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Reviversoft
 [2010/06/03 14:13:53 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Samsung
 [2009/07/22 15:41:01 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Template
 [2011/07/27 05:23:16 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Ulead Systems
 [2010/03/29 11:55:02 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\vlc
 [2010/03/26 15:21:24 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\widestream
 [2011/08/19 19:55:27 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\www.shadowexplorer.com

 < %APPDATA%\*.exe /s  >
 [2011/02/24 14:31:48 | 000,671,360 | ---- | M] (Agence-Exclusive) -- C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive\Agence-Excl​usive\autoupdater.exe
 [2011/02/24 14:31:58 | 000,777,856 | ---- | M] (Agence-Exclusive) -- C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive\Agence-Excl​usive\UpdatePCTuto.exe
 [2011/02/18 05:00:00 | 005,233,406 | ---- | M] (Macromedia, Inc.) -- C:\Users\Michel\AppData\Roamin​g\BSD Concept\Heredis12\Arbre3D.exe
 [2011/02/18 05:00:00 | 000,572,928 | ---- | M] () -- C:\Users\Michel\AppData\Roamin​g\BSD Concept\Heredis12\HTML\h8html.​exe
 [2010/03/24 21:04:43 | 001,956,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Michel\AppData\Roamin​g\Macromedia\Flash Player\www.macromedia.com\bin\​fpupdateax\fpupdateax.exe
 [2011/05/05 19:39:31 | 000,416,160 | ---- | M] () -- C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\Lates​tDLMgr.exe
 [2011/02/09 20:34:30 | 004,446,904 | ---- | M] (ReviverSoft                                                 ) -- C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\Regis​tryReviverSetup-ppi_.exe
 [2011/02/09 20:34:30 | 000,059,688 | ---- | M] () -- C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\RevSt​arter.exe
 [2011/03/02 18:43:58 | 000,663,168 | ---- | M] (PCTuto) -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\autoupdater.ex​e
 [2011/03/02 18:43:58 | 000,769,664 | ---- | M] (Agence-Exclusive) -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\UpdatePCTuto.e​xe
 [2011/08/25 17:19:16 | 000,020,480 | ---- | M] () -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\Software\itsTV​\4.0.0.2362363\su_fr.exe

 < %SYSTEMDRIVE%\*.exe  >


 < MD5 for: AGP440.SYS  >
 [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\drivers\AG​P440.sys
 [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_5​1b95d75\AGP440.sys
 [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_f​750e484\AGP440.sys
 [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6001.​18000_none_ba12ed3bbeb0d97a\AG​P440.sys
 [2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37D​B0D360 -- C:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.0.6002.​18005_none_bbfe6647bbd2a4c6\AG​P440.sys
 [2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825C​EAD7D8 -- C:\Windows\System32\DriverStor​e\FileRepository\machine.inf_9​20a2c1f\AGP440.sys

 < MD5 for: ATAPI.SYS  >
 [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\System32\drivers\at​api.sys
 [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_b12​d8e84\atapi.sys
 [2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B​880BC4 -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6002.18​005_none_df23a1261eab99e8\atap​i.sys
 [2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562D​E40ED9 -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_cc1​8792d\atapi.sys
 [2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562D​E40ED9 -- C:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.0.6001.18​000_none_dd38281a2189ce9c\atap​i.sys
 [2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7E​C7300F -- C:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_c6c​2e699\atapi.sys

 < MD5 for: CDROM.SYS  >
 [2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1​778B57 -- C:\Windows\System32\DriverStor​e\FileRepository\cdrom.inf_a29​e71c6\cdrom.sys
 [2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1​778B57 -- C:\Windows\winsxs\x86_cdrom.in​f_31bf3856ad364e35_6.0.6001.18​000_none_5fa95be2a3c76a4a\cdro​m.sys
 [2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD72809702427643​0DB314 -- C:\Windows\System32\drivers\cd​rom.sys
 [2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD72809702427643​0DB314 -- C:\Windows\System32\DriverStor​e\FileRepository\cdrom.inf_c94​9a5b6\cdrom.sys
 [2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD72809702427643​0DB314 -- C:\Windows\winsxs\x86_cdrom.in​f_31bf3856ad364e35_6.0.6002.18​005_none_6194d4eea0e93596\cdro​m.sys
 [2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5​E4D303 -- C:\Windows\System32\DriverStor​e\FileRepository\cdrom.inf_e48​7f727\cdrom.sys

 < MD5 for: CNGAUDIT.DLL  >
 [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D​5FED4D -- C:\Windows\System32\cngaudit.d​ll
 [2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D​5FED4D -- C:\Windows\winsxs\x86_microsof​t-windows-cngaudit-dll_31bf385​6ad364e35_6.0.6000.16386_none_​e62d292932a96ce6\cngaudit.dll

 < MD5 for: CTFMON.EXE  >
 [2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB​72296B -- C:\Windows\System32\ctfmon.exe
 [2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB​72296B -- C:\Windows\winsxs\x86_microsof​t-windows-t..cesframework-ctfm​on_31bf3856ad364e35_6.0.6000.1​6386_none_9af9cad793a67953\ctf​mon.exe

 < MD5 for: DISK.SYS  >
 [2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8​F1AF6A -- C:\Windows\System32\drivers\di​sk.sys
 [2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8​F1AF6A -- C:\Windows\System32\DriverStor​e\FileRepository\disk.inf_5c85​0fad\disk.sys
 [2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8​F1AF6A -- C:\Windows\winsxs\x86_disk.inf​_31bf3856ad364e35_6.0.6002.180​05_none_fbb1faf0714e4ea6\disk.​sys
 [2008/01/21 04:23:20 | 000,055,352 | ---
 


 Des

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 25/08/2011 à 20:01:50  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:
 Ton principal soucis viens de PCTUTO qui est une plaie  :hurle:
 Regarde cette info.

 http://forum.telecharger.01net [...] ges-1.html

 Déjà malgré que le rapport n'est pas complet "à mettre de préférence selon mes indications" fait ceci s.t.p

 * Fait un double-clic sur l'icône d'OTL pour le lancer
 /!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 * Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 * Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

 * Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
 



 
 :OTL
 PRC - [2011/04/21 15:31:04 | 000,982,656 | ---- | M] (PCTUTO) -- C:\Program Files\pctuto\pctuto.exe  
 PRC - [2011/03/02 18:43:58 | 000,663,168 | ---- | M] (PCTuto) -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\autoupdater.ex​e  
 IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E​3C153A1} - C:\Program Files\Freeze.com\NetAssistant\​NetAssistant.dll (W3i, LLC)  
 FF - prefs.js..browser.startup.home​page: http://search.babylon.com/?bab [...] ffID=17161
 FF - prefs.js..extensions.enabledIt​ems: {e9d9d92d-7918-49d4-a93a-afc80​9e21eb7}:2.7.2.0
 FF - prefs.js..keyword.URL: "http://search.babylon.com/?ba​bsrc=SP_ss&mntrId=d8e5a4ce0000​0000000000218568979e&tlver=1.4​.19.19&instlRef=sst&affID=1716​1&q="  
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rbox@spointer.com: C:\Program Files\OfferBox\extensions-3.1.​3878.129\offerbox@spointer.com
 [2010/08/19 15:01:23 | 000,000,000 | ---D | M] (mywebsites.pro-FR Toolbar) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{3372​7f97-486d-4d19-97c3-23f432ef93​fc}(26)  
 [2011/03/29 16:41:59 | 000,000,000 | ---D | M] (Glarysoft Community Toolbar) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{e9d9​d92d-7918-49d4-a93a-afc809e21e​b7}
 [2011/03/29 17:00:01 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\ffxtl​br@babylon.com  
 File not found (No name found) --    
 File not found (No name found) -- C:\USERS\MICHEL\APPDATA\ROAMIN​G\MOZILLA\FIREFOX\PROFILES\7EU​RJRMK.DEFAULT\EXTENSIONS\ENGIN​E@CONDUIT.COM
 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - No CLSID value found.
 O2 - BHO: (PCTBHO Class) - {293A63F7-C3B6-423a-9845-901AC​0A7EE6E} - C:\Program Files\PCTuto\pctutoBHO.dll (PCTUTO)
 O2 - BHO: (NetAssistant) - {E38FA08E-F56A-4169-ABF5-5C71E​3C153A1} - C:\Program Files\Freeze.com\NetAssistant\​NetAssistant.dll (W3i, LLC)
 O4 - HKLM\..\Run: [eRecoveryService] File not found
 O4 - HKLM\..\Run: [pctuto] C:\Program Files\PCTuto\pctuto.exe (PCTUTO)
 O4 - HKLM\..\RunOnce: [autoupdater] C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\autoupdater.ex​e (PCTuto)
 [2011/05/14 11:28:59 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive
 [2011/05/05 19:39:30 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\OpenCandy
 [2011/07/13 19:37:56 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\PCTuto
 [2010/03/26 15:21:24 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roamin​g\widestream
 [2011/02/24 14:31:48 | 000,671,360 | ---- | M] (Agence-Exclusive) -- C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive\Agence-Excl​usive\autoupdater.exe    
 [2011/02/24 14:31:58 | 000,777,856 | ---- | M] (Agence-Exclusive) -- C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive\Agence-Excl​usive\UpdatePCTuto.exe
 [2011/05/05 19:39:31 | 000,416,160 | ---- | M] () -- C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\Lates​tDLMgr.exe    
 [2011/02/09 20:34:30 | 004,446,904 | ---- | M] (ReviverSoft ) -- C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\Regis​tryReviverSetup-ppi_.exe    
 [2011/02/09 20:34:30 | 000,059,688 | ---- | M] () -- C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\RevSt​arter.exe
 [2011/03/02 18:43:58 | 000,663,168 | ---- | M] (PCTuto) -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\autoupdater.ex​e    
 [2011/03/02 18:43:58 | 000,769,664 | ---- | M] (Agence-Exclusive) -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\UpdatePCTuto.e​xe    =
 [2011/08/25 17:19:16 | 000,020,480 | ---- | M] () -- C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\Software\itsTV​\4.0.0.2362363\su_fr.exe
 :Commands
 [emptytemp]
 [emptytemp]
 



 * Cliques sur l'icône Correction (en haut à gauche) .
 * Laisse le scan aller à son terme sans te servir du PC
 * A la fin du scan un rapport s'ouvrir "OTL.log"
 * Copie et colle le ou les rapports dans ta réponse stp...
 * Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
 Mets le rapport ici car il prend bien de la place.
 http://mydoc.tk
 ou la
 http://www.cijoint.fr/index.php


 Ensuite ceci.

 Installe Malewarebytes' Antimalware,

 http://malwarebytes.org/products/malwarebytes_free

 Prends bien la version FREE
 *** Met-le à jour puis choisi, Exécuter un examen complet

 *** Si une infection est trouvée, coche la case a coté et valides avec l&#8217;Onglet Supprimer la sélection

 Poste le rapport final.
 
 Puis après cela nouveau rapport OTL pour contrôle s.t.p



wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 26/08/2011 à 10:28:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 [quo
 Rega Bonjour , hier quand j'ai mis désolé , c'est que je venais de m'apercevoir que je n'avais mis que le "standard ".
 Là dessus une page de pub est arrivée , je l'ai éffacée , envoyé le texte qui n'avait pas été marqué.
 Je viens de reprendre , ais copié collé ce qui a été marqué dans le dernier msg .
 Mis correction et à la fin quand l'ordi s'est remis en route , pas de rapport d'otl.
 J'ai enregistré malware  (pour 30 jours free ).
 Est ce bon , est ce que je le lance ?
 A= et encore merci.

(Publicité)
wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 26/08/2011 à 10:33:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
All processes killed
 ========== OTL ==========
 No active process named pctuto.exe was found!
 No active process named autoupdater.exe was found!
 Registry value HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Internet Explorer\URLSearchHooks\\{E38F​A08E-F56A-4169-ABF5-5C71E3C153​A1} not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{E38FA08E-F56A-416​9-ABF5-5C71E3C153A1}\ not found.
 File C:\Program Files\Freeze.com\NetAssistant\​NetAssistant.dll not found.
 Prefs.js: http://search.babylon.com/?bab [...] 02185(...) removed from browser.startup.homepage
 Prefs.js: {e9d9d92d-7918-49d4-a93a-afc80​9e21eb7}:2.7.2.0 removed from extensions.enabledItems
 Prefs.js: "http://search.babylon.com/?ba​bsrc=SP_ss&mntrId=d8e5a4ce0000​0000000000218568979e&tlver=1.4​.19.19&instlRef=sst&affID=1716​1&q=" removed from keyword.URL
 File HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rbox@spointer.com: C:\Program Files\OfferBox\extensions-3.1.​3878.129\offerbox@spointer.com not found.
 Folder C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{3372​7f97-486d-4d19-97c3-23f432ef93​fc}(26)\ not found.
 Folder C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{e9d9​d92d-7918-49d4-a93a-afc809e21e​b7}\ not found.
 Folder C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\ffxtl​br@babylon.com\ not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B​51-7695ECA05670}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{02478D38-C3F9-4ef​b-9B51-7695ECA05670}\ not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{293A63F7-C3B6-423a-98​45-901AC0A7EE6E}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{293A63F7-C3B6-423​a-9845-901AC0A7EE6E}\ not found.
 File C:\Program Files\PCTuto\pctutoBHO.dll not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{E38FA08E-F56A-4169-AB​F5-5C71E3C153A1}\ not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{E38FA08E-F56A-416​9-ABF5-5C71E3C153A1}\ not found.
 File C:\Program Files\Freeze.com\NetAssistant\​NetAssistant.dll not found.
 Registry key HKEY_LOCAL_MACHINE\\Software\M​icrosoft\Windows\CurrentVersio​n\Run not found.
 Registry key HKEY_LOCAL_MACHINE\\Software\M​icrosoft\Windows\CurrentVersio​n\Run not found.
 File C:\Program Files\PCTuto\pctuto.exe not found.
 Registry key HKEY_LOCAL_MACHINE\\Software\M​icrosoft\Windows\CurrentVersio​n\RunOnce not found.
 File C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\autoupdater.ex​e not found.
 Folder C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive\ not found.
 Folder C:\Users\Michel\AppData\Roamin​g\OpenCandy\ not found.
 Folder C:\Users\Michel\AppData\Roamin​g\PCTuto\ not found.
 Folder C:\Users\Michel\AppData\Roamin​g\widestream\ not found.
 File C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive\Agence-Excl​usive\autoupdater.exe not found.
 File C:\Users\Michel\AppData\Roamin​g\Agence-Exclusive\Agence-Excl​usive\UpdatePCTuto.exe not found.
 File C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\Lates​tDLMgr.exe not found.
 File C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\Regis​tryReviverSetup-ppi_.exe not found.
 File C:\Users\Michel\AppData\Roamin​g\OpenCandy\OpenCandy_46755BC1​982544B6AE439CA7FF565828\RevSt​arter.exe not found.
 File C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\autoupdater.ex​e not found.
 File C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\UpdatePCTuto.e​xe = not found.
 File C:\Users\Michel\AppData\Roamin​g\PCTuto\PCTuto\Software\itsTV​\4.0.0.2362363\su_fr.exe not found.
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: Michel
 ->Temp folder emptied: 35917 bytes
 ->Temporary Internet Files folder emptied: 998674 bytes
 ->Java cache emptied: 17093 bytes
 ->FireFox cache emptied: 49822572 bytes
 ->Google Chrome cache emptied: 28959458 bytes
 ->Flash cache emptied: 1962172 bytes
 
 User: Public
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 84 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
 RecycleBin emptied: 292408972 bytes
 
 Total Files Cleaned = 357.00 mb
 
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: Michel
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 966656 bytes
 ->Java cache emptied: 0 bytes
 ->FireFox cache emptied: 0 bytes
 ->Google Chrome cache emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Public
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 84 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
 RecycleBin emptied: 0 bytes
 
 Total Files Cleaned = 1.00 mb
 
 
 OTL by OldTimer - Version 3.2.26.5 log created on 08262011_110312

 Files\Folders moved on Reboot...
 File move failed. C:\Windows\temp\_avast_\Webshl​ock.txt scheduled to be moved on reboot.
 File move failed. C:\Windows\temp\CLDigitalHome\​CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
 File move failed. C:\Windows\temp\CLDigitalHome\​PCMMediaServer.log scheduled to be moved on reboot.

 Registry entries deleted on Reboot...

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 26/08/2011 à 11:56:12  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:

 J'ai enregistré malware (pour 30 jours free ).
 tu as du valider l'essai de 30 jours pour la version PRO  :??:
 si tu ne veux pas payer ensuite, désinstalle cette version puis reprends bien la version FREE et ne valides pas  :non:  la version Démo PRO.

wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 26/08/2011 à 15:05:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 




 Malwarebytes' Anti-Malware 1.51.1.1800
 www.malwarebytes.org

 Version de la base de données: 7576

 Windows 6.0.6002 Service Pack 2
 Internet Explorer 9.0.8112.16421

 26/08/2011 15:58:07
 mbam-log-2011-08-26 (15-58-07).txt

 Type d'examen: Examen complet (C:\|D:\|)
 Elément(s) analysé(s): 301887
 Temps écoulé: 30 minute(s), 32 seconde(s)

 Processus mémoire infecté(s): 0
 Module(s) mémoire infecté(s): 0
 Clé(s) du Registre infectée(s): 2
 Valeur(s) du Registre infectée(s): 0
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 1
 Fichier(s) infecté(s): 6

 Processus mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Module(s) mémoire infecté(s):
 (Aucun élément nuisible détecté)

 Clé(s) du Registre infectée(s):
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Settings\{293A63F7-C3B6-42​3A-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{293A63F7-C3B6-423A-​9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.

 Valeur(s) du Registre infectée(s):
 (Aucun élément nuisible détecté)

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 c:\program files\agence-exclusive (Trojan.Eorezo) -> Quarantined and deleted successfully.

 Fichier(s) infecté(s):
 c:\program files\agence-exclusive\pctuto.​exe (PUP.Tuto4PC) -> Not selected for removal.
 c:\Users\Michel\downloads\wmvc​onvertersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
 c:\program files\agence-exclusive\confmed​ia.cyp (Trojan.Eorezo) -> Quarantined and deleted successfully.
 c:\program files\agence-exclusive\pctutob​ho.dll (Trojan.Eorezo) -> Quarantined and deleted successfully.
 c:\program files\agence-exclusive\unins00​0.dat (Trojan.Eorezo) -> Quarantined and deleted successfully.
 c:\program files\agence-exclusive\unins00​0.exe (Trojan.Eorezo) -> Quarantined and deleted successfully.

(Publicité)
wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 26/08/2011 à 16:24:06  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
OTL logfile created on: 26/08/2011 16:07:05 - Run 1
 OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Michel\Desktop
 Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3.00 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 56.06% Memory free
 6.21 Gb Paging File | 4.63 Gb Available in Paging File | 74.64% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
 Drive C: | 293.34 Gb Total Space | 190.16 Gb Free Space | 64.83% Space Free | Partition Type: NTFS
 Drive D: | 162.66 Gb Total Space | 153.07 Gb Free Space | 94.11% Space Free | Partition Type: NTFS
 
 Computer Name: PC-DE-MICHEL | User Name: Michel | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: Current user
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - C:\Users\Michel\Desktop\OTL (4).exe (OldTimer Tools)
 PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
 PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
 PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
 PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.e​xe (NVIDIA Corporation)
 PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 PRC - C:\Windows\System32\nvraidserv​ice.exe (NVIDIA Corporation)
 PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\e​DSService.exe (Egis Incorporated)
 PRC - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.​exe (CyberLink)
 PRC - C:\Windows\System32\ntvdm.exe (Microsoft Corporation)
 PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 PRC - C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.Supervisor.exe (Acer Inc.)
 PRC - C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe ()
 PRC - C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe ()
 PRC - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe (Acer Inc.)
 PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.e​xe (Acer Inc.)
 PRC - C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.e​xe (Ulead Systems, Inc.)
 PRC - C:\Program Files\Caere\OmniPagePro80\OPwa​re32.exe (Caere Corporation)
 
 
 ========== Modules (No Company Name) ==========
 
 MOD - C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.215\ppGoogleNaClPluginChr​ome.dll ()
 MOD - C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.215\pdf.dll ()
 MOD - C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.215\avutil-50.dll ()
 MOD - C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.215\avformat-52.dll ()
 MOD - C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.215\avcodec-52.dll ()
 MOD - C:\Users\Michel\AppData\Local\​Google\Chrome\Application\13.0​.782.215\gcswf32.dll ()
 MOD - C:\Users\Michel\AppData\Local\​Google\Chrome\APPLIC~1\130782~​1.215\gcswf32.dll ()
 MOD - C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Manage​ment\4117485024b0f652b9fbb66ff​5025896\System.Management.ni.d​ll ()
 MOD - C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Servic​eProce#\1cc11918d8dd561391bba0​5c61de7573\System.ServiceProce​ss.ni.dll ()
 MOD - C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Runtim​e.Remo#\a6d889aa69fd51c100352f​23c7cebd22\System.Runtime.Remo​ting.ni.dll ()
 MOD - C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Config​uration\29c6ef7f07d89496c72a1b​bf718aed5d\System.Configuratio​n.ni.dll ()
 MOD - C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Xml\4c​3cda96b8f12220da20f2f8d1b9439c​\System.Xml.ni.dll ()
 MOD - C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Window​s.Forms\c50d9d540acecdef29c312​01e203a331\System.Windows.Form​s.ni.dll ()
 MOD - C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Drawin​g\d8d83838f9840bde901df516ba3d​e588\System.Drawing.ni.dll ()
 MOD - C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System\b9ea0d​414c4861120bfb7365d8ec0939\Sys​tem.ni.dll ()
 MOD - C:\Windows\assembly\NativeImag​es_v2.0.50727_32\mscorlib\f6de​b187f24bb3185841092b89fbfdbb\m​scorlib.ni.dll ()
 MOD - C:\Windows\assembly\GAC_MSIL\m​scorlib.resources\2.0.0.0_fr_b​77a5c561934e089\mscorlib.resou​rces.dll ()
 MOD - C:\Windows\assembly\GAC_MSIL\S​ystem.ServiceProcess.resources​\2.0.0.0_fr_b03f5f7f11d50a3a\S​ystem.ServiceProcess.resources​.dll ()
 MOD - C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.DialogManager.dll ()
 MOD - C:\Acer\Empowering Technology\Acer.Empowering.Fra​mework.PasswordSetting.dll ()
 MOD - C:\Acer\Empowering Technology\eSettings\fr\eSetti​ngs.Plugin.resources.dll ()
 MOD - C:\Acer\Empowering Technology\eSettings\eSettings​.Plugin.dll ()
 MOD - C:\Acer\Empowering Technology\eSettings\fr\eSetti​ngs.Presenter.resources.dll ()
 MOD - C:\Acer\Empowering Technology\eSettings\eSettings​.Presenter.dll ()
 MOD - C:\Acer\Empowering Technology\eSettings\eSettings​.View.dll ()
 MOD - C:\Acer\Empowering Technology\eSettings.Model.Com​puterInterfaces.dll ()
 MOD - C:\Acer\Empowering Technology\ePerformance\fr\ePe​rformance.Plugin.resources.dll ()
 MOD - C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Plugin.dll ()
 MOD - C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Model.dll ()
 MOD - C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Presenter.dll ()
 MOD - C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Library.dll ()
 MOD - C:\Acer\Empowering Technology\ePerformance\ePerfo​rmance.Model.Interface.dll ()
 MOD - C:\Acer\Empowering Technology\MemCheck.Interface.​dll ()
 MOD - C:\Acer\Empowering Technology\eRecovery\ServiceIn​terface.dll ()
 MOD - C:\Program Files\Common Files\Ulead Systems\AutoDetector\DetMethod​.dll ()
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
 SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfserv​ice.exe (CybelSoft)
 SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\e​DSService.exe (Egis Incorporated)
 SRV - (Acer HomeMedia Connect Service) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.​exe (CyberLink)
 SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe ()
 SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemChe​ck.exe ()
 SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe (Acer Inc.)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mb​amswissarmy.sys (Malwarebytes Corporation)
 DRV - (aswSnx) -- C:\Windows\System32\drivers\as​wSnx.sys (AVAST Software)
 DRV - (aswSP) -- C:\Windows\System32\drivers\as​wSP.sys (AVAST Software)
 DRV - (aswTdi) -- C:\Windows\System32\drivers\as​wTdi.sys (AVAST Software)
 DRV - (aswRdr) -- C:\Windows\System32\drivers\as​wRdr.sys (AVAST Software)
 DRV - (aswMonFlt) -- C:\Windows\System32\drivers\as​wMonFlt.sys (AVAST Software)
 DRV - (aswFsBlk) -- C:\Windows\System32\drivers\as​wFsBlk.sys (AVAST Software)
 DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nv​lddmkm.sys (NVIDIA Corporation)
 DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\dr​iverhardwarev2.sys (CybelSoft)
 DRV - (TPkd) -- C:\Windows\System32\drivers\TP​kd.sys (PACE Anti-Piracy, Inc.)
 DRV - (nvstor32) -- C:\Windows\system32\drivers\nv​stor32.sys (NVIDIA Corporation)
 DRV - (nvrd32) -- C:\Windows\system32\drivers\nv​rd32.sys (NVIDIA Corporation)
 DRV - (NVHDA) -- C:\Windows\System32\drivers\nv​hda32v.sys (NVIDIA Corporation)
 DRV - (NVENETFD) -- C:\Windows\System32\drivers\nv​mfdx32.sys (NVIDIA Corporation)
 DRV - (zntport) -- C:\Windows\System32\drivers\zn​tport.sys (Zeal SoftStudio)
 DRV - (tvicport) -- C:\Windows\System32\drivers\TV​icPort.sys (EnTech Taiwan)
 DRV - (nvsmu) -- C:\Windows\System32\drivers\nv​smu.sys (NVIDIA Corporation)
 DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys (Acer, Inc.)
 DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss​_mdm.sys (MCCI Corporation)
 DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss​_mdfl.sys (MCCI Corporation)
 DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\System32\drivers\ss​_bus.sys (MCCI Corporation)
 DRV - (StarOpen) -- C:\Windows\System32\drivers\St​arOpen.sys ()
 DRV - (Afc) -- C:\Windows\System32\drivers\af​c.sys (Arcsoft, Inc.)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.msn.com/
 
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Secondar​y_Page_URL = http://global.acer.com [binary data]
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,SearchDefaultBra​nded = 1
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://www.google.fr/webhp?sou [...] r&ie=UTF-8
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Main,StartPageCache = 1
 IE - HKCU\SOFTWARE\Microsoft\Intern​et Explorer\Search,Default_Search​_URL = http://www.google.com/ie
 IE - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.search.defau​ltenginename: "Google"
 FF - prefs.js..browser.search.defau​lturl: "http://search.yahoo.com/searc​h?ei=UTF-8&fr=ytff-&p="
 FF - prefs.js..browser.search.param​.yahoo-fr: "moz2-ytff-"
 FF - prefs.js..browser.search.param​.yahoo-fr-cjkt: "moz2-ytff-"
 FF - prefs.js..browser.startup.home​page: "http://search.babylon.com/?ba​bsrc=HP_ss&mntrId=d8e5a4ce0000​0000000000218568979e&tlver=1.4​.19.19&affID=17161"
 FF - prefs.js..extensions.enabledIt​ems: {b9db16a4-6edc-47ec-a1f4-b8629​2ed211d}:4.8.4
 FF - prefs.js..extensions.enabledIt​ems:
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0020-ABCDE​FFEDCBA}:6.0.20
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0021-ABCDE​FFEDCBA}:6.0.21
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0022-ABCDE​FFEDCBA}:6.0.22
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0023-ABCDE​FFEDCBA}:6.0.23
 FF - prefs.js..extensions.enabledIt​ems: {4D9AE42B-F4C0-40e6-AEDB-4EC6E​42B77AF}:1.2.1.0
 
 
 FF - HKLM\Software\MozillaPlugins\@​adobe.com/FlashPlayer: C:\Windows\system32\Macromed\F​lash\NPSWF32.dll ()
 FF - HKLM\Software\MozillaPlugins\@​Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@​google.com/npPicasa2,version=2​.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
 FF - HKLM\Software\MozillaPlugins\@​google.com/npPicasa3,version=3​.0.0: C:\Program Files\Google\Picasa3\npPicasa3​.dll (Google, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​ma-config.com/HardwareDetectio​n: C:\Program Files\ma-config.com\nphardware​detection.dll (Cybelsoft)
 FF - HKLM\Software\MozillaPlugins\@​Microsoft.com/NpCtrl,version=1​.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl​.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WLPG,version=15.​4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WLPG,version=15.​4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Frame​work\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDete​ct13.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\A​dobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Users\Michel\AppData\Local\​Google\Update\1.3.21.65\npGoog​leUpdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Users\Michel\AppData\Local\​Google\Update\1.3.21.65\npGoog​leUpdate3.dll (Google Inc.)
 
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rbox@spointer.com: C:\Program Files\OfferBox\extensions-3.1.​3878.129\offerbox@spointer.com
 
 [2009/07/06 16:46:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Extensions
 [2011/08/26 10:28:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions
 [2010/04/28 19:30:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{20a8​2645-c095-46ed-80e3-0882576053​4b}
 [2010/08/05 19:58:35 | 000,000,000 | ---D | M] ("Plugin Orange Installeur" ) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{4D9A​E42B-F4C0-40e6-AEDB-4EC6E42B77​AF}
 [2011/03/16 09:59:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\{b9db​16a4-6edc-47ec-a1f4-b86292ed21​1d}
 [2011/04/01 12:04:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roamin​g\mozilla\Firefox\Profiles\7eu​rjrmk.default\extensions\stage​d
 [2011/04/01 15:40:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
 [2010/06/09 15:08:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0020-ABCDEFFEDCBA}
 [2010/08/16 11:58:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0021-ABCDEFFEDCBA}
 [2010/12/04 17:58:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0022-ABCDEFFEDCBA}
 [2011/01/21 17:24:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0​016-0000-0023-ABCDEFFEDCBA}
 File not found (No name found) --
 File not found (No name found) -- C:\USERS\MICHEL\APPDATA\ROAMIN​G\MOZILLA\FIREFOX\PROFILES\7EU​RJRMK.DEFAULT\EXTENSIONS\{E9D9​D92D-7918-49D4-A93A-AFC809E21E​B7}
 File not found (No name found) -- C:\USERS\MICHEL\APPDATA\ROAMIN​G\MOZILLA\FIREFOX\PROFILES\7EU​RJRMK.DEFAULT\EXTENSIONS\ENGIN​E@CONDUIT.COM
 File not found (No name found) -- C:\USERS\MICHEL\APPDATA\ROAMIN​G\MOZILLA\FIREFOX\PROFILES\7EU​RJRMK.DEFAULT\EXTENSIONS\FFXTL​BR@BABYLON.COM
 [2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.​dll
 [2011/03/29 17:00:02 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.​xml
 
 O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1       localhost
 O1 - Hosts: ::1             localhost
 O2 - BHO: (Fast Search by Surf Canyon) - {5AB7104A-B71F-49AD-9154-F7F88​06AE848} - C:\Program Files\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
 O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\A​ctiveToolBand.dll (Egis)
 O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.7.6406.1642\swg.dll (Google Inc.)
 O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\e​DStoolbar.dll (Egis Incorporated.)
 O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
 O4 - HKLM..\Run: [EPSON Stylus DX4200 Series] C:\Windows\System32\spool\DRIV​ERS\W32X86\3\E_FATIAEE.EXE (SEIKO EPSON CORPORATION)
 O4 - HKLM..\Run: [eRecoveryService]  File not found
 O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
 O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidserv​ice.exe (NVIDIA Corporation)
 O4 - HKLM..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro80\opwa​re32.exe (Caere Corporation)
 O4 - HKLM..\Run: [pctuto]  File not found
 O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.e​xe (Ulead Systems, Inc.)
 O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.sc​r (Google Inc.)
 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_6CE5017F567343​CA.dll (Google Inc.)
 O13 - gopher Prefix: missing
 O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
 O15 - HKCU\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)
 O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_26)
 O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_26)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_26)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O18 - Protocol\Handler\skyline {3a4f9195-65a8-11d5-85c1-00010​23952c1} - C:\Program Files\Skyline\TerraExplorer\Te​rraExplorerX.dll (Skyline software systems Inc.)
 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.​exe) - C:\Windows\System32\userinit.e​xe (Microsoft Corporation)
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2011/08/26 11:03:12 | 000,000,000 | ---D | C] -- C:\_OTL
 [2011/08/26 10:56:30 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Michel\Desktop\OTL (4).exe
 [2011/08/26 10:22:13 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Roamin​g\Malwarebytes
 [2011/08/26 10:22:08 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mb​amswissarmy.sys
 [2011/08/26 10:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Malwarebytes' Anti-Malware
 [2011/08/26 10:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
 [2011/08/26 10:22:05 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mb​am.sys
 [2011/08/26 10:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
 [2011/08/24 11:23:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
 [2011/08/19 19:55:27 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Roamin​g\www.shadowexplorer.com
 [2011/08/16 19:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Fotosizer
 [2011/08/16 19:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\Fotosizer
 [2011/08/15 18:54:16 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{EEDB429D-F87F-48CE-92A5-03A9E​D0A4505}
 [2011/08/15 18:54:06 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{66EAA76B-09D3-4E4B-B8A7-AA71F​180B44C}
 [2011/08/14 15:12:40 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{D93AD032-6C68-49C0-A18B-6E332​E89C991}
 [2011/08/14 15:12:30 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{E90CCDB4-048A-420A-AC4E-DBB38​3EED31A}
 [2011/08/12 15:41:19 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
 [2011/08/12 15:41:17 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.d​ll
 [2011/08/12 15:41:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
 [2011/08/12 15:41:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dl​l
 [2011/08/12 15:41:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
 [2011/08/12 12:15:34 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
 [2011/08/12 12:15:20 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.e​xe
 [2011/08/12 12:15:20 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.e​xe
 [2011/08/09 19:00:12 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{D6F5137C-EE52-490A-B298-5D167​35DB826}
 [2011/08/09 19:00:02 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{4454EE35-F4E4-4027-A45F-A546F​D639575}
 [2011/08/09 18:59:41 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{372B4B94-4921-4F57-8A45-68D99​3FFC2D0}
 [2011/08/08 15:44:56 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{C85E8843-6315-48BB-BC1E-7424F​41498BE}
 [2011/08/07 10:51:35 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{A5318D35-F192-44CE-BFE5-EF197​50D29AF}
 [2011/08/07 10:49:36 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{EE10E8BB-A636-4D62-8717-63F9D​972C384}
 [2011/08/05 16:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Google Earth
 [2011/08/04 18:19:46 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{D522882D-5A5C-42CC-B2EB-90DB3​7312A33}
 [2011/08/04 18:11:18 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{80A3A616-CF79-4C00-AB7D-DA85F​5BB605F}
 [2011/08/04 18:10:57 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{9649D32C-2087-42BA-98F7-B0C09​7F495CE}
 [2011/08/01 18:56:43 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{4203D287-3C02-4207-BDFD-4462B​17BE8EB}
 [2011/08/01 18:56:15 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\​{7CB33AFD-B12A-4FDD-81D9-B5194​9759A47}
 [2009/07/03 01:38:58 | 000,049,152 | ---- | C] ( ) -- C:\Windows\INTEROP.IWSHRUNTIME​LIBRARY.DLL
 [2009/07/02 17:14:00 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent​.exe
 
 ========== Files - Modified Within 30 Days ==========
 
 [2011/08/26 16:10:01 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-187918334-1475​485724-498475476-1000UA.job
 [2011/08/26 16:08:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2011/08/26 16:06:13 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.d​at
 [2011/08/26 16:06:13 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.d​at
 [2011/08/26 16:06:13 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.d​at
 [2011/08/26 16:06:13 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.d​at
 [2011/08/26 16:03:04 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
 [2011/08/26 16:00:42 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2011/08/26 16:00:42 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
 [2011/08/26 16:00:40 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2011/08/26 16:00:38 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-2P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2011/08/26 16:00:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2011/08/26 16:00:31 | 3220,348,928 | -HS- | M] () -- C:\hiberfil.sys
 [2011/08/26 11:09:22 | 000,366,832 | ---- | M] () -- C:\Windows\System32\FNTCACHE.D​AT
 [2011/08/26 10:56:25 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Michel\Desktop\OTL (4).exe
 [2011/08/26 10:22:08 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwar​ebytes' Anti-Malware.lnk
 [2011/08/25 18:10:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-187918334-1475​485724-498475476-1000Core.job
 [2011/08/22 19:19:18 | 000,003,404 | ---- | M] () -- C:\Users\Michel\Documents\cc_2​0110822_191915.reg
 [2011/08/17 09:58:11 | 000,002,593 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\lemechanttgvpaca - Recherche Google.lnk
 [2011/08/16 19:14:01 | 000,000,844 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Fotosizer.lnk
 [2011/08/16 19:14:01 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Fotosi​zer.lnk
 [2011/08/15 18:57:14 | 000,177,664 | ---- | M] () -- C:\Users\Michel\AppData\Local\​DCBC2A71-70D8-4DAN-EHR8-E0D61D​EA3FDF.ini
 [2011/08/13 16:42:21 | 000,002,077 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk
 [2011/08/13 10:33:04 | 000,001,879 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Geoportail.lnk
 [2011/08/13 10:32:31 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlaye​rCPLApp.cpl
 [2011/08/10 19:23:43 | 000,002,527 | ---- | M] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\carte risques incendie var - Recherche Google.lnk
 [2011/08/05 17:17:21 | 000,019,112 | ---- | M] () -- C:\Users\Michel\Documents\cc_2​0110805_171716.reg
 [2011/08/05 16:10:23 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Google​ Earth.lnk
 [2011/08/05 15:48:27 | 000,588,751 | ---- | M] () -- C:\Users\Michel\Documents\Cart​e Grise YETI001.jpg
 [2011/08/04 18:07:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Ms​ft_User_WpdMtpDr_01_07_00.Wdf
 [2011/08/02 19:35:15 | 001,821,096 | ---- | M] () -- C:\Users\Michel\Documents\dess​us de lit.JPG
 [2011/08/02 19:35:15 | 001,804,444 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6736.JPG
 [2011/08/02 19:35:15 | 001,782,997 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6742.JPG
 [2011/08/02 19:35:15 | 001,781,391 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6759.JPG
 [2011/08/02 19:35:15 | 001,777,524 | ---- | M] () -- C:\Users\Michel\Documents\SDC1​6755.JPG
 [2011/08/02 19:35:15 | 001,765,224 | ---- | M] () -- C:\Users\Michel\Documents\dess​us de lit 1.JPG
 
 ========== Files Created - No Company Name ==========
 
 [2011/08/26 10:22:08 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwar​ebytes' Anti-Malware.lnk
 [2011/08/22 19:19:17 | 000,003,404 | ---- | C] () -- C:\Users\Michel\Documents\cc_2​0110822_191915.reg
 [2011/08/16 19:14:01 | 000,000,844 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Fotosizer.lnk
 [2011/08/16 19:14:01 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Fotosi​zer.lnk
 [2011/08/13 16:42:21 | 000,002,077 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Earth.lnk
 [2011/08/13 10:33:04 | 000,001,879 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\Geoportail.lnk
 [2011/08/10 19:23:43 | 000,002,527 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\carte risques incendie var - Recherche Google.lnk
 [2011/08/10 19:22:12 | 000,002,593 | ---- | C] () -- C:\Users\Michel\Application Data\Microsoft\Internet Explorer\Quick Launch\lemechanttgvpaca - Recherche Google.lnk
 [2011/08/05 17:17:18 | 000,019,112 | ---- | C] () -- C:\Users\Michel\Documents\cc_2​0110805_171716.reg
 [2011/08/05 16:10:23 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Google​ Earth.lnk
 [2011/08/05 15:48:27 | 000,588,751 | ---- | C] () -- C:\Users\Michel\Documents\Cart​e Grise YETI001.jpg
 [2011/08/04 18:07:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Ms​ft_User_WpdMtpDr_01_07_00.Wdf
 [2011/08/02 19:35:15 | 001,821,096 | ---- | C] () -- C:\Users\Michel\Documents\dess​us de lit.JPG
 [2011/08/02 19:35:15 | 001,804,444 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6736.JPG
 [2011/08/02 19:35:15 | 001,782,997 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6742.JPG
 [2011/08/02 19:35:15 | 001,781,391 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6759.JPG
 [2011/08/02 19:35:15 | 001,777,524 | ---- | C] () -- C:\Users\Michel\Documents\SDC1​6755.JPG
 [2011/08/02 19:35:14 | 001,765,224 | ---- | C] () -- C:\Users\Michel\Documents\dess​us de lit 1.JPG
 [2011/07/19 18:19:52 | 000,041,472 | ---- | C] () -- C:\Windows\unscan30.exe
 [2011/07/19 18:18:37 | 000,000,572 | ---- | C] () -- C:\Windows\maxlink.ini
 [2011/07/19 18:18:35 | 000,000,000 | ---- | C] () -- C:\Windows\OP70.INI
 [2010/11/03 19:54:20 | 000,000,680 | ---- | C] () -- C:\Users\Michel\AppData\Local\​d3d9caps.dat
 [2010/06/03 10:35:38 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.​dt
 [2010/06/03 10:33:36 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\St​arOpen.sys
 [2010/03/23 11:54:53 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
 [2010/03/23 11:54:53 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
 [2010/03/23 11:54:49 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.d​ll
 [2010/03/23 11:54:49 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dl​l
 [2010/03/23 11:54:48 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
 [2010/03/18 20:19:06 | 000,026,340 | ---- | C] () -- C:\Users\Michel\AppData\Roamin​g\UserTile.png
 [2009/08/19 09:52:30 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuth​n.dll
 [2009/08/19 09:52:30 | 000,107,612 | ---- | C] () -- C:\Windows\System32\Structured​QuerySchema.bin
 [2009/07/22 15:41:00 | 000,000,408 | ---- | C] () -- C:\Users\Michel\AppData\Roamin​g\wklnhst.dat
 [2009/07/06 17:24:43 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrint​erDB.dat
 [2009/07/06 17:24:43 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn131.dat
 [2009/07/06 17:24:43 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn121.dat
 [2009/07/06 17:24:43 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn1.dat
 [2009/07/06 17:24:43 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn3.dat
 [2009/07/06 17:24:43 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn5.dat
 [2009/07/06 17:24:43 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn2.dat
 [2009/07/06 17:24:43 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn4.dat
 [2009/07/06 17:24:43 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPatte​rn6.dat
 [2009/07/06 17:24:43 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_DU.dat
 [2009/07/06 17:24:43 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_PT.dat
 [2009/07/06 17:24:43 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_BP.dat
 [2009/07/06 17:24:43 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_ES.dat
 [2009/07/06 17:24:43 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_FR.dat
 [2009/07/06 17:24:43 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_CF.dat
 [2009/07/06 17:24:43 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_IT.dat
 [2009/07/06 17:24:43 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_GE.dat
 [2009/07/06 17:24:43 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPrese​tData_EN.dat
 [2009/07/06 17:24:43 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
 [2009/07/06 17:23:46 | 000,065,793 | ---- | C] () -- C:\Windows\System32\esfw7a.bin
 [2009/07/06 17:23:36 | 000,000,025 | ---- | C] () -- C:\Windows\CDE V200DEFGIPSRUk.ini
 [2009/07/06 17:16:20 | 000,000,022 | ---- | C] () -- C:\Windows\exchng.ini
 [2009/07/06 17:16:19 | 000,000,957 | ---- | C] () -- C:\Windows\ODBCINST.INI
 [2009/07/06 17:16:19 | 000,000,611 | ---- | C] () -- C:\Windows\ODBC.INI
 [2009/07/06 17:11:24 | 000,177,664 | ---- | C] () -- C:\Users\Michel\AppData\Local\​DCBC2A71-70D8-4DAN-EHR8-E0D61D​EA3FDF.ini
 [2009/07/06 16:17:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\Structured​QuerySchemaTrivial.bin
 [2009/07/02 17:17:26 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
 [2009/07/02 17:17:26 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
 [2009/07/02 17:15:00 | 000,077,824 | ---- | C] () -- C:\Windows\System32\drivers\IN​T15_DETECT.EXE
 [2009/07/02 17:14:00 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyA​gentUser.exe
 [2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudar​t_20.dll
 [2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTr​aditionalChinese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSw​edish.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSp​anish.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSi​mplifiedChinese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPo​rtugese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKo​rean.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJa​panese.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGe​rman.dll
 [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFr​ench.dll
 [2008/03/21 22:27:47 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dl​l
 [2008/03/21 20:49:26 | 000,001,108 | ---- | C] () -- C:\Windows\generic.ini
 [2008/03/21 20:49:26 | 000,000,138 | ---- | C] () -- C:\Windows\Alaunch.ini
 [2008/03/21 13:56:21 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\in​t15_64.sys
 [2008/03/21 13:02:25 | 000,003,636 | ---- | C] () -- C:\Windows\System32\drivers\nv​phy.bin
 [2008/01/21 10:40:50 | 000,678,804 | ---- | C] () -- C:\Windows\System32\perfh00C.d​at
 [2008/01/21 10:40:50 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.d​at
 [2008/01/21 10:40:50 | 000,126,420 | ---- | C] () -- C:\Windows\System32\perfc00C.d​at
 [2008/01/21 10:40:50 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.d​at
 [2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
 [2006/11/02 14:47:37 | 000,366,832 | ---- | C] () -- C:\Windows\System32\FNTCACHE.D​AT
 [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE​.dll
 [2006/11/02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.d​at
 [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.d​at
 [2006/11/02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.d​at
 [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.d​at
 [2006/11/02 12:25:24 | 000,000,256 | ---- | C] () -- C:\Windows\System32\brmsi05f.b​in
 [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
 [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
 [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
 [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.i​ni
 [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 [2002/03/17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000062.DLL
 [2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_​vcd.dll
 [2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
 [2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.​dll
 [2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_​MMX.dll
 [1998/10/10 03:00:00 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.d​ll
 [1997/08/29 00:00:00 | 000,048,640 | ---- | C] () -- C:\Windows\System32\WRKGADM.EX​E
 [1997/08/29 00:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\System32\XLREC.DLL
 [1997/08/29 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\RECNCL.DLL
 [1997/08/29 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\ODBCSTF.DL​L
 [1997/08/29 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
 [1997/08/29 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\VAFR232.DL​L
 [1997/08/29 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.D​LL
 
 ========== Alternate Data Streams ==========
 
 @Alternate Data Stream - 901 bytes -> C:\Users\Michel\Documents\tr_ baignade dans le var, faire suivre svp!.eml:OECustomProperty
 @Alternate Data Stream - 841 bytes -> C:\Users\Michel\Documents\Réun​ion du 25 février 2010TVRPJL.eml:OECustomPropert​y
 @Alternate Data Stream - 804 bytes -> C:\Users\Michel\Documents\comm​ande de 3 articles 13211cotton color.eml:OECustomProperty
 @Alternate Data Stream - 76436 bytes -> C:\Users\Michel\Documents\Anni​versaire Cedric 18ans.avi:TOC.WMV
 @Alternate Data Stream - 729 bytes -> C:\Users\Michel\Documents\reçu reclamation freyssinet.eml:OECustomPropert​y
 @Alternate Data Stream - 724 bytes -> C:\Users\Michel\Documents\rele​vé de réunion2PJLTVR.eml:OECustomPro​perty
 @Alternate Data Stream - 724 bytes -> C:\Users\Michel\Documents\du 30 Mars 2010PJLTVR.eml:OECustomPropert​y
 @Alternate Data Stream - 712 bytes -> C:\Users\Michel\Documents\recl​amation freyssinet.eml:OECustomPropert​y
 @Alternate Data Stream - 649 bytes -> C:\Users\Michel\Documents\phot​os de DORA.eml:OECustomProperty
 @Alternate Data Stream - 613 bytes -> C:\Users\Michel\Documents\fili​grane.eml:OECustomProperty
 @Alternate Data Stream - 177 bytes -> C:\Users\Michel\AppData\Local\​Temp:SL_{42726572-7361-6369-35​2e-30312e303032}
 @Alternate Data Stream - 1221 bytes -> C:\Users\Michel\AppData\Local\​MAw9YTWn:fSCOj8P7gv3VibFgbPjS4​Omrics
 @Alternate Data Stream - 1138 bytes -> C:\Users\Michel\AppData\Local\​GsJHfukin5xycI:H9FWTDUvlxJUGmX​2LSMYf

 < End of report >

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 26/08/2011 à 17:22:27  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:
 juste ceci pour les petits restes.

 * Fait un double-clic sur l'icône d'OTL pour le lancer
 /!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 * Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

 * Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

 * Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
 



 
 :OTL
 FF - prefs.js..browser.startup.home​page: http://search.babylon.com/?bab [...] ffID=17161
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rbox@spointer.com: C:\Program Files\OfferBox\extensions-3.1.​3878.129\offerbox@spointer.com  
 File not found (No name found) --    
 File not found (No name found) -- C:\USERS\MICHEL\APPDATA\ROAMIN​G\MOZILLA\FIREFOX\PROFILES\7EU​RJRMK.DEFAULT\EXTENSIONS\{E9D9​D92D-7918-49D4-A93A-AFC809E21E​B7}    
 File not found (No name found) -- C:\USERS\MICHEL\APPDATA\ROAMIN​G\MOZILLA\FIREFOX\PROFILES\7EU​RJRMK.DEFAULT\EXTENSIONS\ENGIN​E@CONDUIT.COM  
 File not found (No name found) -- C:\USERS\MICHEL\APPDATA\ROAMIN​G\MOZILLA\FIREFOX\PROFILES\7EU​RJRMK.DEFAULT\EXTENSIONS\FFXTL​BR@BABYLON.COM
 O4 - HKLM\..\Run: [eRecoveryService] File not found
 O4 - HKLM\..\Run: [pctuto] File not found
 :Commands
 [emptytemp]
 [emptyflash]
 [reboot]
 



 * Cliques sur l'icône Correction (en haut à gauche) .
 * Laisse le scan aller à son terme sans te servir du PC
 * A la fin du scan un rapport s'ouvrir "OTL.log"
 * Copie et colle le ou les rapports dans ta réponse stp...
 * Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
 Mets le rapport ici car il prend bien de la place.
 http://mydoc.tk
 ou la
 http://www.cijoint.fr/index.php

wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 27/08/2011 à 09:44:10  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
All processes killed
 ========== OTL ==========
 Prefs.js: http://search.babylon.com/?bab [...] 02185(...) removed from browser.startup.homepage
 File HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\offe​rbox@spointer.com: C:\Program Files\OfferBox\extensions-3.1.​3878.129\offerbox@spointer.com not found.
 Registry key HKEY_LOCAL_MACHINE\\Software\M​icrosoft\Windows\CurrentVersio​n\Run not found.
 Registry key HKEY_LOCAL_MACHINE\\Software\M​icrosoft\Windows\CurrentVersio​n\Run not found.
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 
 User: Michel
 ->Temp folder emptied: 894097 bytes
 ->Temporary Internet Files folder emptied: 61157 bytes
 ->Java cache emptied: 0 bytes
 ->FireFox cache emptied: 0 bytes
 ->Google Chrome cache emptied: 20538231 bytes
 ->Flash cache emptied: 343 bytes
 
 User: Public
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 3483 bytes
 %systemroot%\system32\config\s​ystemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
 RecycleBin emptied: 1160192 bytes
 
 Total Files Cleaned = 22.00 mb
 
 
 [EMPTYFLASH]
 
 User: All Users
 
 User: Default
 
 User: Default User
 
 User: Michel
 ->Flash cache emptied: 0 bytes
 
 User: Public
 
 Total Flash Files Cleaned = 0.00 mb
 
 
 OTL by OldTimer - Version 3.2.26.5 log created on 08272011_103242

 Files\Folders moved on Reboot...
 File move failed. C:\Windows\temp\_avast_\Webshl​ock.txt scheduled to be moved on reboot.
 File move failed. C:\Windows\temp\CLDigitalHome\​CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
 File move failed. C:\Windows\temp\CLDigitalHome\​PCMMediaServer.log scheduled to be moved on reboot.

 Registry entries deleted on Reboot...

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 27/08/2011 à 10:10:33  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:
 Ok comment va ton pc maintenant?

wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 29/08/2011 à 14:27:23  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bernard 53 , bonjour (encore que ce soit l'après midi !!).
 Je viens d'ouvrir (qquefois il reste fermé 4 ou 5 jours le pôvre !!).
 Là j'attends les Indésirables , je vais sur mon site le grand mechant tgv et je reviens.

Une grosse poignée de minutes (avec en prime une coupure de courant ) et toujours rien . Bernard 53 a chassé les Indésirables .

Bernard 53 un grand et gros merci .

Merci à vous nos Anges Gardiens du clavier qui nous sortez de la mouise .
 A+ et cette fois j'espère que ce sera pour aider autrui.
 Encore merci .

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 29/08/2011 à 19:42:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:
 :super:


 Fait ceci pour supprimer les logiciels qui ont servis à cette désinfection.

 Télécharge << DelFix >> de Xplode  pour supprimer les logiciels qui ont servis a cette désinfection.


 * Lance-le.

 * A l'invite, [Suppression] ()

 * Un rapport va s'ouvrir à la fin, colle le dans la réponse

 Ensuite pour le désinstaller ; tu relances et tu passes à l'option [Désinstallation]


 Puis::


 Bon maintenant on va mettre la restauration du système propre.
 Pour cela:

 1- Valides les touches Windows et Pause en même temps.

 Puis   Protection du système

 Sur cette fenêtre décoches la  case  concernant le DD ou est installé ton système normalement C:

 Valide et acceptes les demandes suivantes.

 ***Pour Windows 7** il faut valider l'onglet Configurer puis valider la désactivation de la restauration.

 **Toujours sur cette même fenêtre : Il te faut donc maintenant recrée un nouveau point de restauration.

 Coche cette même case et valides cela par l&#8217;onglet APPLIQUER  puis onglet « CREER »

 Nommes ce  point  PC- Clean: Valides.

 Vous pouvez maintenant fermer toutes les fenêtres.


 Et Clique sur [URL= http://nsa25.casimages.com/img​/2011/03/20/110320073738806724​.jpg en bas de ton message  puis à la suite de ton titre marque : RESOLU

 Bonne soirée  :jap:

wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 13/09/2011 à 07:51:30  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bernard 53 , bonjour , je reviens aujourd'hui et vois qu'il me fut supprimer les logiciels ayant servi à la désinfection : est ce pour faire de la place ou faut-il vraiment les supprimer ?
 Car il va me falloir encore "trafiquer" ( je n'ai pas W7 mais Vista).
 
 Encore merci

La Mayenne-son calme -sa verdu
Profil : Equipe sécurité
  1. homepage
bernard53
Membre impliqué (de 20 000 à 29 999 messages postés) Helpeur confirmé Fan Club de Clic-Clic
  1. Posté le 13/09/2011 à 15:24:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hello:
 La suppression de ces logiciels n'est pas pour faire de la place.
 Ils prennent très peu.
 Juste que ceux-ci sont régulièrement mis à jour donc un nouveau téléchargement te sera demandé si un soucis venait se greffer.

 :salut:

wallou83
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 15/09/2011 à 16:54:39  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 Bernard 53 reçu .
 Encore merci Wallou 83

 Page :
1

Aller à :
 

Sujets relatifs
excel : classer les feuilles/résolu quizz pour flashMX: perte des données
comment avoir solution de quizz-jeu excel? developpement d'un bot quizz
Comment créer un quizz ?  
Plus de sujets relatifs à : Quizz inopportuns RESOLU

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Mauvais arrêt de Windows (soi-disant) 8
retouche d'image 4
plantage explorer après clic droit [resolu] 8
mon ordi zoome tous les icones sans que je le demande 1
ouverture non désirée d'une page web 5