Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

Virus ukash sous seven [résolu]

 

LOGICIELS : dalmapit, 2 utilisateurs anonymes et 64 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
 Mot :  Pseudo :  
Vider la liste des messages à citer
 
 Page :
1  2  3
Dernière Page
Page Suivante
Page Précédente
Première Page
Auteur
 Sujet :

Virus ukash sous seven [résolu]

Prévenir les modérateurs en cas d'abus 
votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 20:04:39  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour, voici mon probleme j'ai ce fameux virus ukash mais le probleme supplémentaire est que le mode sans echec avec prise en charge réseau ne fonctionne pas non plus enfin le bureau s'affiche 5sec et le virus revient. J'ai testé quelques commandes en "Invite de commandes en mode sans échec" mais aucune n'a marché. J'ai voulu testé Kaspersky rescue disk mais je n'arrive pas a le lancer avec une clef usb ou par cd . Merci de vos futurs réponses.

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 01/01/2013 à 21:01:06  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour, et bonne année :)

Je te propose de créer un CD bootable qui permettra de faire démarrer le PC dans un environnement spécial et d'effectuer une analyse du PC. Ensuite il sera possible, à partir de cet environnement spécial, de nettoyer et réparer le PC.

Je te conseille d'imprimer la procédure puisque tu vas démarrer à partir d'un CD spécial.

Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.

Si un élément te paraît obscur, demande des explications avant de commencer la procédure
.



 Étape 1: OTLPE (de OldTimer), préparation

 Sur un autre PC, "bien portant", télécharger OTLPE.exe depuis ce lien: http://oldtimer.geekstogo.com/OTLPEStd.exe

Le fichier est assez lourd donc le téléchargement peut prendre un peu de temps.

Insérer un CD vierge dans le graveur.

Double-cliquer sur le fichier téléchargé. Cela va procéder de façon automatique au brûlement du fichier téléchargé sur le CD.

Toujours sur le PC "bien portant", ouvrir une fenêtre du Bloc-notes, via Démarrer---->Exécuter, taper notepad puis cliquer sur OK .

Sélectionner toutes les lignes de la zone noir située sous "Code:" ci-dessous, puis appuyer simultanément sur les touches Ctrl et C

 netsvcs
 msconfig
 safebootminimal
 safebootnetwork
 activex
 drivers32
 SAVEMBR:0
 %ALLUSERSPROFILE\%Application Data\*.
 %ALLUSERSPROFILE%\Application Data\*.exe /s
 %APPDATA%\*.
 %APPDATA%\*.exe /s
 %temp%\.exe /s
 %SYSTEMDRIVE%\*.exe
 %systemroot%\*. /mp /s
 %systemroot%\system32\*.dll /lockedfiles
 %systemroot%\Tasks\*.job /lockedfiles
 %systemroot%\system32\drivers\​*.sys /lockedfiles
 %systemroot%\System32\config\*​.sav
 /md5start
 explorer.exe
 winlogon.exe
 wininit.exe
 eventlog.dll
 scecli.dll
 netlogon.dll
 cngaudit.dll
 sceclt.dll
 ntelogon.dll
 logevent.dll
 iaStor.sys
 nvstor.sys
 atapi.sys
 IdeChnDr.sys
 viasraid.sys
 AGP440.sys
 vaxscsi.sys
 nvatabus.sys
 viamraid.sys
 nvata.sys
 nvgts.sys
 iastorv.sys
 ViPrt.sys
 eNetHook.dll
 ahcix86.sys
 KR10N.sys
 nvstor32.sys
 ahcix86s.sys
 nvrd32.sys
 /md5stop
 CREATERESTOREPOINT



 Retourner dans la fenêtre du Bloc-notes, faire un clic droit dans la fenêtre et choisir Coller.
 Vérifier dans le menu Format (en haut) que "Retour automatique à ligne" n'est pas actif (pas coché).
 Enregistrer le fichier sous le nom OTLPE-1.txt.
 Fermer le Bloc-notes.
 Copier ce fichier OTLPE-1.txt sur une clé USB de façon à pouvoir les transférer sur le PC "malade" via REATOGO.


 Étape 2: OTLPE (de OldTimer), analyse
 Modifier le BIOS du PC "malade" afin que le démarrage s'effectue à partir du CD avant le disque dur. Voir: ICI   ici (en français).ou ICI (en anglais)
 Faire redémarrer le PC "malade", qui doit démarrer depuis le CD-Rom et afficher un Bureau REATOGO-X-PE,
 Faire un double clic sur l'icône OTLPE.
 A la demande "Do you wish to load the remote registry", répondre Yes.
 A la demande "Do you wish to load remote user profile(s) for scanning", répondre Yes.
 Vérifier que la case "Automatically Load All Remaining Users" est cochée, puis cliquer sur OK

 OTLPE-main


 Vérifier que les paramètres sont identiques à ceux de l'image ci-dessus.
 Sur le PC "malade", ouvrir le fichier OTLPE-1.txt (qui se trouve sur la clé USB) dans le Bloc-notes (notepad).
 Dans le Bloc-notes, cliquer sur le menu Edition (en haut) et choisir Sélectionner tout.
 Dans le Bloc-notes, cliquer sur le menu Edition (en haut) et choisir Copier.
 Retourner dans la fenêtre de OTLPE, faire un clic droit dans la fenêtre située en bas nommée " Custom Scans/Fixes " et choisir Coller.
 Le contenu du fichier OTLPE-1.txt est ainsi inséré dans le panneau "Custom Scans/Fixes".
 Puis cliquer sur le bouton Run Scan: OTL-runsca​n

Laisser l'outil travailler sans l'interrompre.

Lorsque l'outil a terminé, il y a ouverture d'une fenêtre du Bloc-notes contenant un rapport (log).

Fermer le Bloc-notes.

Fermer la fenêtre de OTLPE.

Le fichier rapport est sauvegardé dans C:\OTL.txt

Le transférer sur la clé USB afin de pouvoir l'envoyer sur le forum. S'il est trop long, il faut alors l'éditer en plusieurs parties sans rien oublier.

 Le rapport envoyé sur le forum doit se terminer par une ligne contenant <End>. Si ce n'est pas le cas, il est incomplet, et doit alors être découpé en plusieurs messages.

 ps: a les question de OTL Tu choisis OK.

 bon... curage  :)


(Publicité)
votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 21:09:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Merci de votre réponse rapide et bonne année à vous aussi  :super: . Je vais tester cela et je reviendrais pour vous poster le rapport.

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 01/01/2013 à 21:14:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok  :super:

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 22:15:19  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Voilà c'est fait mais j'ai eu le droit à un Extras.txt en bonus  :)  donc je te le poste aussi au cas où.

 OTL logfile created on: 1/1/2013 8:54:19 PM - Run
 OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
 Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files
 Drive C: | 100.00 Mb Total Space | 65.86 Mb Free Space | 65.87% Space Free | Partition Type: NTFS
 Drive D: | 3.72 Gb Total Space | 3.72 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
 Drive E: | 931.41 Gb Total Space | 84.55 Gb Free Space | 9.08% Space Free | Partition Type: NTFS
 Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
 Computer Name: REATOGO | User Name: SYSTEM
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 Using ControlSet: ControlSet002
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - [2012/12/31 04:59:57 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [Disabled] -- E:\Windows\System32\Macromed\F​lash\FlashPlayerUpdateService.​exe -- (AdobeFlashPlayerUpdateSvc)
 SRV - [2012/12/29 17:19:11 | 000,233,472 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Users\Noirbenne\wgsdgsdgdsg​sd.exe -- (Winmgmt)
 SRV - [2012/12/23 18:05:21 | 000,541,760 | ---- | M] (Valve Corporation) [Disabled] -- E:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
 SRV - [2012/11/08 13:54:12 | 000,711,112 | ---- | M] () [Disabled] -- E:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\​ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
 SRV - [2012/10/02 07:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Disabled] -- E:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
 SRV - [2012/10/02 06:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Disabled] -- E:\ProgramData\Skype\Toolbars\​Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
 SRV - [2012/08/22 08:45:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Disabled] -- E:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
 SRV - [2012/08/04 12:16:20 | 000,311,448 | ---- | M] (CybelSoft) [Disabled] -- E:\Program Files\ma-config.com\maconfserv​ice.exe -- (maconfservice)
 SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled] -- E:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
 SRV - [2012/07/03 06:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled] -- E:\Program Files\Skype\Updater\Updater.ex​e -- (SkypeUpdate)
 SRV - [2012/04/20 20:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [Disabled] -- E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
 SRV - [2011/11/10 08:17:31 | 000,167,264 | ---- | M] () [Disabled] -- E:\Program Files\AVG\AVG9\Toolbar\Toolbar​Broker.exe -- (AVG Security Toolbar Service)
 SRV - [2010/11/17 02:51:12 | 000,053,544 | ---- | M] () [Disabled] -- E:\Windows\System32\\HerculesW​iFiService.exe -- (HerculesWiFi)
 SRV - [2010/08/29 16:29:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\System32\Wat\WatAdm​inSvc.exe -- (WatAdminSvc)
 SRV - [2010/08/29 10:09:08 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled] -- E:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
 SRV - [2010/08/29 10:09:07 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled] -- E:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
 SRV - [2010/04/16 09:10:58 | 000,036,864 | ---- | M] (Realtek) [Disabled] -- E:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nSU)
 SRV - [2009/08/24 07:38:06 | 000,068,136 | ---- | M] () [Disabled] -- E:\Program Files\Gigabyte\EasySaver\ESSVR​.EXE -- (ES lite Service)
 SRV - [2009/08/06 00:51:20 | 000,065,536 | R--- | M] () [Disabled] -- E:\Windows\System32\XSrvSetup.​exe -- (JMB36X)
 SRV - [2009/08/04 10:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Disabled] -- E:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
 SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\System32\sensrsvc.d​ll -- (SensrSvc)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - File not found [Kernel | On_Demand] --  -- (PCANDIS5)
 DRV - File not found [Kernel | On_Demand] --  -- (NLNdisPT)
 DRV - File not found [Kernel | On_Demand] --  -- (NLNdisMP)
 DRV - File not found [Kernel | On_Demand] --  -- (CrystalSysInfo)
 DRV - [2013/01/01 12:31:37 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- E:\Windows\gdrv.sys -- (gdrv)
 DRV - [2012/11/08 13:54:13 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System] -- E:\Windows\System32\drivers\av​gtpx86.sys -- (avgtp)
 DRV - [2012/10/10 15:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nv​lddmkm.sys -- (nvlddmkm)
 DRV - [2012/02/07 20:13:32 | 000,091,936 | ---- | M] (Tonec Inc.) [Kernel | Auto] -- E:\Windows\System32\drivers\id​mwfp.sys -- (IDMWFP)
 DRV - [2011/10/25 02:57:14 | 000,165,120 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nu​sb3xhc.sys -- (nusb3xhc)
 DRV - [2011/10/05 12:01:25 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System] -- E:\Windows\System32\drivers\dt​softbus01.sys -- (dtsoftbus01)
 DRV - [2011/09/27 12:40:05 | 000,443,448 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- E:\Windows\System32\Drivers\sp​td.sys -- (sptd)
 DRV - [2011/09/13 01:42:00 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- E:\Windows\System32\drivers\av​gmfx86.sys -- (AvgMfx86)
 DRV - [2011/08/11 06:46:46 | 000,602,216 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- E:\Windows\System32\drivers\rt​l8192su.sys -- (RTL8192su)
 DRV - [2011/08/03 03:58:14 | 000,024,504 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ES​Lvnic.sys -- (ESLvnic1)
 DRV - [2011/07/21 13:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand] -- E:\Program Files\ma-config.com\Drivers\dr​iverhardwarev2.sys -- (driverhardwarev2)
 DRV - [2011/05/19 08:55:28 | 000,103,512 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- E:\Windows\System32\drivers\jr​aid.sys -- (JRAID)
 DRV - [2011/05/05 12:00:13 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- E:\Windows\System32\drivers\av​gtdix.sys -- (AvgTdiX)
 DRV - [2010/12/18 06:03:56 | 000,021,696 | ---- | M] (Almico Software) [Kernel | Boot] -- E:\Windows\System32\speedfan.s​ys -- (speedfan)
 DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Ts​UsbFlt.sys -- (TsUsbFlt)
 DRV - [2010/08/29 10:09:07 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- E:\Windows\System32\drivers\av​gldx86.sys -- (AvgLdx86)
 DRV - [2010/08/26 13:50:05 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- E:\Windows\System32\drivers\av​grkx86.sys -- (AvgRkx86)
 DRV - [2009/12/21 15:50:16 | 000,005,760 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand] -- E:\Windows\System32\drivers\vH​idDev.sys -- (vHidDev)
 DRV - [2009/11/18 11:09:52 | 000,376,832 | ---- | M] (NETGEAR Inc.                           ) [Kernel | On_Demand] -- E:\Windows\System32\drivers\wg​111v3.sys -- (RTL8187B)
 DRV - [2009/11/10 09:50:08 | 000,012,416 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand] -- E:\Windows\System32\drivers\co​pperhd.sys -- (UsbFltr)
 DRV - [2009/09/30 06:43:02 | 000,016,640 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Ly​cosa.sys -- (LycoFltr)
 DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\vw​ifimp.sys -- (vwifimp)
 DRV - [2009/02/13 04:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand] -- E:\Windows\System32\drivers\wd​csam.sys -- (WDC_SAM)
 DRV - [2007/05/16 12:43:14 | 000,871,936 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\at​hru6.sys -- (athrusb6)
 DRV - [2006/11/16 07:36:28 | 000,020,480 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- E:\Windows\System32\drivers\DN​ISP50.sys -- (DNISp50)
 DRV - [2006/11/16 07:36:18 | 000,021,504 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- E:\Windows\System32\drivers\DN​IMP50.sys -- (DNIMp50)
 DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot] -- E:\Windows\System32\giveio.sys -- (giveio)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\..\URLSearchHook: {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)
 
 
 IE - HKU\.DEFAULT\Software\Microsof​t\Internet Explorer\Main,Search Page =
 IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D​756017C} - Reg Error: Key error. File not found
 IE - HKU\.DEFAULT\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 
 
 IE - HKU\Noirbenne_ON_E\Software\Mi​crosoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/?ocid=OIE9HP
 IE - HKU\Noirbenne_ON_E\Software\Mi​crosoft\Internet Explorer\Main,SearchDefaultBra​nded = 1
 IE - HKU\Noirbenne_ON_E\Software\Mi​crosoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
 IE - HKU\Noirbenne_ON_E\Software\Mi​crosoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
 IE - HKU\Noirbenne_ON_E\Software\Mi​crosoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
 IE - HKU\Noirbenne_ON_E\Software\Mi​crosoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC AD 6F 01 AE 91 CB 01  [binary data]
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {1392b8d2-5c05-419f-a8f6-b9f15​a596612} - Reg Error: Key error. File not found
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {22e03916-85c5-44b0-8dc9-1830c​11238d9} - Reg Error: Key error. File not found
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {338c5d66-6b92-40a7-a216-9830d​2e54103} - Reg Error: Key error. File not found
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {4daac69c-cba7-45e2-9bc8-10444​83d3352} - Reg Error: Key error. File not found
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {A3BC75A2-1F87-4686-AA43-5347D​756017C} - Reg Error: Key error. File not found
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {ba14329e-9550-4989-b3f2-9732e​92d17cc} - Reg Error: Key error. File not found
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {BC86E1AB-EDA5-4059-938F-CE307​B0C6F0A} - E:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)
 IE - HKU\Noirbenne_ON_E\Software\Mi​crosoft\Windows\CurrentVersion​\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\postgres.VALOU-PC_ON_E\Sof​tware\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/?ocid=OIE9HP
 IE - HKU\postgres.VALOU-PC_ON_E\Sof​tware\Microsoft\Internet Explorer\Main,SearchDefaultBra​nded = 1
 IE - HKU\postgres.VALOU-PC_ON_E\Sof​tware\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
 IE - HKU\postgres.VALOU-PC_ON_E\Sof​tware\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
 IE - HKU\postgres.VALOU-PC_ON_E\Sof​tware\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
 IE - HKU\postgres.VALOU-PC_ON_E\Sof​tware\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC AD 6F 01 AE 91 CB 01  [binary data]
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15​a596612} - Reg Error: Key error. File not found
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c​11238d9} - Reg Error: Key error. File not found
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {338c5d66-6b92-40a7-a216-9830d​2e54103} - Reg Error: Key error. File not found
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {4daac69c-cba7-45e2-9bc8-10444​83d3352} - Reg Error: Key error. File not found
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D​756017C} - Reg Error: Key error. File not found
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {ba14329e-9550-4989-b3f2-9732e​92d17cc} - Reg Error: Key error. File not found
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307​B0C6F0A} - E:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)
 IE - HKU\postgres.VALOU-PC_ON_E\Sof​tware\Microsoft\Windows\Curren​tVersion\Internet Settings: "ProxyEnable" = 0
 
 IE - HKU\postgres_ON_E\Software\Mic​rosoft\Internet Explorer\Main,Start Page = http://fr.msn.com/?st=1
 IE - HKU\postgres_ON_E\Software\Mic​rosoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
 IE - HKU\postgres_ON_E\Software\Mic​rosoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
 IE - HKU\postgres_ON_E\Software\Mic​rosoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC AD 6F 01 AE 91 CB 01  [binary data]
 IE - HKU\postgres_ON_E\..\URLSearch​Hook: {22e03916-85c5-44b0-8dc9-1830c​11238d9} - Reg Error: Key error. File not found
 IE - HKU\postgres_ON_E\..\URLSearch​Hook: {4daac69c-cba7-45e2-9bc8-10444​83d3352} - Reg Error: Key error. File not found
 IE - HKU\postgres_ON_E\..\URLSearch​Hook: {A3BC75A2-1F87-4686-AA43-5347D​756017C} - Reg Error: Key error. File not found
 IE - HKU\postgres_ON_E\..\URLSearch​Hook: {ba14329e-9550-4989-b3f2-9732e​92d17cc} - Reg Error: Key error. File not found
 IE - HKU\postgres_ON_E\..\URLSearch​Hook: {BC86E1AB-EDA5-4059-938F-CE307​B0C6F0A} - E:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
 IE - HKU\postgres_ON_E\..\URLSearch​Hook: {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - Reg Error: Key error. File not found
 IE - HKU\postgres_ON_E\Software\Mic​rosoft\Windows\CurrentVersion\​Internet Settings: "ProxyEnable" = 0
 
 
 IE - HKU\UpdatusUser_ON_E\Software\​Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/?ocid=OIE9HP
 IE - HKU\UpdatusUser_ON_E\Software\​Microsoft\Internet Explorer\Main,SearchDefaultBra​nded = 1
 IE - HKU\UpdatusUser_ON_E\Software\​Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/?st=1
 IE - HKU\UpdatusUser_ON_E\Software\​Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
 IE - HKU\UpdatusUser_ON_E\Software\​Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
 IE - HKU\UpdatusUser_ON_E\Software\​Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC AD 6F 01 AE 91 CB 01  [binary data]
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {1392b8d2-5c05-419f-a8f6-b9f15​a596612} - Reg Error: Key error. File not found
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {22e03916-85c5-44b0-8dc9-1830c​11238d9} - Reg Error: Key error. File not found
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {338c5d66-6b92-40a7-a216-9830d​2e54103} - Reg Error: Key error. File not found
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {4daac69c-cba7-45e2-9bc8-10444​83d3352} - Reg Error: Key error. File not found
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {A3BC75A2-1F87-4686-AA43-5347D​756017C} - Reg Error: Key error. File not found
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {ba14329e-9550-4989-b3f2-9732e​92d17cc} - Reg Error: Key error. File not found
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {BC86E1AB-EDA5-4059-938F-CE307​B0C6F0A} - E:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - Reg Error: Key error. File not found
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)
 IE - HKU\UpdatusUser_ON_E\Software\​Microsoft\Windows\CurrentVersi​on\Internet Settings: "ProxyEnable" = 0
 
 ========== FireFox ==========
 
 FF - prefs.js..browser.startup.home​page: "http://easy-google-search.blo​gspot.com"
 FF - prefs.js..extensions.enabledIt​ems: ffxtlbr@babylon.com:1.1.9
 FF - prefs.js..extensions.enabledIt​ems: {CAFEEFAC-0016-0000-0023-ABCDE​FFEDCBA}:6.0.23
 FF - prefs.js..extensions.enabledIt​ems: {1392b8d2-5c05-419f-a8f6-b9f15​a596612}:3.8.1.0
 FF - prefs.js..extensions.enabledIt​ems: {33e0daa6-3af3-d8b5-6752-10e94​9c61516}:1.1
 FF - prefs.js..extensions.enabledIt​ems: avg@igeared:7.007.026.001
 FF - prefs.js..extensions.enabledIt​ems: avg@toolbar:9.0.0.18.1
 FF - prefs.js..extensions.enabledIt​ems: mozilla_cc@internetdownloadman​ager.com:7.1.2
 FF - prefs.js..browser.startup.home​page: "http://search.iminent.com/?ap​pId=1BF24DE1-3849-4059-8F29-10​18ED819B61"
 FF - prefs.js..browser.search.selec​tedEngine: "SearchTheWeb"
 FF - prefs.js..browser.startup.home​page: ""
 FF - prefs.js..browser.search.selec​tedEngine: ""
 FF - prefs.js..browser.search.defau​ltenginename: ""
 
 FF - HKLM\Software\MozillaPlugins\@​adobe.com/FlashPlayer: E:\Windows\System32\Macromed\F​lash\NPSWF32_11_5_502_135.dll ()
 FF - HKLM\Software\MozillaPlugins\@​avg.com/AVG SiteSafety plugin,version=11.0.0.1,applic​ation/x-avg-sitesafety-plugin: E:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.​2.0\\npsitesafety.dll ()
 FF - HKLM\Software\MozillaPlugins\@​esn.me/esnsonar,version=0.70.0​:  File not found
 FF - HKLM\Software\MozillaPlugins\@​Google.com/GoogleEarthPlugin: E:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
 FF - HKLM\Software\MozillaPlugins\@​java.com/JavaPlugin: E:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​ma-config.com/HardwareDetectio​n: E:\Program Files\ma-config.com\nphardware​detection.dll (Cybelsoft)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/GENUINE:  File not found
 FF - HKLM\Software\MozillaPlugins\@​Microsoft.com/NpCtrl,version=1​.0: E:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl​.dll ( Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​nvidia.com/3DVision: E:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
 FF - HKLM\Software\MozillaPlugins\@​nvidia.com/3DVisionStreaming: E:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 FF - HKLM\Software\MozillaPlugins\@​pandonetworks.com/PandoWebPlug​in:  File not found
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: E:\Program Files\Google\Update\1.3.21.123​\npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: E:\Program Files\Google\Update\1.3.21.123​\npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\MozillaPlugins\A​dobe Reader: E:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 FF - HKCU\Software\MozillaPlugins\@​onlive.com/OnLiveGameClientDet​ector,version=1.0.0:  File not found
 FF - HKCU\Software\MozillaPlugins\u​bisoft.com/uplaypc: E:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\avg@​toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012/11/08 13:54:42 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Firefox\Extensions\\webb​ooster@iminent.com: C:\Program Files\Iminent\webbooster@imine​nt.com
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/08 09:43:11 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/16 01:25:07 | 000,000,000 | ---D | M]
 FF - HKEY_CURRENT_USER\software\moz​illa\Firefox\Extensions\\mozil​la_cc@internetdownloadmanager.​com: C:\Users\Noirbenne\AppData\Roa​ming\IDM\idmmzcc5 [2012/04/09 15:26:23 | 000,000,000 | ---D | M]
 FF - HKEY_CURRENT_USER\software\moz​illa\SeaMonkey\Extensions\\moz​illa_cc@internetdownloadmanage​r.com: C:\Users\Noirbenne\AppData\Roa​ming\IDM\idmmzcc5 [2012/04/09 15:26:23 | 000,000,000 | ---D | M]
 
 [2010/11/07 12:30:26 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Extensions
 [2012/12/13 14:03:45 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​abvkpc1e.default\extensions
 [2012/10/27 20:01:41 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​abvkpc1e.default\extensions\{1​392b8d2-5c05-419f-a8f6-b9f15a5​96612}
 [2011/12/14 14:12:14 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions
 [2010/12/24 20:59:10 | 000,000,000 | ---D | M] (Softonic_France Community Toolbar) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions\{4​daac69c-cba7-45e2-9bc8-1044483​d3352}
 [2010/11/07 12:32:59 | 000,000,000 | ---D | M] (DownloadHelper) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions\{b​9db16a4-6edc-47ec-a1f4-b86292e​d211d}
 [2011/10/18 22:41:45 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions\{b​a14329e-9550-4989-b3f2-9732e92​d17cc}
 [2010/12/24 20:59:10 | 000,000,000 | ---D | M] (Conduit Engine) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions\en​gine@conduit.com
 [2010/11/07 13:02:52 | 000,000,000 | ---D | M] (Keep Tube Downloader) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions\we​bmaster@keep-tube.com
 [2012/06/25 12:55:00 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files\Mozilla Firefox\extensions
 [2012/10/31 00:25:58 | 000,000,000 | ---D | M] (Skype Click to Call) -- E:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6​DE9-405D-BD5E-43525BDAD38A}
 [2011/11/05 14:56:35 | 000,000,000 | ---D | M] (Babylon) -- E:\Program Files\Mozilla Firefox\extensions\ffxtlbr@bab​ylon.com
 [2012/04/20 20:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- E:\Program Files\mozilla firefox\components\browsercomp​s.dll
 [2011/11/09 23:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files\mozilla firefox\plugins\npdeployJava1.​dll
 [2012/04/20 20:45:57 | 000,001,516 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\amazon-f​rance.xml
 [2012/11/08 13:54:19 | 000,003,572 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\avg-secu​re-search.xml
 [2011/11/05 14:56:25 | 000,002,288 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\babylon.​xml
 [2012/04/20 20:45:57 | 000,002,252 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\bing.xml
 [2012/04/20 20:45:57 | 000,001,822 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\cnrtl-tl​fi-fr.xml
 [2012/04/20 20:45:57 | 000,001,154 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\eBay-fra​nce.xml
 [2012/04/20 20:45:57 | 000,001,426 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\wikipedi​a-fr.xml
 [2012/04/20 20:45:57 | 000,000,956 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\yahoo-fr​ance.xml
 
 O1 HOSTS File: ([2012/04/08 10:02:41 | 000,000,843 | ---- | M]) - E:\Windows\System32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1 localhost
 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - No CLSID value found.
 O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E​497C8C0} - E:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - No CLSID value found.
 O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
 O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684​A933233} - E:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
 O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F78​51A4497} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 O2 - BHO: (Setuprog Toolbar) - {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)
 O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684​A933233} - E:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
 O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (Setuprog Toolbar) - {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)
 O3 - HKU\.DEFAULT\..\Toolbar\WebBro​wser: (Setuprog Toolbar) - {F4EF4468-9BBB-45A1-A2CE-F0C43​0A9A7E5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15​A596612} - No CLSID value found.
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {22E03916-85C5-44B0-8DC9-1830C​11238D9} - No CLSID value found.
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - No CLSID value found.
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {338C5D66-6B92-40A7-A216-9830D​2E54103} - No CLSID value found.
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-10444​83D3352} - No CLSID value found.
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E​92D17CC} - No CLSID value found.
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E​9456D39} - No CLSID value found.
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (Setuprog Toolbar) - {F4EF4468-9BBB-45A1-A2CE-F0C43​0A9A7E5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15​A596612} - No CLSID value found.
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {22E03916-85C5-44B0-8DC9-1830C​11238D9} - No CLSID value found.
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - No CLSID value found.
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {338C5D66-6B92-40A7-A216-9830D​2E54103} - No CLSID value found.
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-10444​83D3352} - No CLSID value found.
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E​92D17CC} - No CLSID value found.
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E​9456D39} - No CLSID value found.
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (Setuprog Toolbar) - {F4EF4468-9BBB-45A1-A2CE-F0C43​0A9A7E5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)
 O3 - HKU\postgres_ON_E\..\Toolbar\W​ebBrowser: (no name) - {22E03916-85C5-44B0-8DC9-1830C​11238D9} - No CLSID value found.
 O3 - HKU\postgres_ON_E\..\Toolbar\W​ebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - No CLSID value found.
 O3 - HKU\postgres_ON_E\..\Toolbar\W​ebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-10444​83D3352} - No CLSID value found.
 O3 - HKU\postgres_ON_E\..\Toolbar\W​ebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E​92D17CC} - No CLSID value found.
 O3 - HKU\postgres_ON_E\..\Toolbar\W​ebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15​A596612} - No CLSID value found.
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {22E03916-85C5-44B0-8DC9-1830C​11238D9} - No CLSID value found.
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - No CLSID value found.
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {338C5D66-6B92-40A7-A216-9830D​2E54103} - No CLSID value found.
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-10444​83D3352} - No CLSID value found.
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E​92D17CC} - No CLSID value found.
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516​DD69829} - No CLSID value found.
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E​9456D39} - No CLSID value found.
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (Setuprog Toolbar) - {F4EF4468-9BBB-45A1-A2CE-F0C43​0A9A7E5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)
 O4 - HKLM..\Run: [AVG9_TRAY] E:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
 O4 - HKLM..\Run: [BCU] E:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
 O4 - HKLM..\Run: [Copperhead] E:\Program Files\Razer\Copperhead\razerhi​d.exe ()
 O4 - HKLM..\Run: [Eraser] E:\Program Files\Eraser\Eraser.exe (The Eraser Project)
 O4 - HKLM..\Run: [Freecorder FLV Service]  File not found
 O4 - HKLM..\Run: [HF_G_Jul] E:\Program Files\AVG Secure Search\HF_G_Jul.exe ()
 O4 - HKLM..\Run: [JMB36X IDE Setup] E:\Windows\RaidTool\xInsIDE.ex​e ()
 O4 - HKLM..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
 O4 - HKLM..\Run: [NUSB3MON] E:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.ex​e (Renesas Electronics Corporation)
 O4 - HKLM..\Run: [ROC_roc_dec12] E:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
 O4 - HKLM..\Run: [ROC_ROC_JULY_P1] E:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
 O4 - HKLM..\Run: [vProt] E:\Program Files\AVG Secure Search\vprot.exe ()
 O4 - HKU\Noirbenne_ON_E..\Run: [BgMonitor_{79662E04-7C6C-4d9f-​84C7-88D8A56B10AA}] E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.ex​e (Nero AG)
 O4 - HKU\Noirbenne_ON_E..\Run: [EA Core]  File not found
 O4 - HKU\Noirbenne_ON_E..\Run: [IDMan] E:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
 O4 - HKU\Noirbenne_ON_E..\Run: [ISUSPM]  File not found
 O4 - HKU\Noirbenne_ON_E..\Run: [MediaGet2]  File not found
 O4 - HKU\Noirbenne_ON_E..\Run: [NetLimiter]  File not found
 O4 - HKU\Noirbenne_ON_E..\Run: [RocketDock] E:\Program Files\RocketDock\RocketDock.ex​e ()
 O4 - HKU\Noirbenne_ON_E..\Run: [Windows Live]  File not found
 O4 - HKU\postgres.VALOU-PC_ON_E..\R​un: [BgMonitor_{79662E04-7C6C-4d9f-​84C7-88D8A56B10AA}] E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.ex​e (Nero AG)
 O4 - HKU\postgres.VALOU-PC_ON_E..\R​un: [EA Core]  File not found
 O4 - HKU\postgres.VALOU-PC_ON_E..\R​un: [IDMan] E:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
 O4 - HKU\postgres.VALOU-PC_ON_E..\R​un: [ISUSPM]  File not found
 O4 - HKU\postgres.VALOU-PC_ON_E..\R​un: [MediaGet2]  File not found
 O4 - HKU\postgres.VALOU-PC_ON_E..\R​un: [NetLimiter]  File not found
 O4 - HKU\postgres.VALOU-PC_ON_E..\R​un: [RocketDock] E:\Program Files\RocketDock\RocketDock.ex​e ()
 O4 - HKU\postgres.VALOU-PC_ON_E..\R​un: [Windows Live]  File not found
 O4 - HKU\postgres_ON_E..\Run: [DAEMON Tools Lite] E:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
 O4 - HKU\postgres_ON_E..\Run: [NetLimiter]  File not found
 O4 - HKU\postgres_ON_E..\Run: [RocketDock] E:\Program Files\RocketDock\RocketDock.ex​e ()
 O4 - HKU\UpdatusUser_ON_E..\Run: [BgMonitor_{79662E04-7C6C-4d9f-​84C7-88D8A56B10AA}] E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.ex​e (Nero AG)
 O4 - HKU\UpdatusUser_ON_E..\Run: [EA Core]  File not found
 O4 - HKU\UpdatusUser_ON_E..\Run: [IDMan] E:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
 O4 - HKU\UpdatusUser_ON_E..\Run: [ISUSPM]  File not found
 O4 - HKU\UpdatusUser_ON_E..\Run: [MediaGet2]  File not found
 O4 - HKU\UpdatusUser_ON_E..\Run: [NetLimiter]  File not found
 O4 - HKU\UpdatusUser_ON_E..\Run: [RocketDock] E:\Program Files\RocketDock\RocketDock.ex​e ()
 O4 - HKU\UpdatusUser_ON_E..\Run: [Windows Live]  File not found
 O4 - HKU\LocalService_ON_E..\RunOnc​e: [mctadmin] E:\Windows\System32\mctadmin.e​xe (Microsoft Corporation)
 O4 - HKU\NetworkService_ON_E..\RunO​nce: [mctadmin] E:\Windows\System32\mctadmin.e​xe (Microsoft Corporation)
 O4 - HKU\postgres.VALOU-PC_ON_E..\R​unOnce: [mctadmin] E:\Windows\System32\mctadmin.e​xe (Microsoft Corporation)
 O4 - HKU\postgres_ON_E..\RunOnce: [avg_spchecker] E:\Program Files\AVG\AVG9\Notification\SP​Checker1.exe ()
 O4 - HKU\postgres_ON_E..\RunOnce: [FlashPlayerUpdate]  File not found
 O4 - HKU\postgres_ON_E..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.e​xe (Microsoft Corporation)
 O4 - HKU\UpdatusUser_ON_E..\RunOnce​: [FlashPlayerUpdate]  File not found
 O4 - HKU\UpdatusUser_ON_E..\RunOnce​: [mctadmin] E:\Windows\System32\mctadmin.e​xe (Microsoft Corporation)
 O4 - Startup: E:\Users\Noirbenne\AppData\Roa​ming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.l​nk ()
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer\run: crss = C:\Users\NOIRBE~1\AppData\Loca​l\Temp\crss2.exe
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ConsentPromptBehaviorAdmin = 5
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ConsentPromptBehaviorUser = 3
 O7 - HKU\Noirbenne_ON_E\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\policies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\postgres.VALOU-PC_ON_E\SOF​TWARE\Microsoft\Windows\Curren​tVersion\policies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\UpdatusUser_ON_E\SOFTWARE\​Microsoft\Windows\CurrentVersi​on\policies\Explorer: NoDriveTypeAutoRun = 145
 O8 - Extra context menu item: Télécharger avec IDM - E:\Program Files\Internet Download Manager\IEExt.htm ()
 O8 - Extra context menu item: Télécharger tous les liens avec IDM - E:\Program Files\Internet Download Manager\IEGetAll.htm ()
 O8 - Extra context menu item: &#20351;&#29992;&#24555;&#3671​0;3&#19979;&#36733; - E:\Users\Noirbenne\AppData\Roa​ming\FlashGetBHO\GetUrl.htm ()
 O8 - Extra context menu item: &#20351;&#29992;&#24555;&#3671​0;3&#19979;&#36733;&#20840;&#3​7096;&#38142;&#25509; - E:\Users\Noirbenne\AppData\Roa​ming\FlashGetBHO\GetAllUrl.htm ()
 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46​303B9E5} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 O9 - Extra Button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD0​0071806} -  File not found
 O13 - gopher Prefix: missing
 O16 - DPF: {166B1BCA-3F9C-11CF-8075-44455​3540000} http://download.macromedia.com [...] tor/sw.cab (Reg Error: Key error.)
 O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E​0DC46EF} http://fichiers2.touslesdriver [...] _0_1_0.cab ("Ma-Config.com control)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_30)
 O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_30)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_30)
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} http://fpdownload2.macromedia. [...] wflash.cab (Shockwave Flash Object)
 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF​37916A7} http://platformdl.adobe.com/NO [...] 1.6/gp.cab (Reg Error: Key error.)
 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE​494F8D1} - E:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - E:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 O18 - Protocol\Handler\skype-ie-addo​n-data {91774881-D725-4E58-B298-07617​B9B86A8} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
 O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C2​27862A9} - E:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.​2.0\ViProtocol.dll ()
 O20 - AppInit_DLLs: (avgrsstx.dll) - E:\Windows\System32\avgrsstx.d​ll (AVG Technologies CZ, s.r.o.)
 O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.e​xe) - E:\Windows\System32\SystemProp​ertiesPerformance.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
 O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA0​05127ED} - CLSID or File not found.
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
 O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
 O33 - MountPoints2\{ee0c3fe2-b9dc-11​df-b927-6cf0495903e3}\Shell - "" = AutoRun
 O33 - MountPoints2\{ee0c3fe2-b9dc-11​df-b927-6cf0495903e3}\Shell\Au​toRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 NetSvcs: FastUserSwitchingCompatibility -  File not found
 NetSvcs: Ias -  File not found
 NetSvcs: Nla -  File not found
 NetSvcs: Ntmssvc -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: Sharedaccess -  File not found
 NetSvcs: SRService -  File not found
 NetSvcs: WmdmPmSp -  File not found
 NetSvcs: LogonHours -  File not found
 NetSvcs: PCAudit -  File not found
 NetSvcs: helpsvc -  File not found
 NetSvcs: uploadmgr -  File not found
 NetSvcs: winmgmt - E:\Users\Noirbenne\wgsdgsdgdsg​sd.exe (Microsoft Corporation)
 
 MsConfig - State: "startup" - 0
 MsConfig - State: "services" - 2
 
 SafeBootMin: AppMgmt - Service
 SafeBootMin: Base - Driver Group
 SafeBootMin: Boot Bus Extender - Driver Group
 SafeBootMin: Boot file system - Driver Group
 SafeBootMin: File system - Driver Group
 SafeBootMin: Filter - Driver Group
 SafeBootMin: HelpSvc - Service
 SafeBootMin: NTDS -  File not found
 SafeBootMin: PCI Configuration - Driver Group
 SafeBootMin: PNP Filter - Driver Group
 SafeBootMin: Primary disk - Driver Group
 SafeBootMin: sacsvr - Service
 SafeBootMin: SCSI Class - Driver Group
 SafeBootMin: System Bus Extender - Driver Group
 SafeBootMin: vmms - Service
 SafeBootMin: WinDefend - Service
 SafeBootMin: WinMgmt - E:\Users\Noirbenne\wgsdgsdgdsg​sd.exe (Microsoft Corporation)
 SafeBootMin: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootMin: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootMin: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootMin: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootMin: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootMin: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootMin: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 SafeBootNet: AppMgmt - Service
 SafeBootNet: Base - Driver Group
 SafeBootNet: BFE - Service
 SafeBootNet: Boot Bus Extender - Driver Group
 SafeBootNet: Boot file system - Driver Group
 SafeBootNet: File system - Driver Group
 SafeBootNet: Filter - Driver Group
 SafeBootNet: HelpSvc - Service
 SafeBootNet: Messenger - Service
 SafeBootNet: MPSSvc - Service
 SafeBootNet: NDIS Wrapper - Driver Group
 SafeBootNet: NetBIOSGroup - Driver Group
 SafeBootNet: NetDDEGroup - Driver Group
 SafeBootNet: Network - Driver Group
 SafeBootNet: NetworkProvider - Driver Group
 SafeBootNet: NTDS -  File not found
 SafeBootNet: PCI Configuration - Driver Group
 SafeBootNet: PNP Filter - Driver Group
 SafeBootNet: PNP_TDI - Driver Group
 SafeBootNet: Primary disk - Driver Group
 SafeBootNet: rdsessmgr - Service
 SafeBootNet: sacsvr - Service
 SafeBootNet: SCSI Class - Driver Group
 SafeBootNet: SharedAccess -  File not found
 SafeBootNet: Streams Drivers - Driver Group
 SafeBootNet: System Bus Extender - Driver Group
 SafeBootNet: TDI - Driver Group
 SafeBootNet: vmms - Service
 SafeBootNet: WinDefend - Service
 SafeBootNet: WinMgmt - E:\Users\Noirbenne\wgsdgsdgdsg​sd.exe (Microsoft Corporation)
 SafeBootNet: WudfUsbccidDriver - Driver
 SafeBootNet: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootNet: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootNet: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootNet: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootNet: {4D36E972-E325-11CE-BFC1-08002​BE10318} - Net
 SafeBootNet: {4D36E973-E325-11CE-BFC1-08002​BE10318} - NetClient
 SafeBootNet: {4D36E974-E325-11CE-BFC1-08002​BE10318} - NetService
 SafeBootNet: {4D36E975-E325-11CE-BFC1-08002​BE10318} - NetTrans
 SafeBootNet: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootNet: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F​805F530} - Smart card readers
 SafeBootNet: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401​C608500} - Java (Sun)
 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA0​0B4E220} - NetShow
 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c​74c7e95} - Windows Media Player 5.2
 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508​C9228ED} - %SystemRoot%\system32\regsvr32​.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.​dll
 ActiveX: {3af36230-a269-11d1-b5bf-0000f​8051515} - Offline Browsing Pack
 ActiveX: {3C3901C5-3455-3E0A-A214-0B093​A5070A6} - .NET Framework
 ActiveX: {44BBA840-CC51-11CF-AAFA-00AA0​0B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
 ActiveX: {44BBA848-CC51-11CF-AAFA-00AA0​0B6015C} - DirectShow
 ActiveX: {44BBA855-CC51-11CF-AAFA-00AA0​0B6015F} - DirectDrawEx
 ActiveX: {45ea75a0-a269-11d1-b5bf-0000f​8051515} - Internet Explorer Help
 ActiveX: {4f645220-306d-11d2-995d-00c04​f98bbc9} - Microsoft Windows Script 5.6
 ActiveX: {5fd399c0-a70a-11d1-9948-00c04​f98bbc9} - Internet Explorer Setup Tools
 ActiveX: {630b1da0-b465-11d1-9948-00c04​f98bbc9} - Browsing Enhancements
 ActiveX: {6BF52A52-394A-11d3-B153-00C04​F79FAA6} - Microsoft Windows Media Player
 ActiveX: {6fab99d0-bab8-11d1-994a-00c04​f98bbc9} - MSN Site Access
 ActiveX: {7790769C-0471-11d2-AF11-00C04​FA35D02} - Address Book 7
 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E​41B1089} - .NET Framework
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4340} - regsvr32.exe /s /n /i:U shell32.dll
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4383} - C:\Windows\System32\ie4uinit.e​xe -BaseSettings
 ActiveX: {89B4C1CD-B018-4511-B0A1-5476D​BF70820} - C:\Windows\system32\Rundll32.e​xe C:\Windows\system32\mscories.d​ll,Install
 ActiveX: {9381D8F2-0288-11D0-9501-00AA0​0B911A5} - Dynamic HTML Data Binding
 ActiveX: {A8692F8A-9AD2-EAEC-E7C1-EB268​FA08AAD} - C:\Users\NOIRBE~1\AppData\Loca​l\Temp\crss2.exe
 ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789​CFEFCDD} - .NET Framework
 ActiveX: {C9E9A340-D1F1-11D0-821E-44455​3540600} - Internet Explorer Core Fonts
 ActiveX: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} - Macromedia Shockwave Flash
 ActiveX: {de5aed00-a4bf-11d1-9948-00c04​f98bbc9} - HTML Help
 ActiveX: {E92B03AB-B707-11d2-9CBD-0000F​87A369E} - Active Directory Service Interface
 ActiveX: >{22d6f312-b0f6-11d0-94ab-0080​c74c7e95} - %SystemRoot%\system32\unregmp2​.exe /ShowWMP
 ActiveX: >{26923b43-4d38-484f-9b9e-de46​0746276c} - C:\Windows\System32\ie4uinit.e​xe -UserIconConfig
 ActiveX: >{60B49E34-C7CC-11D0-8953-00A0​C90347FF} -
 ActiveX: >{97b59324-a6df-42c6-b5aa-c2eb​21376cae} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
 Drivers32: msacm.l3acm - E:\Windows\System32\l3codeca.a​cm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: msacm.lhacm - E:\Windows\System32\lhacm.acm (Microsoft Corporation)
 Drivers32: msacm.vorbis - E:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
 Drivers32: vidc.cvid - E:\Windows\System32\iccvid.dll (Radius Inc.)
 Drivers32: VIDC.FPS1 - E:\Windows\System32\frapsvid.d​ll (Beepa P/L)
 Drivers32: VIDC.IV41 - E:\Windows\System32\ir41_32.ax (Intel Corporation)
 Drivers32: vidc.VP60 - E:\Windows\System32\vp6vfw.dll (On2.com)
 Drivers32: vidc.VP61 - E:\Windows\System32\vp6vfw.dll (On2.com)
 Drivers32: VIDC.XFR1 - E:\Windows\System32\xfcodec.dl​l ()
 PhysicalDisk0 MBR saved to E:\Physical0MBR.bin
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2013/01/01 12:48:37 | 000,000,000 | ---D | C] -- E:\Windows\pss
 [2012/12/30 21:25:58 | 000,000,000 | ---D | C] -- E:\Program Files\Sid Meier's Civilization V
 [2012/12/30 07:25:41 | 000,000,000 | ---D | C] -- E:\Users\Noirbenne\AppData\Roa​ming\Microsoft\Windows\Start Menu\Programs\Firaxis Games
 [2012/12/30 07:25:41 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Firaxis Games
 [2012/12/30 07:25:40 | 000,000,000 | ---D | C] -- E:\Users\Noirbenne\AppData\Roa​ming\Firaxis Games
 [2012/12/21 22:44:49 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\System32\atmfd.dll
 [2012/12/21 22:44:49 | 000,034,304 | ---- | C] (Adobe Systems) -- E:\Windows\System32\atmlib.dll
 [2012/12/18 15:04:04 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Mumble
 [2012/12/12 08:08:51 | 002,382,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\mshtml.tlb
 [2012/12/12 08:08:51 | 000,420,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\vbscript.d​ll
 [2012/12/12 08:08:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieui.dll
 [2012/12/12 08:08:51 | 000,065,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jsproxy.dl​l
 [2012/12/12 08:08:50 | 001,800,704 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript9.d​ll
 [2012/12/12 08:08:50 | 000,717,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript.dl​l
 [2012/12/12 08:08:50 | 000,607,744 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\msfeeds.dl​l
 [2012/12/12 08:08:50 | 000,231,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\url.dll
 [2012/12/12 08:08:50 | 000,142,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieUnatt.ex​e
 [2012/12/12 08:08:49 | 001,427,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\inetcpl.cp​l
 [2012/12/12 07:39:49 | 000,376,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\dpnet.dll
 [2012/12/12 07:39:34 | 000,271,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\conhost.ex​e
 [2012/12/12 07:39:33 | 000,169,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\winsrv.dll
 [2012/12/12 07:39:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-sysinfo-l1-1-0.dll
 [2012/12/12 07:39:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-file-l1-1-0.dll
 [2012/12/12 07:39:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-processthreads-l1-1-0.dl​l
 [2012/12/12 07:39:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-synch-l1-1-0.dll
 [2012/12/12 07:39:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-processenvironment-l1-1-​0.dll
 [2012/12/12 07:39:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-namedpipe-l1-1-0.dll
 [2012/12/12 07:39:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-string-l1-1-0.dll
 [2012/12/12 07:39:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-rtlsupport-l1-1-0.dll
 [2012/12/12 07:39:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-profile-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-misc-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-localregistry-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-memory-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-libraryloader-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-interlocked-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-io-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-handle-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-fibers-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-errorhandling-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-delayload-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-debug-l1-1-0.dll
 [2012/12/12 07:39:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-datetime-l1-1-0.dll
 [2012/12/12 07:39:28 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-security-base-l1-1-0.dll
 [2012/12/12 07:39:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-threadpool-l1-1-0.dll
 [2012/12/12 07:39:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-localization-l1-1-0.dll
 [2012/12/12 07:39:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-xstate-l1-1-0.dll
 [2012/12/12 07:39:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-heap-l1-1-0.dll
 [2012/12/12 07:39:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-util-l1-1-0.dll
 [2012/12/12 07:39:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win​-core-console-l1-1-0.dll
 [2012/12/12 07:39:15 | 002,345,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\win32k.sys
 [2012/12/12 07:38:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\tzres.dll
 [2012/12/04 13:35:36 | 000,000,000 | ---D | C] -- E:\Users\Noirbenne\AppData\Loc​al\My Games
 [2012/12/04 09:52:45 | 000,000,000 | ---D | C] -- E:\Users\Noirbenne\AppData\Roa​ming\Microsoft\Windows\Start Menu\Programs\Ubisoft
 [2012/04/08 09:19:13 | 000,773,632 | ---- | C] (Robert Simpson, et al.) -- E:\Users\Noirbenne\AppData\Roa​ming\System.Data.SQLite.dll
 
 ========== Files - Modified Within 30 Days ==========
 
 [2013/01/01 20:55:36 | 000,000,512 | ---- | M] () -- E:\Physical0MBR.bin
 [2013/01/01 12:54:39 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
 [2013/01/01 12:52:32 | 095,023,320 | ---- | M] () -- E:\ProgramData\dsgsdgdsgdsgw.p​ad
 [2013/01/01 12:50:01 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Startup
 [2013/01/01 12:49:25 | 000,002,965 | ---- | M] () -- E:\ProgramData\dsgsdgdsgdsgw.j​s
 [2013/01/01 12:48:38 | 000,001,055 | ---- | M] () -- E:\Users\Noirbenne\AppData\Roa​ming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.l​nk
 [2013/01/01 12:41:16 | 2616,057,856 | -HS- | M] () -- E:\hiberfil.sys
 [2013/01/01 12:39:05 | 000,015,024 | -H-- | M] () -- E:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-5P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2013/01/01 12:39:05 | 000,015,024 | -H-- | M] () -- E:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-5P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2013/01/01 12:31:46 | 000,001,058 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2013/01/01 12:31:37 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- E:\Windows\gdrv.sys
 [2013/01/01 10:51:00 | 000,001,062 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2013/01/01 10:10:00 | 000,001,002 | ---- | M] () -- E:\Windows\tasks\Adobe Flash Player Updater.job
 [2013/01/01 10:06:21 | 104,924,786 | ---- | M] () -- E:\Windows\System32\drivers\Av​g\incavi.avm
 [2012/12/31 04:59:53 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\FlashPlaye​rApp.exe
 [2012/12/31 04:59:53 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\FlashPlaye​rCPLApp.cpl
 [2012/12/31 04:27:48 | 000,001,607 | ---- | M] () -- E:\Users\Noirbenne\Desktop\Civ​ilization V.lnk
 [2012/12/30 07:47:11 | 000,654,842 | ---- | M] () -- E:\Windows\System32\perfh009.d​at
 [2012/12/30 07:47:11 | 000,403,802 | ---- | M] () -- E:\Windows\System32\perfh00C.d​at
 [2012/12/30 07:47:11 | 000,121,714 | ---- | M] () -- E:\Windows\System32\perfc009.d​at
 [2012/12/30 07:47:11 | 000,062,764 | ---- | M] () -- E:\Windows\System32\perfc00C.d​at
 [2012/12/30 07:34:25 | 000,001,286 | ---- | M] () -- E:\Users\UpdatusUser\Desktop\L​ancer Sid Meier's Civilization 4.lnk
 [2012/12/30 07:34:25 | 000,001,286 | ---- | M] () -- E:\Users\postgres.VALOU-PC\Des​ktop\Lancer Sid Meier's Civilization 4.lnk
 [2012/12/30 07:25:41 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Firaxis Games
 [2012/12/28 20:14:54 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Games
 [2012/12/22 07:51:06 | 000,418,344 | ---- | M] () -- E:\Windows\System32\FNTCACHE.D​AT
 [2012/12/18 15:04:04 | 000,000,972 | ---- | M] () -- E:\Users\Public\Desktop\Mumble​.lnk
 [2012/12/18 15:04:04 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Mumble
 [2012/12/16 09:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\atmfd.dll
 [2012/12/16 09:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- E:\Windows\System32\atmlib.dll
 [2012/12/14 09:49:35 | 000,138,032 | ---- | M] () -- E:\Windows\System32\drivers\Pn​kBstrK.sys
 [2012/12/14 09:49:29 | 000,281,688 | ---- | M] () -- E:\Windows\System32\PnkBstrB.x​tr
 [2012/12/13 14:03:40 | 000,000,918 | ---- | M] () -- E:\Windows\System32\InstallUti​l.InstallLog
 [2012/12/13 10:49:11 | 000,281,688 | ---- | M] () -- E:\Windows\System32\PnkBstrB.e​x0
 [2012/12/05 02:45:27 | 000,000,598 | ---- | M] () -- E:\Users\Noirbenne\Desktop\Far Cry 3.lnk
 [2012/12/04 09:52:45 | 000,001,163 | ---- | M] () -- E:\Users\Noirbenne\Desktop\Upl​ay.lnk
 
 ========== Files Created - No Company Name ==========
 
 [2013/01/01 20:55:36 | 000,000,512 | ---- | C] () -- E:\Physical0MBR.bin
 [2013/01/01 12:50:01 | 000,002,019 | ---- | C] () -- E:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Startup\WiFi Station N.lnk
 [2012/12/31 04:27:48 | 000,001,607 | ---- | C] () -- E:\Users\Noirbenne\Desktop\Civ​ilization V.lnk
 [2012/12/30 07:25:41 | 000,001,286 | ---- | C] () -- E:\Users\UpdatusUser\Desktop\L​ancer Sid Meier's Civilization 4.lnk
 [2012/12/30 07:25:41 | 000,001,286 | ---- | C] () -- E:\Users\postgres.VALOU-PC\Des​ktop\Lancer Sid Meier's Civilization 4.lnk
 [2012/12/29 17:19:14 | 000,002,965 | ---- | C] () -- E:\ProgramData\dsgsdgdsgdsgw.j​s
 [2012/12/29 17:19:14 | 000,001,055 | ---- | C] () -- E:\Users\Noirbenne\AppData\Roa​ming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.l​nk
 [2012/12/29 17:19:13 | 095,023,320 | ---- | C] () -- E:\ProgramData\dsgsdgdsgdsgw.p​ad
 [2012/12/13 13:28:00 | 000,000,918 | ---- | C] () -- E:\Windows\System32\InstallUti​l.InstallLog
 [2012/12/05 02:45:27 | 000,000,598 | ---- | C] () -- E:\Users\Noirbenne\Desktop\Far Cry 3.lnk
 [2012/12/04 09:52:45 | 000,001,163 | ---- | C] () -- E:\Users\Noirbenne\Desktop\Upl​ay.lnk
 [2012/08/16 15:21:36 | 000,056,832 | ---- | C] () -- E:\Windows\System32\iyvu9_32.d​ll
 [2012/08/13 16:53:15 | 000,451,072 | ---- | C] () -- E:\Windows\System32\ISSRemoveS​P.exe
 [2012/08/13 16:50:02 | 000,293,889 | ---- | C] () -- E:\Windows\System32\drivers\RT​AIODAT.DAT
 [2012/04/17 11:33:55 | 000,007,597 | ---- | C] () -- E:\Users\Noirbenne\AppData\Loc​al\Resmon.ResmonCfg
 [2012/04/11 10:39:48 | 000,000,073 | ---- | C] () -- E:\Windows\wininit.ini
 [2012/04/11 10:36:21 | 000,000,296 | ---- | C] () -- E:\Windows\SIERRA.INI
 [2012/03/29 08:34:14 | 000,138,032 | ---- | C] () -- E:\Windows\System32\drivers\Pn​kBstrK.sys
 [2012/03/29 08:34:10 | 000,281,688 | ---- | C] () -- E:\Windows\System32\PnkBstrB.e​xe
 [2012/03/29 08:33:38 | 000,076,888 | ---- | C] () -- E:\Windows\System32\PnkBstrA.e​xe
 [2012/03/29 08:02:36 | 000,000,041 | ---- | C] () -- E:\Users\Noirbenne\AppData\Roa​ming\Offre.ini
 [2012/03/29 00:54:09 | 000,391,520 | ---- | C] () -- E:\Users\Noirbenne\AppData\Roa​ming\kujytuo.exe
 [2012/03/26 15:23:23 | 000,162,304 | ---- | C] () -- E:\Windows\System32\ztvunrar36​.dll
 [2012/03/26 15:23:23 | 000,077,312 | ---- | C] () -- E:\Windows\System32\ztvunace26​.dll
 [2012/02/27 20:57:19 | 000,000,040 | ---- | C] () -- E:\Windows\NAVIGMA.INI
 [2011/11/14 10:41:51 | 000,001,755 | ---- | C] () -- E:\Users\Noirbenne\AppData\Roa​ming\SAS7_000.DAT
 [2011/10/05 11:57:59 | 000,010,240 | ---- | C] () -- E:\Windows\System32\vidx16.dll
 [2011/08/11 09:09:21 | 000,265,120 | ---- | C] () -- E:\Program Files\Common Files\WireHelpSvc.exe
 [2011/07/26 12:44:11 | 000,142,120 | -H-- | C] () -- E:\Windows\System32\mlfcache.d​at
 [2011/06/14 01:17:17 | 000,252,928 | ---- | C] () -- E:\Windows\System32\DShowRdpFi​lter.dll
 [2011/04/14 13:28:56 | 000,138,056 | ---- | C] () -- E:\Users\Noirbenne\AppData\Roa​ming\PnkBstrK.sys
 [2011/03/14 13:05:40 | 000,000,056 | -H-- | C] () -- E:\Windows\System32\ezsidmv.da​t
 [2011/02/22 15:21:01 | 000,004,997 | ---- | C] () -- E:\ProgramData\bltofzsb.qlf
 [2011/02/06 17:10:35 | 000,021,840 | ---- | C] () -- E:\Windows\System32\SIntfNT.dl​l
 [2011/02/06 17:10:35 | 000,017,212 | ---- | C] () -- E:\Windows\System32\SIntf32.dl​l
 [2011/02/06 17:10:35 | 000,012,067 | ---- | C] () -- E:\Windows\System32\SIntf16.dl​l
 [2011/01/09 11:20:49 | 000,002,560 | ---- | C] () -- E:\Windows\_MSRSTRT.EXE
 [2011/01/09 09:17:08 | 000,000,204 | ---- | C] () -- E:\Windows\System32\secustat.d​at
 [2011/01/08 17:11:22 | 000,000,025 | ---- | C] () -- E:\Windows\libem.INI
 [2010/12/07 13:47:46 | 000,000,571 | ---- | C] () -- E:\Windows\System32\FeMakro.in​i
 [2010/12/07 13:47:46 | 000,000,497 | ---- | C] () -- E:\Windows\System32\FeAnim.ini
 [2010/12/07 11:29:38 | 000,001,208 | ---- | C] () -- E:\Windows\Radio_Fr.ini
 [2010/10/22 09:36:54 | 000,108,176 | ---- | C] () -- E:\Windows\War3Unin.dat
 [2010/08/27 13:22:19 | 000,114,688 | ---- | C] () -- E:\Windows\System32\WLANUTL.dl​l
 [2010/08/26 12:34:29 | 000,065,536 | R--- | C] () -- E:\Windows\System32\XSrvSetup.​exe
 [2010/08/26 12:32:00 | 000,146,432 | ---- | C] () -- E:\Windows\System32\APOMngr.DL​L
 [2010/08/26 12:32:00 | 000,072,704 | ---- | C] () -- E:\Windows\System32\CmdRtr.DLL
 [2010/08/26 12:29:54 | 000,000,010 | ---- | C] () -- E:\Windows\GSetup.ini
 [2010/07/09 14:00:32 | 000,041,872 | ---- | C] () -- E:\Windows\System32\xfcodec.dl​l
 [2009/08/27 02:04:12 | 000,207,400 | R--- | C] () -- E:\Windows\GSetup.exe
 [2009/07/14 03:39:49 | 000,403,802 | ---- | C] () -- E:\Windows\System32\perfh00C.d​at
 [2009/07/14 03:39:49 | 000,344,522 | ---- | C] () -- E:\Windows\System32\perfi00C.d​at
 [2009/07/14 03:39:49 | 000,062,764 | ---- | C] () -- E:\Windows\System32\perfc00C.d​at
 [2009/07/14 03:39:49 | 000,038,160 | ---- | C] () -- E:\Windows\System32\perfd00C.d​at
 [2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
 [2009/07/13 23:33:53 | 000,418,344 | ---- | C] () -- E:\Windows\System32\FNTCACHE.D​AT
 [2009/07/13 21:05:48 | 000,654,842 | ---- | C] () -- E:\Windows\System32\perfh009.d​at
 [2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- E:\Windows\System32\perfi009.d​at
 [2009/07/13 21:05:48 | 000,121,714 | ---- | C] () -- E:\Windows\System32\perfc009.d​at
 [2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- E:\Windows\System32\perfd009.d​at
 [2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- E:\Windows\System32\NOISE.DAT
 [2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- E:\Windows\System32\dssec.dat
 [2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
 [2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- E:\Windows\System32\BthpanCont​extHandler.dll
 [2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\System32\BWContextH​andler.dll
 [2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\System32\mlang.dat
 [1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- E:\Windows\System32\giveio.sys
 
 ========== LOP Check ==========
 
 [2011/05/27 18:16:58 | 000,000,000 | ---D | M] -- E:\ProgramData\Ableton
 [2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
 [2012/11/08 13:54:42 | 000,000,000 | ---D | M] -- E:\ProgramData\AVG Secure Search
 [2011/05/30 07:14:51 | 000,000,000 | ---D | M] -- E:\ProgramData\AVG Security Toolbar
 [2010/08/26 13:49:47 | 000,000,000 | ---D | M] -- E:\ProgramData\avg9
 [2011/11/05 14:56:24 | 000,000,000 | ---D | M] -- E:\ProgramData\Babylon
 [2012/04/20 10:47:09 | 000,000,000 | ---D | M] -- E:\ProgramData\Battle.net
 [2010/08/26 12:27:32 | 000,000,000 | -HSD | M] -- E:\ProgramData\Bureau
 [2011/03/14 12:04:01 | 000,000,000 | -H-D | M] -- E:\ProgramData\Common Files
 [2010/12/21 20:43:07 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Lite
 [2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
 [2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
 [2011/09/29 23:26:39 | 000,000,000 | ---D | M] -- E:\ProgramData\EA Core
 [2011/11/06 07:

(Publicité)
votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 22:23:08  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
========== LOP Check ==========
 
 [2011/05/27 18:16:58 | 000,000,000 | ---D | M] -- E:\ProgramData\Ableton
 [2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
 [2012/11/08 13:54:42 | 000,000,000 | ---D | M] -- E:\ProgramData\AVG Secure Search
 [2011/05/30 07:14:51 | 000,000,000 | ---D | M] -- E:\ProgramData\AVG Security Toolbar
 [2010/08/26 13:49:47 | 000,000,000 | ---D | M] -- E:\ProgramData\avg9
 [2011/11/05 14:56:24 | 000,000,000 | ---D | M] -- E:\ProgramData\Babylon
 [2012/04/20 10:47:09 | 000,000,000 | ---D | M] -- E:\ProgramData\Battle.net
 [2010/08/26 12:27:32 | 000,000,000 | -HSD | M] -- E:\ProgramData\Bureau
 [2011/03/14 12:04:01 | 000,000,000 | -H-D | M] -- E:\ProgramData\Common Files
 [2010/12/21 20:43:07 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Lite
 [2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
 [2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
 [2011/09/29 23:26:39 | 000,000,000 | ---D | M] -- E:\ProgramData\EA Core
 [2011/11/06 07:49:02 | 000,000,000 | ---D | M] -- E:\ProgramData\Electronic Arts
 [2010/08/26 12:27:32 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoris
 [2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
 [2012/06/30 01:10:19 | 000,000,000 | ---D | M] -- E:\ProgramData\Hi-Rez Studios
 [2012/07/01 08:27:35 | 000,000,000 | ---D | M] -- E:\ProgramData\id Software
 [2012/08/13 16:11:24 | 000,000,000 | ---D | M] -- E:\ProgramData\ma-config.com
 [2012/11/28 13:11:33 | 000,000,000 | ---D | M] -- E:\ProgramData\ManiaPlanet
 [2010/08/26 12:27:32 | 000,000,000 | -HSD | M] -- E:\ProgramData\Menu Démarrer
 [2010/08/26 12:27:32 | 000,000,000 | -HSD | M] -- E:\ProgramData\Modèles
 [2011/11/14 10:21:14 | 000,000,000 | ---D | M] -- E:\ProgramData\Nuance
 [2011/11/08 16:03:48 | 000,000,000 | ---D | M] -- E:\ProgramData\PC Drivers HeadQuarters
 [2011/03/06 14:20:47 | 000,000,000 | ---D | M] -- E:\ProgramData\Readon
 [2012/07/19 13:19:39 | 000,000,000 | ---D | M] -- E:\ProgramData\RELOADED
 [2011/01/09 11:20:38 | 000,000,000 | ---D | M] -- E:\ProgramData\SpeedBit
 [2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
 [2011/11/23 14:10:50 | 000,000,000 | ---D | M] -- E:\ProgramData\TEMP
 [2009/07/13 23:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
 [2012/07/06 11:49:07 | 000,000,000 | ---D | M] -- E:\ProgramData\TrackMania
 [2012/08/15 18:21:52 | 000,000,000 | ---D | M] -- E:\ProgramData\TuneUp Software
 [2011/07/11 15:17:24 | 000,000,000 | ---D | M] -- E:\ProgramData\Ubisoft
 [2011/02/06 14:09:45 | 000,000,000 | ---D | M] -- E:\ProgramData\WinZip
 [2012/02/28 03:23:31 | 000,000,000 | ---D | M] -- E:\ProgramData\XHEO INC
 [2012/08/15 18:21:19 | 000,000,000 | -HSD | M] -- E:\ProgramData\{32364CEA-7855-​4A3C-B674-53D8E9B97936}
 [2012/10/30 12:24:10 | 000,032,496 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT
 
 ========== Purity Check ==========
 
 
 
 ========== Custom Scans ==========
 
 
 Invalid Environment Variable: %ALLUSERSPROFILE\%Application Data\*.
 
 Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
 
 Invalid Environment Variable: %APPDATA%\*.
 
 Invalid Environment Variable: %APPDATA%\*.exe
 
 Invalid Environment Variable: %temp%\.exe
 
 < %SYSTEMDRIVE%\*.exe  >
 
 < %systemroot%\*. /mp /s  >
 
 < %systemroot%\system32\*.dll /lockedfiles  >
 [2010/11/20 07:19:02 | 000,828,928 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\system32\fontext.dl​l
 [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- E:\Windows\system32\shell32.dl​l
 
 < %systemroot%\Tasks\*.job /lockedfiles  >
 
 < %systemroot%\system32\drivers\​*.sys /lockedfiles  >
 
 < %systemroot%\System32\config\*​.sav  >
 
 
 < MD5 for: AGP440.SYS  >
 [2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D​04DD6E -- E:\Windows\System32\drivers\AG​P440.sys
 [2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D​04DD6E -- E:\Windows\System32\DriverStor​e\FileRepository\machine.inf_x​86_neutral_a97a2a0d0fbc6696\AG​P440.sys
 [2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D​04DD6E -- E:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.1.7600.​16385_none_b9e9435f20046eeb\AG​P440.sys
 [2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D​04DD6E -- E:\Windows\winsxs\x86_machine.​inf_31bf3856ad364e35_6.1.7601.​17514_none_bc1a57271cf2f285\AG​P440.sys
 
 < MD5 for: ATAPI.SYS  >
 [2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB97651​9BF59E -- E:\Windows\System32\drivers\at​api.sys
 [2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB97651​9BF59E -- E:\Windows\System32\DriverStor​e\FileRepository\mshdc.inf_x86​_neutral_fab873f3e8a3315c\atap​i.sys
 [2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB97651​9BF59E -- E:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.1.7600.16​385_none_dd0e7e3d82dd640d\atap​i.sys
 [2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB97651​9BF59E -- E:\Windows\winsxs\x86_mshdc.in​f_31bf3856ad364e35_6.1.7601.17​514_none_df3f92057fcbe7a7\atap​i.sys
 
 < MD5 for: CNGAUDIT.DLL  >
 [2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6​FEFD7E -- E:\Windows\System32\cngaudit.d​ll
 [2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6​FEFD7E -- E:\Windows\winsxs\x86_microsof​t-windows-cngaudit-dll_31bf385​6ad364e35_6.1.7600.16385_none_​e83a414890e8132b\cngaudit.dll
 
 < MD5 for: EXPLORER.EXE  >
 [2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD​67B746 -- E:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.1.7601.21669_none_5414​9f9ef14031fc\explorer.exe
 [2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB47​7CF76F -- E:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.1.7600.16385_none_518a​fd35db100430\explorer.exe
 [2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93​280BD8 -- E:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.1.7600.20910_none_525b​5180f3f95373\explorer.exe
 [2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE​3EE727 -- E:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.1.7600.16450_none_51a6​6d6ddafc2ed1\explorer.exe
 [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19​482BBF -- E:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.1.7600.16768_none_51a3​a583dafd0cef\explorer.exe
 [2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68​514493 -- E:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.1.7601.17514_none_53bc​10fdd7fe87ca\explorer.exe
 [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498​C02B3E -- E:\Windows\explorer.exe
 [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498​C02B3E -- E:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.1.7601.17567_none_5389​023fd8245f84\explorer.exe
 [2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B0​8B518D -- E:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.1.7600.20500_none_5266​19d4f3f142e6\explorer.exe
 [2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B335​1CF047 -- E:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.1.7600.16404_none_51e0​7e31dad00878\explorer.exe
 [2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C1933​78F917 -- E:\Windows\winsxs\x86_microsof​t-windows-explorer_31bf3856ad3​64e35_6.1.7600.20563_none_5228​3b2af41f3691\explorer.exe
 
 < MD5 for: IASTORV.SYS  >
 [2011/03/11 00:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62​D8B76E -- E:\Windows\System32\drivers\ia​StorV.sys
 [2011/03/11 00:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62​D8B76E -- E:\Windows\System32\DriverStor​e\FileRepository\iastorv.inf_x​86_neutral_0bcee2057afcc090\ia​StorV.sys
 [2011/03/11 00:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62​D8B76E -- E:\Windows\winsxs\x86_iastorv.​inf_31bf3856ad364e35_6.1.7601.​17577_none_b0daddb9e6380745\ia​StorV.sys
 [2011/03/11 00:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28​D6D9E9 -- E:\Windows\winsxs\x86_iastorv.​inf_31bf3856ad364e35_6.1.7600.​16778_none_aef580fde910b4b0\ia​StorV.sys
 [2011/03/11 00:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD​41DB20 -- E:\Windows\winsxs\x86_iastorv.​inf_31bf3856ad364e35_6.1.7601.​21680_none_b152a892ff64119f\ia​StorV.sys
 [2009/07/13 20:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299​B77B67 -- E:\Windows\winsxs\x86_iastorv.​inf_31bf3856ad364e35_6.1.7600.​16385_none_aee7a89be91b9000\ia​StorV.sys
 [2010/11/20 07:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF823350​7EE5AD -- E:\Windows\System32\DriverStor​e\FileRepository\iastorv.inf_x​86_neutral_668286aa35d55928\ia​StorV.sys
 [2010/11/20 07:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF823350​7EE5AD -- E:\Windows\winsxs\x86_iastorv.​inf_31bf3856ad364e35_6.1.7601.​17514_none_b118bc63e60a139a\ia​StorV.sys
 [2011/03/11 00:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2​402445 -- E:\Windows\winsxs\x86_iastorv.​inf_31bf3856ad364e35_6.1.7600.​20921_none_afae2d45020c148b\ia​StorV.sys
 
 < MD5 for: NETLOGON.DLL  >
 [2010/11/20 07:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C8941​00883B -- E:\Windows\System32\netlogon.d​ll
 [2010/11/20 07:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C8941​00883B -- E:\Windows\winsxs\x86_microsof​t-windows-security-netlogon_31​bf3856ad364e35_6.1.7601.17514_​none_ffbf212e963c0162\netlogon​.dll
 [2009/07/13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6​C60E81 -- E:\Windows\winsxs\x86_microsof​t-windows-security-netlogon_31​bf3856ad364e35_6.1.7600.16385_​none_fd8e0d66994d7dc8\netlogon​.dll
 
 < MD5 for: NVSTOR.SYS  >
 [2011/03/11 00:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF67​19A8A4 -- E:\Windows\System32\drivers\nv​stor.sys
 [2011/03/11 00:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF67​19A8A4 -- E:\Windows\System32\DriverStor​e\FileRepository\nvraid.inf_x8​6_neutral_0276fc3b3ea60d41\nvs​tor.sys
 [2011/03/11 00:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF67​19A8A4 -- E:\Windows\winsxs\x86_nvraid.i​nf_31bf3856ad364e35_6.1.7601.1​7577_none_3ba44e691d6eb11d\nvs​tor.sys
 [2011/03/11 00:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34​E11536 -- E:\Windows\winsxs\x86_nvraid.i​nf_31bf3856ad364e35_6.1.7600.1​6778_none_39bef1ad20475e88\nvs​tor.sys
 [2011/03/11 00:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5A​D5B1AF -- E:\Windows\winsxs\x86_nvraid.i​nf_31bf3856ad364e35_6.1.7601.2​1680_none_3c1c1942369abb77\nvs​tor.sys
 [2011/03/11 00:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB266265​26BC91 -- E:\Windows\winsxs\x86_nvraid.i​nf_31bf3856ad364e35_6.1.7600.2​0921_none_3a779df43942be63\nvs​tor.sys
 [2010/11/20 07:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DA​BCEC82 -- E:\Windows\System32\DriverStor​e\FileRepository\nvraid.inf_x8​6_neutral_dd659ed032d28a14\nvs​tor.sys
 [2010/11/20 07:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DA​BCEC82 -- E:\Windows\winsxs\x86_nvraid.i​nf_31bf3856ad364e35_6.1.7601.1​7514_none_3be22d131d40bd72\nvs​tor.sys
 [2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933​ACED0F -- E:\Windows\winsxs\x86_nvraid.i​nf_31bf3856ad364e35_6.1.7600.1​6385_none_39b1194b205239d8\nvs​tor.sys
 
 < MD5 for: SCECLI.DLL  >
 [2009/07/13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D​6B47D2 -- E:\Windows\winsxs\x86_microsof​t-windows-s..urationengineclie​nt_31bf3856ad364e35_6.1.7600.1​6385_none_37e4387f3a6f0483\sce​cli.dll
 [2010/11/20 07:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B​96AAF4 -- E:\Windows\System32\scecli.dll
 [2010/11/20 07:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B​96AAF4 -- E:\Windows\winsxs\x86_microsof​t-windows-s..urationengineclie​nt_31bf3856ad364e35_6.1.7601.1​7514_none_3a154c47375d881d\sce​cli.dll
 
 < MD5 for: WININIT.EXE  >
 [2009/07/13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D1356001​29D665 -- E:\Windows\System32\wininit.ex​e
 [2009/07/13 20:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D1356001​29D665 -- E:\Windows\winsxs\x86_microsof​t-windows-wininit_31bf3856ad36​4e35_6.1.7600.16385_none_30c90​ef265a43c13\wininit.exe
 
 < MD5 for: WINLOGON.EXE  >
 [2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E​7F03FD -- E:\Windows\winsxs\x86_microsof​t-windows-winlogon_31bf3856ad3​64e35_6.1.7600.16447_none_6fc6​99643622d177\winlogon.exe
 [2009/10/28 00:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED​187F30 -- E:\Windows\winsxs\x86_microsof​t-windows-winlogon_31bf3856ad3​64e35_6.1.7600.20560_none_7033​94514f56f7c2\winlogon.exe
 [2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22​C47560 -- E:\Windows\System32\winlogon.e​xe
 [2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22​C47560 -- E:\Windows\winsxs\x86_microsof​t-windows-winlogon_31bf3856ad3​64e35_6.1.7601.17514_none_71ca​6b0233339500\winlogon.exe
 [2009/07/13 20:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A3​88F2CF -- E:\Windows\winsxs\x86_microsof​t-windows-winlogon_31bf3856ad3​64e35_6.1.7600.16385_none_6f99​573a36451166\winlogon.exe
 
 < CREATERESTOREPOINT  >
 
 ========== Alternate Data Streams ==========
 
 @Alternate Data Stream - 135 bytes -> E:\ProgramData\TEMP:7FFED16F
 @Alternate Data Stream - 125 bytes -> E:\ProgramData\TEMP:010ADD2C
 < End of report >

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 22:24:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Et le extras.txt.

 OTL Extras logfile created on: 1/1/2013 8:54:19 PM - Run
 OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
 Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files
 Drive C: | 100.00 Mb Total Space | 65.86 Mb Free Space | 65.87% Space Free | Partition Type: NTFS
 Drive D: | 3.72 Gb Total Space | 3.72 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
 Drive E: | 931.41 Gb Total Space | 84.55 Gb Free Space | 9.08% Space Free | Partition Type: NTFS
 Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
 Computer Name: REATOGO | User Name: SYSTEM
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 Using ControlSet: ControlSet002
 
 ========== Extra Registry (SafeList) ==========
 
 
 ========== File Associations ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<extension>]
 .cpl [@ = cplfile] -- E:\Windows\System32\control.ex​e (Microsoft Corporation)
 .hlp [@ = hlpfile] -- E:\Windows\winhlp32.exe (Microsoft Corporation)
 .html [@ = ChromeHTML] -- E:\Program Files\Google\Chrome\Applicatio​n\chrome.exe (Google Inc.)
 
 ========== Shell Spawning ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\<key>\shell\[comma​nd]\command]
 batfile [open] -- "%1" %*
 cmdfile [open] -- "%1" %*
 comfile [open] -- "%1" %*
 cplfile [cplopen] -- %SystemRoot%\System32\control.​exe "%1",%* (Microsoft Corporation)
 exefile [open] -- "%1" %*
 helpfile [open] -- Reg Error: Key error.
 hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
 http [open] -- "C:\Program Files\Google\Chrome\Applicatio​n\chrome.exe" -- "%1" (Google Inc.)
 https [open] -- "C:\Program Files\Google\Chrome\Applicatio​n\chrome.exe" -- "%1" (Google Inc.)
 inffile [install] -- %SystemRoot%\System32\InfDefau​ltInstall.exe "%1" (Microsoft Corporation)
 piffile [open] -- "%1" %*
 regfile [merge] -- Reg Error: Key error.
 scrfile [config] -- "%1"
 scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
 scrfile [open] -- "%1" /S
 txtfile [edit] -- Reg Error: Key error.
 Unknown [openas] -- %SystemRoot%\system32\rundll32​.exe %SystemRoot%\system32\shell32.​dll,OpenAs_RunDLL %1
 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
 Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
 Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 Folder [explore] -- Reg Error: Value error.
 Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
 ========== Security Center Settings ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center]
 "cval" = 0
 "AntiVirusDisableNotify" = 1
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Monitoring]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Security Center\Svc]
 "VistaSp1" = Reg Error: Unknown registry data type -- File not found
 "AntiVirusOverride" = 0
 "AntiSpywareOverride" = 0
 "FirewallOverride" = 0
 
 ========== Firewall Settings ==========
 
 ========== Authorized Applications List ==========
 
 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall]
 "{002D9D5E-29BA-3E6D-9BC4-3D7D​6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
 "{01501EBA-EC35-4F9F-8889-3BE3​46E5DA13}" = MSXML4 Parser
 "{043F86B7-EE12-3399-B2CA-D0B6​03D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack
 "{048298C9-A4D3-490B-9FF9-AB02​3A9238F3}" = Steam
 "{0673654C-5296-453B-9798-B61C​D7E03FEB}" = SES Driver
 "{07300F01-89CA-4CF8-92BD-2A60​5EB83C95}" = EasySaver B9.0904.1
 "{0A0CADCF-78DA-33C4-A350-CD51​849B9702}" = Microsoft .NET Framework 4 Extended
 "{0AD84416-63A4-4CF3-BDDF-8FA8​66711FB0}" = Civilization III
 "{0F5B4A82-9DAF-3D13-8CB8-AEB2​5E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
 "{133742BA-6F46-4D3E-85AF-7863​1D9AD8B8}" = Installation Windows Live
 "{14DC0059-00F1-4F62-BD1A-AB23​CD51A95E}" = Adobe AIR
 "{18026153-83A4-40E0-96B6-41E4​41607518}" = Eraser 6.0.9.2343
 "{18455581-E099-4BA8-BC6B-F34B​2F06600C}" = Google Toolbar for Internet Explorer
 "{1F1C2DFC-2D24-3E06-BCB8-7251​34ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
 "{205C6BDD-7B73-42DE-8505-9A09​3F35A238}" = Outil de téléchargement Windows Live
 "{22B775E7-6C42-4FC5-8E10-9A5E​3257BD94}" = MSVCRT
 "{22FB6750-ADDF-4726-B67F-6901​E1991036}" = Nero 7 Essentials
 "{2318C2B1-4965-11d4-9B18-0090​27A5CD4F}" = Google Toolbar for Internet Explorer
 "{26A24AE4-039D-4CA4-87B4-2F83​216022FF}" = Java(TM) 6 Update 30
 "{28A946E1-E83B-4662-BC7C-2345​1851489E}" = Razer Copperhead
 "{28E82311-8616-11E1-BEB0-B8AC​6F97B88E}" = Google Earth
 "{2BFC7AA0-544C-4E3A-8796-67F3​BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
 "{2C7FB3E3-A653-48A0-B290-8856​59E6ED5C}" = Micro Application - Architecte 3DHD Expert Cad
 "{2FDD750F-49B7-40C1-9D5E-D295​5BC0E2D8}" = NVIDIA PhysX
 "{3175E049-F9A9-4A3D-8F19-AC9F​B04514D1}" = Windows Live Communications Platform
 "{3A1B5D40-41E9-43FA-8C7B-A866​7F5586EF}" = JMicron JMB36X Driver
 "{3B11D799-48E0-48ED-BFD7-EA65​5676D8BB}" = Star Wars: The Old Republic
 "{3C3901C5-3455-3E0A-A214-0B09​3A5070A6}" = Microsoft .NET Framework 4 Client Profile
 "{445B183D-F4F1-45C8-B9DB-F113​55CA657B}" = Windows Live Messenger
 "{4A03706F-666A-4037-7777-5F27​48764D10}" = Java Auto Updater
 "{51C7AD07-C3F6-4635-8E8A-2313​06D810FE}" = Cisco LEAP Module
 "{529125EF-E3AC-4B74-97E6-F688​A7C0F1BF}" = Paint.NET v3.5.10
 "{5442DAB8-7177-49E1-8B22-09A0​49EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
 "{54A9A9E1-8C4C-44FE-AA6B-182E​A1E779FD}" = Hercules WiFi Station N
 "{56C049BE-79E9-4502-BEA7-9754​A3E60F9B}" = neroxml
 "{5B363E1D-8C36-4458-BAE4-D508​1999E094}" = Browser Configuration Utility
 "{64BF0187-F3D2-498B-99EA-163A​F9AE6EC9}" = Cisco EAP-FAST Module
 "{710f4c1c-cc18-4c49-8cbf-5124​0c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
 "{7299052b-02a4-4627-81f2-1818​da5d550d}" = Microsoft Visual C++ 2005 Redistributable
 "{837b34e3-7c30-493c-8f6a-2b0f​04e2912c}" = Microsoft Visual C++ 2005 Redistributable
 "{8570BEE8-0CA3-4977-9AB1-80ED​93F0513C}" = Assassin's Creed II
 "{86CE85E6-DBAC-3FFD-B977-E4B7​9F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
 "{8833FFB6-5B0C-4764-81AA-06DF​EED9A476}" = Realtek Ethernet Controller Driver
 "{888F1505-C2B3-4FDE-835D-3635​3EBD4754}" = Ubisoft Game Launcher
 "{89F4137D-6C26-4A84-BDB8-2E5A​4BB71E00}" = Microsoft Silverlight
 "{8CFA9151-6404-409A-AF22-4632​D04582FD}" = Assassin's Creed
 "{8DC910CD-8EE3-4ffc-A4EB-9B02​701059C4}" = Battlefield Heroes
 "{90120000-0011-0000-0000-0000​000FF1CE}" = Microsoft Office Professional Plus 2007
 "{90120000-0011-0000-0000-0000​000FF1CE}_PROPLUS_{6E107EB7-8B​55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-0015-040C-0000-0000​000FF1CE}" = Microsoft Office Access MUI (French) 2007
 "{90120000-0015-040C-0000-0000​000FF1CE}_PROPLUS_{CF3C20A6-47​B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-0016-040C-0000-0000​000FF1CE}" = Microsoft Office Excel MUI (French) 2007
 "{90120000-0016-040C-0000-0000​000FF1CE}_PROPLUS_{CF3C20A6-47​B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-0018-040C-0000-0000​000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
 "{90120000-0018-040C-0000-0000​000FF1CE}_PROPLUS_{CF3C20A6-47​B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-0019-040C-0000-0000​000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
 "{90120000-0019-040C-0000-0000​000FF1CE}_PROPLUS_{CF3C20A6-47​B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-001A-040C-0000-0000​000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
 "{90120000-001A-040C-0000-0000​000FF1CE}_PROPLUS_{CF3C20A6-47​B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-001B-040C-0000-0000​000FF1CE}" = Microsoft Office Word MUI (French) 2007
 "{90120000-001B-040C-0000-0000​000FF1CE}_PROPLUS_{CF3C20A6-47​B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-001F-0401-0000-0000​000FF1CE}" = Microsoft Office Proof (Arabic) 2007
 "{90120000-001F-0401-0000-0000​000FF1CE}_PROPLUS_{3E8EA473-EC​CE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
 "{90120000-001F-0407-0000-0000​000FF1CE}" = Microsoft Office Proof (German) 2007
 "{90120000-001F-0407-0000-0000​000FF1CE}_PROPLUS_{928D7B99-2B​EA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
 "{90120000-001F-0409-0000-0000​000FF1CE}" = Microsoft Office Proof (English) 2007
 "{90120000-001F-0409-0000-0000​000FF1CE}_PROPLUS_{1FF96026-A0​4A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
 "{90120000-001F-040C-0000-0000​000FF1CE}" = Microsoft Office Proof (French) 2007
 "{90120000-001F-040C-0000-0000​000FF1CE}_PROPLUS_{71F055E8-E2​C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
 "{90120000-001F-0413-0000-0000​000FF1CE}" = Microsoft Office Proof (Dutch) 2007
 "{90120000-001F-0413-0000-0000​000FF1CE}_PROPLUS_{2C95E7EE-FE​A7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
 "{90120000-001F-0C0A-0000-0000​000FF1CE}" = Microsoft Office Proof (Spanish) 2007
 "{90120000-001F-0C0A-0000-0000​000FF1CE}_PROPLUS_{2314F9A1-12​6F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
 "{90120000-002C-040C-0000-0000​000FF1CE}" = Microsoft Office Proofing (French) 2007
 "{90120000-0044-040C-0000-0000​000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
 "{90120000-0044-040C-0000-0000​000FF1CE}_PROPLUS_{CF3C20A6-47​B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{90120000-006E-040C-0000-0000​000FF1CE}" = Microsoft Office Shared MUI (French) 2007
 "{90120000-006E-040C-0000-0000​000FF1CE}_PROPLUS_{8283FD64-6A​3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
 "{918A9082-6287-4D25-9002-5E5D​5E4971CB}" = League of Legends
 "{9322A850-9091-4D0E-B252-3E82​EDA3D94A}" = Prototype(TM)
 "{943A8D28-80D6-41DC-AE94-81FE​B42041BF}" = System Requirements Lab CYRI
 "{95120000-00B9-0409-0000-0000​000FF1CE}" = Microsoft Application Error Reporting
 "{9580813D-94B1-4C28-9426-A441​E2BB29A5}" = Counter-Strike: Source
 "{9A25302D-30C0-39D9-BD6F-21E6​EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
 "{9BE518E6-ECC6-35A9-88E4-8775​5C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
 "{9C049499-055C-4a0c-A916-1D8C​A1FF45EB}" = REALTEK Wireless LAN Driver and Utility
 "{A92DAB39-4E2C-4304-9AB6-BC44​E68B55E2}" = Google Update Helper
 "{AC76BA86-7AD7-1036-7B44-AA10​00000001}" = Adobe Reader X (10.1.4) - Français
 "{ADAC6B24-DECC-48BD-B6EF-886E​E98475F5}" = Ma-Config.com
 "{B2FE1952-0186-46C3-BAEC-A80A​A35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 306.97
 "{B2FE1952-0186-46C3-BAEC-A80A​A35AC5B8}_Display.ControlPanel​" = Panneau de configuration NVIDIA 306.97
 "{B2FE1952-0186-46C3-BAEC-A80A​A35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 306.97
 "{B2FE1952-0186-46C3-BAEC-A80A​A35AC5B8}_Display.NVIRUSB" = NVIDIA Pilote du contrôleur 3D Vision 306.02
 "{B2FE1952-0186-46C3-BAEC-A80A​A35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.12.0604
 "{B2FE1952-0186-46C3-BAEC-A80A​A35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.10.8
 "{B2FE1952-0186-46C3-BAEC-A80A​A35AC5B8}_installer" = NVIDIA Install Application
 "{B2FE1952-0186-46C3-BAEC-A80A​A35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
 "{B3B487E7-6171-4376-9074-B280​82CEB504}" = Windows Live Call
 "{B6CF2967-C81E-40C0-9815-C057​74FEF120}" = Skype Click to Call
 "{CD95F661-A5C4-44F5-A6AA-ECDD​91C240B7}" = WinZip 12.0
 "{DCE8CD14-FBF5-4464-B9A4-E18E​473546C7}" = Assistant de connexion Windows Live
 "{E1019541-10A2-464F-A23E-A4F2​3DA65160}" = Mumble 1.2.3
 "{E3B9C5A9-BD7A-4B56-B754-FAEA​7DD6FA88}" = Far Cry 3
 "{E3E71D07-CD27-46CB-8448-16D4​FB29AA13}" = Microsoft WSE 3.0 Runtime
 "{ED5776D5-59B4-46B7-AF81-5F2D​94D7C640}" = Cisco PEAP Module
 "{EE7257A2-39A2-4D2F-9DAC-F9F2​5B8AE1D8}" = Skype™ 5.10
 "{F0C3E5D1-1ADE-321E-8167-68EF​0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
 "{F0E12BBA-AD66-4022-A453-A1C8​A0C4D570}" = Microsoft Choice Guard
 "{F132AF7F-7BCA-4EDE-8A7C-9581​08FE7DBC}" = Realtek High Definition Audio Driver
 "{F31BC49F-AB7B-4A53-A399-EB73​31B585BC}" = Civilization III: Conquests
 "{FC7DDAAE-7F2B-4270-9BFD-5A13​0B667E9E}" = livebox
 "{FF96AABE-C905-DD5F-5BE1-B846​EE36E11C}" = Winamax Poker
 "Adobe AIR" = Adobe AIR
 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
 "Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
 "Audacity_is1" = Audacity 1.2.6
 "AVG Secure Search" = AVG Security Toolbar
 "AVG9Uninstall" = AVG 9.0
 "DAEMON Tools Lite" = DAEMON Tools Lite
 "Diablo III" = Diablo III
 "FL Studio 10" = FL Studio 10
 "FormatFactory" = FormatFactory 2.70
 "Free Video Dub_is1" = Free Video Dub version 2.0.12.706
 "Google Chrome" = Google Chrome
 "Guild Wars 2" = Guild Wars 2
 "HaaliMkx" = Haali Media Splitter
 "IL Download Manager" = IL Download Manager
 "InstallShield_{5442DAB8-7177-​49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
 "ManiaPlanet_is1" = ManiaPlanet
 "Matroska Pack" = Matroska Pack
 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
 "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
 "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
 "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
 "Mozilla Firefox 12.0 (x86 fr)" = Mozilla Firefox 12.0 (x86 fr)
 "MozillaMaintenanceService" = Mozilla Maintenance Service
 "MPlayer2" = Windows Media Player 5.2
 "Notepad++" = Notepad++
 "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
 "PhotoScape" = PhotoScape
 "PoiZone" = PoiZone
 "PROPLUS" = Microsoft Office Professional Plus 2007
 "PunkBusterSvc" = PunkBuster Services
 "RocketDock_is1" = RocketDock 1.3.5
 "Sawer" = Sawer
 "Setuprog Toolbar" = Setuprog Toolbar
 "SpeedFan" = SpeedFan (remove only)
 "StarCraft II" = StarCraft II
 "Steam App 10180" = Call of Duty: Modern Warfare 2
 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
 "Steam App 11020" = TrackMania Nations Forever
 "Steam App 200650" = Lightfish Demo
 "Steam App 42700" = Call of Duty: Black Ops
 "Steam App 42710" = Call of Duty: Black Ops - Multiplayer
 "Steam App 440" = Team Fortress 2
 "Steam App 550" = Left 4 Dead 2
 "Steam App 570" = Dota 2
 "Steam App 730" = Counter-Strike: Global Offensive
 "Synthesia" = Synthesia (remove only)
 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
 "TeamSpeak 3 Client" = TeamSpeak 3 Client
 "Toxic Biohazard" = Toxic Biohazard
 "Uplay" = Uplay
 "Utilitaires Sierra" = Utilitaires Sierra
 "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
 "VLC media player" = VLC media player 2.0.4
 "wam.04351C371E530C3762CBA45FA​283ED972DCDEFB6.1" = Winamax Poker
 "Warcraft III" = Warcraft III
 "WinLiveSuite_Wave3" = Installation Windows Live
 "WinRAR archiver" = WinRAR 4.11 (32-bit)
 "Xfire" = Xfire (remove only)
 
 ========== HKEY_USERS Uninstall List ==========
 
 [HKEY_USERS\Noirbenne_ON_E\SOFT​WARE\Microsoft\Windows\Current​Version\Uninstall]
 "Warcraft III" = Warcraft III: All Products
 
 ========== HKEY_USERS Uninstall List ==========
 
 [HKEY_USERS\postgres.VALOU-PC_O​N_E\SOFTWARE\Microsoft\Windows​\CurrentVersion\Uninstall]
 "{CFBCE791-2D53-4FCE-B3FB-D6E0​1F4112E8}" = Sid Meier's Civilization 4
 "Turbopoker.fr" = Turbopoker.fr
 "Warcraft III" = Warcraft III: All Products
 
 ========== HKEY_USERS Uninstall List ==========
 
 [HKEY_USERS\postgres_ON_E\SOFTW​ARE\Microsoft\Windows\CurrentV​ersion\Uninstall]
 "InstallShield_{BFA90209-7AFF-​4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
 "Warcraft III" = Warcraft III: All Products
 
 ========== HKEY_USERS Uninstall List ==========
 
 [HKEY_USERS\UpdatusUser_ON_E\SO​FTWARE\Microsoft\Windows\Curre​ntVersion\Uninstall]
 "{CFBCE791-2D53-4FCE-B3FB-D6E0​1F4112E8}" = Sid Meier's Civilization 4
 "InstallShield_{BFA90209-7AFF-​4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
 "Turbopoker.fr" = Turbopoker.fr
 "Warcraft III" = Warcraft III: All Products
 
 < End of report >

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 01/01/2013 à 22:35:01  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok  :super: les 2 rapport de OTL tu mes le poste ici http://www.cjoint.com/ stp
 --> Clique sur Parcourir dans la partie Joindre un fichier

 --> Séléctionne le rapport OTL.tex et Extras.txt   qui se trouve sur ton bureau "ça tes fais 2 lien a me poste ici"

 --> Clique ensuite sur " Créer le lien cjoint ",, Un lien va se former, copie et colle le ici STP


 Télécharge Roguekiller de Tigzy sur C:,
 Exécute le programme (par double-clic ou clic droit>Exécuter en tant qu'administrateur pour les versions pls récente que XP),
 Une pré-analyse se lance et cette fenêtre s'ouvre (Si ton antivirus se manifeste, autorise la modification) :

 http://le-site-de-fill.pagespe​rso-orange.fr/Img/roguekiller.​jpg


 Clique sur le bouton "Scan" pour lancer l'analyse,
 Un rapport nommé RKreport[1] doit être créé sur ton Bureau ou sur C:. Copie son contenu dans ta prochaine réponse.






(Publicité)
votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 23:02:24  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 01/01/2013 à 23:05:13  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok :super:

 passe le scan Roguekiller  :)

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 23:15:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
En cours. parcontre rassure moi c'est bien sur l'ordinateur infecté le scan Roguekiller ? Parceque tu dis "(Si ton antivirus se manifeste, autorise la modification) : " mais sous Reatogo mon anti virus n'est pas présent du moins je ne le voie pas.

(Publicité)
votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 23:18:10  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
RogueKiller V8.4.2 [Dec 31 2012] by Tigzy
 mail : tigzyRK<at>gmail<dot>com
 Feedback : http://www.geekstogo.com/forum [...] guekiller/
 Website : http://tigzy.geekstogo.com/roguekiller.php
 Blog : http://tigzyrk.blogspot.com/

 Operating System : Windows XP (5.1.2600 ) 32 bits version
 Started in : Normal mode
 User : SYSTEM [Admin rights]
 Mode : Scan -- Date : 01/01/2013 22:14:23

 ¤¤¤ Bad processes : 0 ¤¤¤

 ¤¤¤ Registry Entries : 2 ¤¤¤
 [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002​B30309D} (1) -> FOUND
 [FILEASSO] HKLM\[...]\command :  (X:\I386\IEXPLORE.EXE) -> FOLDER NOT FOUND

 ¤¤¤ Particular Files / Folders: ¤¤¤

 ¤¤¤ Driver : [NOT LOADED] ¤¤¤

 ¤¤¤ Extern Hives: ¤¤¤
 -> E:\windows\system32\config\SOF​TWARE
 -> E:\windows\system32\config\SYS​TEM
 -> E:\Users\Default\NTUSER.DAT
 -> E:\Users\Noirbenne\NTUSER.DAT
 -> E:\Users\postgres\NTUSER.DAT
 -> E:\Users\postgres.VALOU-PC\NTU​SER.DAT
 -> E:\Users\UpdatusUser\NTUSER.DA​T

 ¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤

 ¤¤¤ HOSTS File: ¤¤¤
 --> X:\i386\system32\drivers\etc\h​osts

 127.0.0.1       localhost


 ¤¤¤ MBR Check: ¤¤¤

 +++++ PhysicalDrive0:  +++++
 --- User ---
 [MBR] 214c1ddb1c341db3b162a304da8fdd​65
 [BSP] 1a1c71df207696acdd05702b6d881d​e0 : Windows 7/8 MBR Code
 Partition table:
 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
 User = LL1 ... OK!
 User = LL2 ... OK!

 +++++ PhysicalDrive1:  +++++
 --- User ---
 [MBR] 7419dafac897b4b307fdf3404d454e​2c
 [BSP] d25b7eb081d5b3508cee03882b78fe​79 : MBR Code unknown
 Partition table:
 0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 3819 Mo
 User = LL1 ... OK!
 Error reading LL2 MBR!

 Finished : << RKreport[1]_S_01012013_02d2214.txt >>
 RKreport[1]_S_01012013_02d2214.txt



sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 01/01/2013 à 23:23:03  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:) non c'est sur le pc malade que tu fait le scan Roguekiller, tin pas conte de antivirus ! tu me le programme Roguekiller sur un clé usb  et tu le me sur ton PC malade tu va le cherche sur la clé usb  et tu fais le scan

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 01/01/2013 à 23:25:46  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok :super:

 (re)Lance RogueKiller.exe.

 Attends la fin du "Prescan" ... et clique sur l'onglet Suppression.

 Une fois le scan achevé, le rapport devrait s'afficher.

 Poste-le.

(Publicité)
votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 23:26:36  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
C'est fait le scan est au dessus de ton message :)
 Euh je répondais à ton message d'avant pour éviter toute confusion je te poste l'autre rapport maintenant :)

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 01/01/2013 à 23:28:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
tu a  clique sur l'onglet Suppression. ?

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 23:30:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
RogueKiller V8.4.2 [Dec 31 2012] by Tigzy
 mail : tigzyRK<at>gmail<dot>com
 Feedback : http://www.geekstogo.com/forum [...] guekiller/
 Website : http://tigzy.geekstogo.com/roguekiller.php
 Blog : http://tigzyrk.blogspot.com/

 Operating System : Windows XP (5.1.2600 ) 32 bits version
 Started in : Normal mode
 User : SYSTEM [Admin rights]
 Mode : Remove -- Date : 01/01/2013 22:22:27

 ¤¤¤ Bad processes : 0 ¤¤¤

 ¤¤¤ Registry Entries : 2 ¤¤¤
 [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002​B30309D} (1) -> REPLACED (0)
 [FILEASSO] HKLM\[...]\command :  (X:\I386\IEXPLORE.EXE) -> FOLDER NOT FOUND

 ¤¤¤ Particular Files / Folders: ¤¤¤

 ¤¤¤ Driver : [NOT LOADED] ¤¤¤

 ¤¤¤ Extern Hives: ¤¤¤
 -> E:\windows\system32\config\SOF​TWARE
 -> E:\windows\system32\config\SYS​TEM
 -> E:\Users\Default\NTUSER.DAT
 -> E:\Users\Noirbenne\NTUSER.DAT
 -> E:\Users\postgres\NTUSER.DAT
 -> E:\Users\postgres.VALOU-PC\NTU​SER.DAT
 -> E:\Users\UpdatusUser\NTUSER.DA​T

 ¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤

 ¤¤¤ HOSTS File: ¤¤¤
 --> X:\i386\system32\drivers\etc\h​osts

 127.0.0.1       localhost


 ¤¤¤ MBR Check: ¤¤¤

 +++++ PhysicalDrive0:  +++++
 --- User ---
 [MBR] 214c1ddb1c341db3b162a304da8fdd​65
 [BSP] 1a1c71df207696acdd05702b6d881d​e0 : Windows 7/8 MBR Code
 Partition table:
 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
 User = LL1 ... OK!
 User = LL2 ... OK!

 Finished : << RKreport[2]_D_01012013_02d2222.txt >>
 RKreport[1]_S_01012013_02d2214.txt ; RKreport[2]_D_01012013_02d2222.txt



sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 01/01/2013 à 23:33:47  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok la oui  :super:

 essai de redemmare le pc normalement et dit-moi si ça marche ! :)  

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 23:35:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Malheuresement, non toujours pas :/  

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 01/01/2013 à 23:37:58  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Parcontre en mode sans échec avec prise du réseau sa marche

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 01/01/2013 à 23:43:18  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok

 retourne sur OTLPE.et fais ceci -->

 --> Double clic sur OTL.exe pour le lancer.
 (Vista/Seven --> Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

 --> Copie la liste qui se trouve en citation ci-dessous, et colle-la dans la zone sous " Personnalisation "  

 :OTL
 IE - HKLM\..\URLSearchHook: {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)    => Infection BT (Adware.Shopper)
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)    => Infection BT (Adware.Shopper)
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)    => Infection BT (Adware.Shopper)
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)    => Infection BT (Adware.Shopper)
 FF - prefs.js..browser.startup.home​page: "http://search.iminent.com/?ap​pId=1BF24DE1-3849-4059-8F29-10​18ED819B61"
 [2011/11/05 14:56:35 | 000,000,000 | ---D | M] (Babylon) -- E:\Program Files\Mozilla Firefox\extensions\ffxtlbr@bab​ylon.com    => Infection BT (Toolbar.Babylon)
 [2011/11/05 14:56:25 | 000,002,288 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\babylon.​xml    => Infection BT (Toolbar.Babylon)
 O2 - BHO: (Setuprog Toolbar) - {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)    => Infection BT (Adware.Shopper)
 O3 - HKLM\..\Toolbar: (Setuprog Toolbar) - {f4ef4468-9bbb-45a1-a2ce-f0c43​0a9a7e5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)    => Infection BT (Adware.Shopper)
 O3 - HKU\.DEFAULT\..\Toolbar\WebBro​wser: (Setuprog Toolbar) - {F4EF4468-9BBB-45A1-A2CE-F0C43​0A9A7E5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)    => Infection BT (Adware.Shopper)
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E​9456D39} - No CLSID value found.    => Infection PUP (Adware.Yontoo)
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (Setuprog Toolbar) - {F4EF4468-9BBB-45A1-A2CE-F0C43​0A9A7E5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)    => Infection BT (Adware.Shopper)
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E​9456D39} - No CLSID value found.    => Infection PUP (Adware.Yontoo)
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (Setuprog Toolbar) - {F4EF4468-9BBB-45A1-A2CE-F0C43​0A9A7E5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)    => Infection BT (Adware.Shopper)
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E​9456D39} - No CLSID value found.    => Infection PUP (Adware.Yontoo)
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (Setuprog Toolbar) - {F4EF4468-9BBB-45A1-A2CE-F0C43​0A9A7E5} - E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.)    => Infection BT (Adware.Shopper)
 [2013/01/01 12:52:32 | 095,023,320 | ---- | M] () -- E:\ProgramData\dsgsdgdsgdsgw.p​ad    => Infection Diverse (Exploit.Drop.GSA)
 [2012/12/29 17:19:13 | 095,023,320 | ---- | C] () -- E:\ProgramData\dsgsdgdsgdsgw.p​ad    => Infection Diverse (Exploit.Drop.GSA)
 [2012/03/29 00:54:09 | 000,391,520 | ---- | C] () -- E:\Users\Noirbenne\AppData\Roa​ming\kujytuo.exe    => Infection PUP (Virus.Kujytuo)
 [2011/01/09 09:17:08 | 000,000,204 | ---- | C] () -- E:\Windows\System32\secustat.d​at    => Infection Diverse
 [2011/11/05 14:56:24 | 000,000,000 | ---D | M] -- E:\ProgramData\Babylon    => Infection BT (Toolbar.Babylon)
 "{26A24AE4-039D-4CA4-87B4-2F83​216022FF}" = Java 6 Update 30    => Oracle
 [2013/01/01 12:31:46 | 000,001,058 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateT​askMachineCore.job    => Google Update Task
 [2013/01/01 10:51:00 | 000,001,062 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateT​askMachineUA.job    => Google Update Task
 O13 - gopher Prefix: missing    => Malware sous Windows NT5
 IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D​756017C} - Reg Error: Key error. File not found    => AVG Security Toolbar
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {1392b8d2-5c05-419f-a8f6-b9f15​a596612} - Reg Error: Key error. File not found    => Toolbar.Conduit
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {22e03916-85c5-44b0-8dc9-1830c​11238d9} - Reg Error: Key error. File not found    => Conduit Elf 1 Toolbar
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {4daac69c-cba7-45e2-9bc8-10444​83d3352} - Reg Error: Key error. File not found    => Toolbar.Conduit
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {A3BC75A2-1F87-4686-AA43-5347D​756017C} - Reg Error: Key error. File not found    => AVG Security Toolbar
 IE - HKU\Noirbenne_ON_E\..\URLSearc​hHook: {ba14329e-9550-4989-b3f2-9732e​92d17cc} - Reg Error: Key error. File not found    => Toolbar.Conduit
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15​a596612} - Reg Error: Key error. File not found    => Toolbar.Conduit
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c​11238d9} - Reg Error: Key error. File not found    => Conduit Elf 1 Toolbar
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {4daac69c-cba7-45e2-9bc8-10444​83d3352} - Reg Error: Key error. File not found    => Toolbar.Conduit
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D​756017C} - Reg Error: Key error. File not found    => AVG Security Toolbar
 IE - HKU\postgres.VALOU-PC_ON_E\..\​URLSearchHook: {ba14329e-9550-4989-b3f2-9732e​92d17cc} - Reg Error: Key error. File not found    => Toolbar.Conduit
 IE - HKU\postgres_ON_E\..\URLSearch​Hook: {22e03916-85c5-44b0-8dc9-1830c​11238d9} - Reg Error: Key error. File not found    => Conduit Elf 1 Toolbar
 IE - HKU\postgres_ON_E\..\URLSearch​Hook: {4daac69c-cba7-45e2-9bc8-10444​83d3352} - Reg Error: Key error. File not found    => Toolbar.Conduit
 IE - HKU\postgres_ON_E\..\URLSearch​Hook: {A3BC75A2-1F87-4686-AA43-5347D​756017C} - Reg Error: Key error. File not found    => AVG Security Toolbar
 IE - HKU\postgres_ON_E\..\URLSearch​Hook: {ba14329e-9550-4989-b3f2-9732e​92d17cc} - Reg Error: Key error. File not found    => Toolbar.Conduit
 IE - HKU\postgres_ON_E\..\URLSearch​Hook: {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - Reg Error: Key error. File not found    => Yahoo Companion!
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {1392b8d2-5c05-419f-a8f6-b9f15​a596612} - Reg Error: Key error. File not found    => Toolbar.Conduit
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {22e03916-85c5-44b0-8dc9-1830c​11238d9} - Reg Error: Key error. File not found    => Conduit Elf 1 Toolbar
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {4daac69c-cba7-45e2-9bc8-10444​83d3352} - Reg Error: Key error. File not found    => Toolbar.Conduit
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {A3BC75A2-1F87-4686-AA43-5347D​756017C} - Reg Error: Key error. File not found    => AVG Security Toolbar
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {ba14329e-9550-4989-b3f2-9732e​92d17cc} - Reg Error: Key error. File not found    => Toolbar.Conduit
 IE - HKU\UpdatusUser_ON_E\..\URLSea​rchHook: {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - Reg Error: Key error. File not found    => Yahoo Companion!
 FF - prefs.js..extensions.enabledIt​ems: {1392b8d2-5c05-419f-a8f6-b9f15​a596612}:3.8.1.0    => Toolbar.Conduit
 FF - HKLM\Software\MozillaPlugins\@​avg.com/AVG SiteSafety plugin,version=11.0.0.1,applic​ation/x-avg-sitesafety-plugin: E:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.​2.0\\npsitesafety.dll ()    => Toolbar.AVGSearch
 [2012/10/27 20:01:41 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​abvkpc1e.default\extensions\{1​392b8d2-5c05-419f-a8f6-b9f15a5​96612}    => Toolbar.Conduit
 [2010/12/24 20:59:10 | 000,000,000 | ---D | M] (Softonic_France Community Toolbar) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions\{4​daac69c-cba7-45e2-9bc8-1044483​d3352}    => Toolbar.Conduit
 [2011/10/18 22:41:45 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions\{b​a14329e-9550-4989-b3f2-9732e92​d17cc}    => Toolbar.Conduit
 [2010/12/24 20:59:10 | 000,000,000 | ---D | M] (Conduit Engine) -- E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions\en​gine@conduit.com
 [2012/11/08 13:54:19 | 000,003,572 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\avg-secu​re-search.xml    => Toolbar.AVGSearch
 O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684​A933233} - E:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()    => Toolbar.AVGSearch
 O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F78​51A4497} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)    => Toolbar.Skype
 O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684​A933233} - E:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()    => Toolbar.AVGSearch
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15​A596612} - No CLSID value found.    => Conduit Freecorder Toolbar
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - No CLSID value found.    => Toolbar.Conduit
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-10444​83D3352} - No CLSID value found.    => Toolbar.Conduit
 O3 - HKU\Noirbenne_ON_E\..\Toolbar\​WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E​92D17CC} - No CLSID value found.    => Toolbar.Conduit
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15​A596612} - No CLSID value found.    => Conduit Freecorder Toolbar
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - No CLSID value found.    => Toolbar.Conduit
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-10444​83D3352} - No CLSID value found.    => Toolbar.Conduit
 O3 - HKU\postgres.VALOU-PC_ON_E\..\​Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E​92D17CC} - No CLSID value found.    => Toolbar.Conduit
 O3 - HKU\postgres_ON_E\..\Toolbar\W​ebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - No CLSID value found.    => Toolbar.Conduit
 O3 - HKU\postgres_ON_E\..\Toolbar\W​ebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-10444​83D3352} - No CLSID value found.    => Toolbar.Conduit
 O3 - HKU\postgres_ON_E\..\Toolbar\W​ebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E​92D17CC} - No CLSID value found.    => Toolbar.Conduit
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15​A596612} - No CLSID value found.    => Conduit Freecorder Toolbar
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA​6BD249D} - No CLSID value found.    => Toolbar.Conduit
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-10444​83D3352} - No CLSID value found.    => Toolbar.Conduit
 O3 - HKU\UpdatusUser_ON_E\..\Toolba​r\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E​92D17CC} - No CLSID value found.    => Toolbar.Conduit
 O4 - HKLM..\Run: [HF_G_Jul] E:\Program Files\AVG Secure Search\HF_G_Jul.exe ()    => AVG%Secure Search Toolbar
 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46​303B9E5} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)    => Toolbar.Skype
 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE​494F8D1} - E:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)    => Grisoft AVG Internet Security Suite
 O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C2​27862A9} - E:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.​2.0\ViProtocol.dll ()    => Toolbar.ViProtocol
 [2012/11/08 13:54:42 | 000,000,000 | ---D | M] -- E:\ProgramData\AVG Secure Search    => Toolbar.AVGSearch
 [2011/05/30 07:14:51 | 000,000,000 | ---D | M] -- E:\ProgramData\AVG Security Toolbar    => Toolbar.AVGSearch
 "{2318C2B1-4965-11d4-9B18-0090​27A5CD4F}" = Google Toolbar for Internet Explorer    => Toolbar.Google
 "AVG Secure Search" = AVG Security Toolbar    => Toolbar.AVGSearch
 "Setuprog Toolbar" = Setuprog Toolbar    => Setuprog Toolbar
 :Commands
 [EMPTYFLASH]
 [Emptytemp]



 --> Clique sur " Correction " pour lancer la suppression.

 --> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

 --> Au redémarrage , autorise OTL a s'exécuter.

 --> Poste le rapport généré par OTL.

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 01/01/2013 à 23:44:02  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok alors fais ça mode san echec  :super:

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 02/01/2013 à 00:01:47  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
========== OTL ==========
 Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\URLSearchHooks\\{f4ef​4468-9bbb-45a1-a2ce-f0c430a9a7​e5} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{f4ef4468-9bbb-45a​1-a2ce-f0c430a9a7e5}\ deleted successfully.
 File E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.) => Infection BT not found.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{f4ef4468-9bbb-45a​1-a2ce-f0c430a9a7e5}\ not found.
 File E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.) => Infection BT not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{f4ef4468-9bbb-45a​1-a2ce-f0c430a9a7e5}\ not found.
 File E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.) => Infection BT not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{f4ef4468-9bbb-45a​1-a2ce-f0c430a9a7e5}\ not found.
 File E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.) => Infection BT not found.
 Prefs.js: "http://search.iminent.com/?ap​pId=1BF24DE1-3849-4059-8F29-10​18ED819B61" removed from browser.startup.homepage
 Folder E:\Program Files\Mozilla Firefox\extensions\ffxtlbr@bab​ylon.com => Infection BT (Toolbar.Babylon)\ not found.
 File E:\Program Files\mozilla firefox\searchplugins\babylon.​xml => Infection BT (Toolbar.Babylon) not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{f4ef4468-9bbb-45a1-a2​ce-f0c430a9a7e5}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{f4ef4468-9bbb-45a​1-a2ce-f0c430a9a7e5}\ not found.
 File E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.) => Infection BT not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{f4ef4468-9b​bb-45a1-a2ce-f0c430a9a7e5} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{f4ef4468-9bbb-45a​1-a2ce-f0c430a9a7e5}\ not found.
 File E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.) => Infection BT not found.
 Registry value HKEY_USERS\.DEFAULT\Software\M​icrosoft\Internet Explorer\Toolbar\WebBrowser\\{​F4EF4468-9BBB-45A1-A2CE-F0C430​A9A7E5} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{F4EF4468-9BBB-45A​1-A2CE-F0C430A9A7E5}\ not found.
 File E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.) => Infection BT not found.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{E7DF6BFF-55A5-4EB​7-A673-4ED3E9456D39}\ deleted successfully.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{F4EF4468-9BBB-45A​1-A2CE-F0C430A9A7E5}\ not found.
 File E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.) => Infection BT not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{E7DF6BFF-55A5-4EB​7-A673-4ED3E9456D39}\ not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{F4EF4468-9BBB-45A​1-A2CE-F0C430A9A7E5}\ not found.
 File E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.) => Infection BT not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{E7DF6BFF-55A5-4EB​7-A673-4ED3E9456D39}\ not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{F4EF4468-9BBB-45A​1-A2CE-F0C430A9A7E5}\ not found.
 File E:\Program Files\Setuprog\tbSetu.dll (Conduit Ltd.) => Infection BT not found.
 File E:\ProgramData\dsgsdgdsgdsgw.p​ad => Infection Diverse (Exploit.Drop.GSA) not found.
 File E:\ProgramData\dsgsdgdsgdsgw.p​ad => Infection Diverse (Exploit.Drop.GSA) not found.
 File E:\Users\Noirbenne\AppData\Roa​ming\kujytuo.exe => Infection PUP (Virus.Kujytuo) not found.
 File E:\Windows\System32\secustat.d​at => Infection Diverse not found.
 Folder E:\ProgramData\Babylon => Infection BT (Toolbar.Babylon)\ not found.
 File E:\Windows\tasks\GoogleUpdateT​askMachineCore.job => Google Update Task not found.
 File E:\Windows\tasks\GoogleUpdateT​askMachineUA.job => Google Update Task not found.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\URL\Prefixes\\gopher|:gopher:​// /E : value set successfully!
 Registry value HKEY_USERS\.DEFAULT\Software\M​icrosoft\Internet Explorer\URLSearchHooks\\{A3BC​75A2-1F87-4686-AA43-5347D75601​7C} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{A3BC75A2-1F87-468​6-AA43-5347D756017C}\ not found.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{1392b8d2-5c05-419​f-a8f6-b9f15a596612}\ not found.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{22e03916-85c5-44b​0-8dc9-1830c11238d9}\ not found.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{4daac69c-cba7-45e​2-9bc8-1044483d3352}\ not found.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{A3BC75A2-1F87-468​6-AA43-5347D756017C}\ not found.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{ba14329e-9550-498​9-b3f2-9732e92d17cc}\ not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{1392b8d2-5c05-419​f-a8f6-b9f15a596612}\ not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{22e03916-85c5-44b​0-8dc9-1830c11238d9}\ not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{4daac69c-cba7-45e​2-9bc8-1044483d3352}\ not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{A3BC75A2-1F87-468​6-AA43-5347D756017C}\ not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{ba14329e-9550-498​9-b3f2-9732e92d17cc}\ not found.
 Registry key HKEY_USERS\postgres_ON_E\Softw​are\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{22e03916-85c5-44b​0-8dc9-1830c11238d9}\ not found.
 Registry key HKEY_USERS\postgres_ON_E\Softw​are\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{4daac69c-cba7-45e​2-9bc8-1044483d3352}\ not found.
 Registry key HKEY_USERS\postgres_ON_E\Softw​are\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{A3BC75A2-1F87-468​6-AA43-5347D756017C}\ not found.
 Registry key HKEY_USERS\postgres_ON_E\Softw​are\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{ba14329e-9550-498​9-b3f2-9732e92d17cc}\ not found.
 Registry key HKEY_USERS\postgres_ON_E\Softw​are\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{EF99BD32-C1FB-11D​2-892F-0090271D4F88}\ not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{1392b8d2-5c05-419​f-a8f6-b9f15a596612}\ not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{22e03916-85c5-44b​0-8dc9-1830c11238d9}\ not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{4daac69c-cba7-45e​2-9bc8-1044483d3352}\ not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{A3BC75A2-1F87-468​6-AA43-5347D756017C}\ not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{ba14329e-9550-498​9-b3f2-9732e92d17cc}\ not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\URLSearchHooks not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{EF99BD32-C1FB-11D​2-892F-0090271D4F88}\ not found.
 Prefs.js: {1392b8d2-5c05-419f-a8f6-b9f15​a596612}:3.8.1.0 => Toolbar.Conduit removed from extensions.enabledItems
 Registry key HKEY_LOCAL_MACHINE\Software\Mo​zillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,applic​ation/x-avg-sitesafety-plugin\ deleted successfully.
 File E:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.​2.0\\npsitesafety.dll () => Toolbar.AVGSearch not found.
 Folder E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​abvkpc1e.default\extensions\{1​392b8d2-5c05-419f-a8f6-b9f15a5​96612} => Toolbar.Conduit\ not found.
 Folder E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions\{4​daac69c-cba7-45e2-9bc8-1044483​d3352} => Toolbar.Conduit\ not found.
 Folder E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions\{b​a14329e-9550-4989-b3f2-9732e92​d17cc} => Toolbar.Conduit\ not found.
 Folder E:\Users\Noirbenne\AppData\Roa​ming\Mozilla\Firefox\Profiles\​urf9fwfe.default\extensions\en​gine@conduit.com\ not found.
 File E:\Program Files\mozilla firefox\searchplugins\avg-secu​re-search.xml => Toolbar.AVGSearch not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B1​63-73684A933233}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{95B7759C-8C7F-4BF​1-B163-73684A933233}\ deleted successfully.
 File E:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () => Toolbar.AVGSearch not found.
 Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F​7B-F1F7851A4497}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{AE805869-2E5C-4ED​4-8F7B-F1F7851A4497}\ deleted successfully.
 File E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) => Toolbar.Skype not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Internet Explorer\Toolbar\\{95B7759C-8C​7F-4BF1-B163-73684A933233} deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{95B7759C-8C7F-4BF​1-B163-73684A933233}\ not found.
 File E:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () => Toolbar.AVGSearch not found.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{1392B8D2-5C05-419​F-A8F6-B9F15A596612}\ not found.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{30F9B915-B755-482​6-820B-08FBA6BD249D}\ not found.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{4DAAC69C-CBA7-45E​2-9BC8-1044483D3352}\ not found.
 Registry key HKEY_USERS\Noirbenne_ON_E\Soft​ware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{BA14329E-9550-498​9-B3F2-9732E92D17CC}\ not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{1392B8D2-5C05-419​F-A8F6-B9F15A596612}\ not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{30F9B915-B755-482​6-820B-08FBA6BD249D}\ not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{4DAAC69C-CBA7-45E​2-9BC8-1044483D3352}\ not found.
 Registry key HKEY_USERS\postgres.VALOU-PC_O​N_E\Software\Microsoft\Interne​t Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{BA14329E-9550-498​9-B3F2-9732E92D17CC}\ not found.
 Registry key HKEY_USERS\postgres_ON_E\Softw​are\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{30F9B915-B755-482​6-820B-08FBA6BD249D}\ not found.
 Registry key HKEY_USERS\postgres_ON_E\Softw​are\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{4DAAC69C-CBA7-45E​2-9BC8-1044483D3352}\ not found.
 Registry key HKEY_USERS\postgres_ON_E\Softw​are\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{BA14329E-9550-498​9-B3F2-9732E92D17CC}\ not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{1392B8D2-5C05-419​F-A8F6-B9F15A596612}\ not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{30F9B915-B755-482​6-820B-08FBA6BD249D}\ not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{4DAAC69C-CBA7-45E​2-9BC8-1044483D3352}\ not found.
 Registry key HKEY_USERS\UpdatusUser_ON_E\So​ftware\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{BA14329E-9550-498​9-B3F2-9732E92D17CC}\ not found.
 Registry value HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run\\HF_G_Jul deleted successfully.
 File E:\Program Files\AVG Secure Search\HF_G_Jul.exe () => AVG%Secure Search Toolbar not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Extensions\{898EA8C8-​E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{898EA8C8-E7FF-479​B-8935-AEC46303B9E5}\ deleted successfully.
 File E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) => Toolbar.Skype not found.
 File E:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) => Grisoft AVG Internet Security Suite not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\PROTOCOLS\Handler\linksc​anner\ deleted successfully.
 File E:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) => Grisoft AVG Internet Security Suite not found.
 File E:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.​2.0\ViProtocol.dll () => Toolbar.ViProtocol not found.
 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\PROTOCOLS\Handler\viprot​ocol\ deleted successfully.
 File E:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.​2.0\ViProtocol.dll () => Toolbar.ViProtocol not found.
 Folder E:\ProgramData\AVG Secure Search => Toolbar.AVGSearch\ not found.
 Folder E:\ProgramData\AVG Security Toolbar => Toolbar.AVGSearch\ not found.
 ========== COMMANDS ==========
 
 [EMPTYFLASH]
 
 User: All Users
 
 User: Default
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 58264 bytes
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Noirbenne
 ->Temp folder emptied: 491968392 bytes
 ->Temporary Internet Files folder emptied: 1307567122 bytes
 ->Java cache emptied: 410317 bytes
 ->FireFox cache emptied: 31380478 bytes
 ->Google Chrome cache emptied: 352186796 bytes
 ->Flash cache emptied: 58792 bytes
 
 User: postgres
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: postgres.VALOU-PC
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Public
 
 User: UpdatusUser
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 Total Flash Files Cleaned = 2 082,00 mb
 
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Noirbenne
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 344064 bytes
 ->Java cache emptied: 0 bytes
 ->FireFox cache emptied: 0 bytes
 ->Google Chrome cache emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: postgres
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: postgres.VALOU-PC
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Public
 
 User: UpdatusUser
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 676762670 bytes
 
 Total Files Cleaned = 646,00 mb
 
 
 OTLPE by OldTimer - Version 3.1.48.0 log created on 01012013_225239

 Files\Folders moved on Reboot...
 C:\Users\Noirbenne\AppData\Loc​al\Temp\FXSAPIDebugLogFile.txt moved successfully.

 Registry entries deleted on Reboot...

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 02/01/2013 à 00:11:37  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok :super: essai de de-mare normalement si ça marche pas mode sens échec  

 ensuite

 Télécharge et installeMalwarebytes' Anti-Malware (MBAM).

 Exécute-le. Accepte la mise à jour.

 Sélectionne "Exécuter un examen complet"
 Clique sur "Rechercher"
 L'analyse démarre, le scan est relativement long, c'est normal.

 A la fin de l'analyse, un message s'affiche :

 PS :>>>

 L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

 Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
 Ferme tes navigateurs.
 Si des malwares ont été détectés, clique sur Afficher les résultats.
 Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
 MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse : ferme-le.

 Si MBAM demande à redémarrer le pc : > fais-le.

 Au redémarrage, relance MBAM, onglet "Rapport/Logs", copie/colle celui qui correspond à l'analyse effectuée.



votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 02/01/2013 à 00:27:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
En cours. Parcontre je n'ai pas pu faire la maj vu que je n'ai toujours pas accès à internet.

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 02/01/2013 à 00:34:54  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ok le scan MBAM,tu le fait mode sans échec ou normal ?

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 02/01/2013 à 00:38:12  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
En mode normal. Et pour le moment 1 élement détecté

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 02/01/2013 à 00:40:20  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
OK :super:

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 02/01/2013 à 00:55:38  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 02/01/2013 à 01:07:53  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Oui c'est bien moi, pourquoi on a pas le droit de poster sur plusieurs forums? J'avoue que je n'ai pas lu la chartre avant de confirmait.

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 02/01/2013 à 01:10:40  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
j'essaye de réparer la connexion internet !  Windows 7 ?

 As-tu vérifié les options d'alimentation de ta carte réseau ?

 Avec ou sans fil ?  connexion  wifi ? ou pas ?

 TUTO ici -> http://www.siteduzero.com/tuto [...] ows-7.html

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 02/01/2013 à 01:12:50  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
normalement non !!!  :/  en plus je connais Electricien 69

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 02/01/2013 à 01:13:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Je suis en clef wifi.

 p.s: en effet le scan est long  :)

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 02/01/2013 à 01:15:18  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Ah désolé alors :/, je voulais vite résoudre ce problème et je pensais pas que l'on me répondrais si rapidement alors j'ai posté sur plusieurs forum et une fois que tu m'a répondu j'ai voulu supprimer mais je ne crois pas que ce soit possible bizarrement.

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 02/01/2013 à 01:26:04  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
oui scan  MBAM est long  :)

 un fois fini tu mes [résolu] ici et là http://www.siteduzero.com/tuto [...] ows-7.html

 regarde ici http://www.commentcamarche.net [...] ant-resolu

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 02/01/2013 à 01:26:50  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
:hurle: bon ben j'ai fais une grosse boulette j'ai été voir dans Centre réseau et partage et il m'affiché un message comme quoi le service n'été pas activé et je me suis souvenu que j'avais essayer de désactiver des programmes avec la commande msconfig et je me suis dit que c'était peut etre à cause de sa alors du coup j'ai tout réactivé et le virus est revenu et à tout bloquer de nouveau... Donc je vais refaire toutes les opérations et je posterai le scan de mbam dans plusieurs heures.

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 02/01/2013 à 01:28:11  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
En tout cas merci de ton aide et de ta compréhension camarade !  :super:  :)

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 02/01/2013 à 01:37:39  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
haaaaaaaa  :/  

 on va faire plus simple fais ceci http://www.commentcamarche.net [...] -windows-7

 prendre les dates que vous pensez que vous n'avez pas le problème sur le PC !

sam06400
Débutant confirmé (de 1 000 à 4 999 messages postés)
  1. Posté le 02/01/2013 à 01:39:53  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
allez courage a domain souare bon nuit :sleep:

votou
Présent de temps en temps (De 50 à 99 messages postés)
  1. Posté le 02/01/2013 à 01:41:37  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Ok mais je ne peux plus accéder au menu démarrer(que ce soit en mode normal ou prise en charge du réseau) comme au début de mon problème et je n'ai jamais créer de point de restauration et il me semble que j'ai déjà testé avant de posté une solution similaire sans succès me disant que aucun point de restauration n'est disponible.

 Page :
1  2  3
Dernière Page
Page Suivante
Page Précédente
Première Page

Aller à :
 

Sujets relatifs
Virus Win32:Malware-gen détecté [résolu] virus Java JAVA
Virus Ukash - gendarmerie nationale [résolu] Invasion virus, plus de connection internet! (RESOLU)
comment supprimer les restes du firewall COMODO dans le registre? [Résolu] virus sur windows seven pas netoyable ? avast plante!
virus ou autre ? malgrès le blocage trafic internet continue  
Plus de sujets relatifs à : Virus ukash sous seven [résolu]

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
"searchresult"[résolu] 8
Laptop démarrage lent et fan tourne plus souvent 19
impossible d'installer un antivirus sur pc Windows XP 27
[résolu] Aide pour supprimer iLivid 30
[résolu]Kaspersky notification pub non-stop 10