Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business
  


  


  virus hadopi

 

PRODUITS : sesostris SECURITE : eml44 et 192 utilisateurs inconnus
Ajouter une réponse

 Mot :  Pseudo :  
Vider la liste des messages à citer  
 Page :
1
Auteur
 Sujet :

virus hadopi

Prévenir les modérateurs en cas d'abus 
n°571628
cirdec1
Posté le 12-03-2013 à 23:07:49  answer
Prévenir les modérateurs en cas d'abus
 

bonsoir,

 j'ai été contaminé par le virus hadopi.
 j'ai essayé de graver OTLPE comme solution possible indiquée

 mais impossible de démarrer l'ordi avec le cd gravé

 j'ai besoin de votre aide

 merci d'avance




n°766907
dédétraqué
Profil : Equipe sécurité
Posté le 12-03-2013 à 23:20:28  answer
Prévenir les modérateurs en cas d'abus
 

Salut cirdec1


 Dans le bios sata mode en ahci qu'il faut passer en compatibility ou IDE :

 sata-controller-mode

 Après cela tu devrais être bon pour démarrer sur le CD.


 @++   :)

n°766908
cirdec1
Posté le 13-03-2013 à 19:11:03  answer
Prévenir les modérateurs en cas d'abus
 

voila le resultat : c est tres long

 OTL logfile created on: 3/13/2013 12:51:23 PM - Run
 OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
 64bit-Windows 7 Home Premium  (Version = 6.1.7600) - Type = System
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
 Drive C: | 917.84 Gb Total Space | 666.93 Gb Free Space | 72.66% Space Free | Partition Type: NTFS
 Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
 Computer Name: REATOGO | User Name: SYSTEM
 Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 Using ControlSet: ControlSet001
 
 ========== Win32 Services (SafeList) ==========
 
 SRV:64bit: - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
 SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 SRV:64bit: - [2008/05/29 04:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) [Auto] -- C:\Windows\System32\HidService​.exe -- (GenericHidService)
 SRV - [2013/02/26 17:16:50 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\F​lash\FlashPlayerUpdateService.​exe -- (AdobeFlashPlayerUpdateSvc)
 SRV - [2013/02/21 15:34:34 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe​ -- (MozillaMaintenance)
 SRV - [2013/01/08 07:53:48 | 000,161,536 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files (x86)\Skype\Updater\Updater.ex​e -- (SkypeUpdate)
 SRV - [2012/10/10 16:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
 SRV - [2012/10/02 08:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
 SRV - [2012/06/06 07:18:50 | 000,100,864 | ---- | M] (Freemake) [Auto] -- C:\ProgramData\Freemake\Freema​keUtilsService\FreemakeUtilsSe​rvice.exe -- (Freemake Improver)
 SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Frame​work\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_3​2)
 SRV - [2010/03/18 05:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
 SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_3​2)
 SRV - [2009/04/27 23:34:46 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.​exe -- (FLEXnet Licensing Service)
 SRV - [2008/05/29 04:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) [Auto] -- C:\Windows\SysWow64\HidService​.exe -- (GenericHidService)
 SRV - [2007/09/10 18:45:04 | 000,124,832 | ---- | M] () [Auto] -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent​.exe -- (AdobeActiveFileMonitor6.0)
 SRV - [2006/12/19 03:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto] -- C:\Windows\SysWOW64\IoctlSvc.e​xe -- (PLFlash DeviceIoControl Service)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV:64bit: - [2012/10/30 18:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\System32\drivers\as​wMonFlt.sys -- (aswMonFlt)
 DRV:64bit: - [2012/10/15 12:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\System32\Drivers\as​wrdr2.sys -- (aswRdr)
 DRV:64bit: - [2010/07/12 14:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\Px​Hlpa64.sys -- (PxHlpa64)
 DRV:64bit: - [2009/11/12 00:14:30 | 000,084,584 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nv​hda64v.sys -- (NVHDA)
 DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.​mof -- (Ntfs)
 DRV:64bit: - [2009/06/10 16:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nv​m62x64.sys -- (NVENETFD)
 DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\ev​bda.sys -- (ebdrv)
 DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\bx​vbda.sys -- (b06bdrv)
 DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b5​7nd60a.sys -- (b57nd60a)
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://homepage.packardbell.co [...] edia_s1710
 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = %SystemRoot%\system32\blank.ht​m
 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://www.searchya.com/?f=1&a [...] 24&ir=
 
 
 IE - HKU\.DEFAULT\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 
 
 
 
 IE - HKU\User_ON_C\Software\Microso​ft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?pub [...] archTerms}
 IE - HKU\User_ON_C\Software\Microso​ft\Internet Explorer\Main,SearchDefaultBranded = 1
 IE - HKU\User_ON_C\Software\Microso​ft\Internet Explorer\Main,Start Page = http://fr.msn.com/?pc=UP22& [...] ;dt=011213
 IE - HKU\User_ON_C\Software\Microso​ft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
 IE - HKU\User_ON_C\Software\Microso​ft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
 IE - HKU\User_ON_C\Software\Microso​ft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 25 E1 8B F2 E0 CD 01  [binary data]
 IE - HKU\User_ON_C\Software\Microso​ft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?pub [...] archTerms}
 IE - HKU\User_ON_C\Software\Microso​ft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?pub [...] archTerms}
 IE - HKU\User_ON_C\Software\Microso​ft\Windows\CurrentVersion\Inte​rnet Settings: "ProxyEnable" = 0
 IE - HKU\User_ON_C\Software\Microso​ft\Windows\CurrentVersion\Inte​rnet Settings: "ProxyOverride" = <local>
 
 ========== FireFox ==========
 
 
 FF:64bit: - HKLM\Software\MozillaPlugins\@​microsoft.com/GENUINE:  File not found
 FF:64bit: - HKLM\Software\MozillaPlugins\@​Microsoft.com/NpCtrl,version=1​.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl​.dll ( Microsoft Corporation)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@google.com/npPicas​a3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3​.dll (Google, Inc.)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@java.com/JavaPlugi​n: C:\Program Files (x86)\Java\jre6\bin\new_plugin​\npjp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@microsoft.com/GENU​INE:  File not found
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@Microsoft.com/NpCt​rl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl​.dll ( Microsoft Corporation)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@microsoft.com/WLPG​,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@microsoft.com/WLPG​,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@microsoft.com/WPF,​version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@nvidia.com/3DVisio​n: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@nvidia.com/3DVisio​nStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@real.com/nppl3260;​version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape​6\nppl3260.dll (RealNetworks, Inc.)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@real.com/nprjplug;​version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape​6\nprjplug.dll (RealNetworks, Inc.)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@real.com/nprpchrom​ebrowserrecordext;version=15.0​.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@real.com/nprphtml5​videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@real.com/nprpplugi​n;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape​6\nprpplugin.dll (RealPlayer)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@tools.google.com/G​oogle Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135​\npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@tools.google.com/G​oogle Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135​\npGoogleUpdate3.dll (Google Inc.)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@videolan.org/vlc,v​ersion=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\@videolan.org/vlc,v​ersion=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 FF - HKLM\Software\Wow6432Node\Mozi​llaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 FF - HKEY_LOCAL_MACHINE\software\wo​w6432node\mozilla\Firefox\Exte​nsions\\fmconverter@gmail.com:​ C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefo​x\ [2012/09/01 08:39:02 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\wo​w6432node\mozilla\Firefox\Exte​nsions\\{0153E448-190B-4987-BD​E1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/15 15:36:12 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\wo​w6432node\mozilla\Firefox\Exte​nsions\\{97E22097-9A2F-45b1-8D​AF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/15 15:36:12 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\wo​w6432node\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components:​ C:\Program Files (x86)\Mozilla Thunderbird\components [2013/02/21 15:34:25 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\wo​w6432node\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013/02/21 15:34:29 | 000,000,000 | ---D | M]
 FF - HKEY_CURRENT_USER\software\moz​illa\Mozilla Thunderbird 17.0.3\extensions\\Components:​ C:\Program Files (x86)\Mozilla Thunderbird\components [2013/02/21 15:34:25 | 000,000,000 | ---D | M]
 FF - HKEY_CURRENT_USER\software\moz​illa\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013/02/21 15:34:29 | 000,000,000 | ---D | M]
 
 [2010/12/18 18:17:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\​Mozilla\Extensions
 [2010/10/04 13:18:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\​Mozilla\Extensions\{3550f703-e​582-4d05-9a08-453d09bdfdc6}
 File not found (No name found) --
 () (No name found) -- C:\USERS\USER\APPDATA\ROAMING\​THUNDERBIRD\PROFILES\HVQ41SU0.​DEFAULT\EXTENSIONS\TBTESTPILOT​@LABS.MOZILLA.COM.XPI
 
 O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\et​c\hosts
 O1 - Hosts: 127.0.0.1       localhost
 O1 - Hosts: ::1             localhost
 O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F1​0CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.​dll (AVAST Software)
 O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695E​CA05670} - No CLSID value found.
 O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C091​46192CA} - C:\ProgramData\Real\RealPlayer​\BrowserRecordPlugin\IE\rpbrow​serrecordplugin.dll (RealPlayer)
 O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F0​0898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dl​l (AVAST Software)
 O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-00132​0C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
 O2 - BHO: (TBSB05488 Class) - {FCBCCB87-9224-4B8D-B117-F56D9​24BEB18} - C:\Program Files (x86)\ShoppingBarreEbuyClub\tb​core3.dll ()
 O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4​151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dl​l (Yontoo LLC)
 O3:64bit: - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F​10CA4CF5} - No CLSID value found.
 O3:64bit: - HKLM\..\Toolbar: (no name) - !{ae07101b-46d4-4a98-af68-0333​ea26e113} - No CLSID value found.
 O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
 O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F1​0CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.​dll (AVAST Software)
 O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
 O3 - HKLM\..\Toolbar: (no name) - !{318A227B-5E9F-45bd-8999-7F8F​10CA4CF5} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (no name) - !{ae07101b-46d4-4a98-af68-0333​ea26e113} - No CLSID value found.
 O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F0​0898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dl​l (AVAST Software)
 O3 - HKLM\..\Toolbar: (eBuyClub) - {B00A2A69-AEB9-4466-A3D3-D965C​CF868B6} - C:\Program Files (x86)\ShoppingBarreEbuyClub\tb​core3.dll ()
 O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-00132​0C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
 O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
 O3:64bit: - HKU\User_ON_C\..\Toolbar\WebBr​owser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-00902​7A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
 O3 - HKU\User_ON_C\..\Toolbar\WebBr​owser: (eBuyClub) - {B00A2A69-AEB9-4466-A3D3-D965C​CF868B6} - C:\Program Files (x86)\ShoppingBarreEbuyClub\tb​core3.dll ()
 O3 - HKU\User_ON_C\..\Toolbar\WebBr​owser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-00132​0C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Interne​t Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
 O4:64bit: - HKLM..\Run: [FijiKeyboard] C:\ACER\Preload\Autorun\DRV\Fi​ji Keyboard\ABoard.exe (Packard Bell BV)
 O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl​64.exe (Realtek Semiconductor)
 O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel​.exe (Realtek Semiconductor Corp.)
 O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
 O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
 O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
 O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
 O4 - HKLM..\Run: [offerbox]  File not found
 O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\Swe​etPacksUpdateManager.exe (SweetIM Technologies Ltd.)
 O4 - HKLM..\Run: [TkBellExe] C:\program files (x86)\real\realplayer\Update\r​ealsched.exe (RealNetworks, Inc.)
 O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
 O4 - HKU\NetworkService_ON_C..\Run:​ [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
 O4 - HKU\UpdatusUser_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
 O4 - HKU\User_ON_C..\Run: [SkyDrive] C:\Users\User\AppData\Local\Mi​crosoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
 O4 - HKU\User_ON_C..\Run: [SmpcSys] C:\Program Files (x86)\Packard Bell\SetUpMyPC\SmpSys.exe (Acer Incorporated)
 O4 - HKU\LocalService_ON_C..\RunOnc​e: [mctadmin]  File not found
 O4 - HKU\NetworkService_ON_C..\RunO​nce: [mctadmin]  File not found
 O4 - HKU\UpdatusUser_ON_C..\RunOnce​: [mctadmin]  File not found
 O4 - Startup: C:\Users\User\AppData\Roaming\​Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ()
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoActiveDesktop = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoActiveDesktopChanges = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ConsentPromptBehaviorAdmin = 5
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ConsentPromptBehaviorUser = 3
 O9 - Extra Button: eBuyClub - {B00A2A69-AEB9-4466-A3D3-D965C​CF868B6} - C:\Program Files (x86)\ShoppingBarreEbuyClub\tb​core3.dll ()
 O9 - Extra 'Tools' menuitem : eBuyClub - {B00A2A69-AEB9-4466-A3D3-D965C​CF868B6} - C:\Program Files (x86)\ShoppingBarreEbuyClub\tb​core3.dll ()
 O13:64bit: - gopher Prefix: missing
 O13 - gopher Prefix: missing
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_29)
 O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_29)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_29)
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} http://fpdownload2.macromedia. [...] wflash.cab (Shockwave Flash Object)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305​202313F} - Reg Error: Key error. File not found
 O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F​8105754} - Reg Error: Key error. File not found
 O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305​202313F} - Reg Error: Key error. File not found
 O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C​7DD7F5D} - Reg Error: Key error. File not found
 O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7B​E1653C0} - Reg Error: Key error. File not found
 O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89​B8E6324} - Reg Error: Key error. File not found
 O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1​\datamngr.dll) -  File not found
 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.e​xe) - C:\Windows\System32\SystemProp​ertiesPerformance.exe (Microsoft Corporation)
 O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.e​xe (Microsoft Corporation)
 O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
 O20 - HKU\User_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.e​xe (Microsoft Corporation)
 O20 - HKU\User_ON_C Winlogon: Shell - (C:\Users\User\AppData\Roaming​\skype.dat) - C:\Users\User\AppData\Roaming\​skype.dat (Exg3JD2MJp)
 O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA0​05127ED} - CLSID or File not found.
 O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA0​05127ED} - CLSID or File not found.
 O24 - Desktop WallPaper:
 O24 - Desktop BackupWallPaper:
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
 O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
 64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
 64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
 O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
 O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 
 
 SafeBootMin:64bit: AppMgmt - Service
 SafeBootMin:64bit: Base - Driver Group
 SafeBootMin:64bit: Boot Bus Extender - Driver Group
 SafeBootMin:64bit: Boot file system - Driver Group
 SafeBootMin:64bit: File system - Driver Group
 SafeBootMin:64bit: Filter - Driver Group
 SafeBootMin:64bit: HelpSvc - Service
 SafeBootMin:64bit: PCI Configuration - Driver Group
 SafeBootMin:64bit: PNP Filter - Driver Group
 SafeBootMin:64bit: Primary disk - Driver Group
 SafeBootMin:64bit: sacsvr - Service
 SafeBootMin:64bit: SCSI Class - Driver Group
 SafeBootMin:64bit: System Bus Extender - Driver Group
 SafeBootMin:64bit: vmms - Service
 SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
 SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 SafeBootMin: AppMgmt - Service
 SafeBootMin: Base - Driver Group
 SafeBootMin: Boot Bus Extender - Driver Group
 SafeBootMin: Boot file system - Driver Group
 SafeBootMin: File system - Driver Group
 SafeBootMin: Filter - Driver Group
 SafeBootMin: HelpSvc - Service
 SafeBootMin: PCI Configuration - Driver Group
 SafeBootMin: PNP Filter - Driver Group
 SafeBootMin: Primary disk - Driver Group
 SafeBootMin: sacsvr - Service
 SafeBootMin: SCSI Class - Driver Group
 SafeBootMin: System Bus Extender - Driver Group
 SafeBootMin: vmms - Service
 SafeBootMin: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootMin: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootMin: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootMin: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootMin: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootMin: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootMin: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 SafeBootNet:64bit: AppMgmt - Service
 SafeBootNet:64bit: Base - Driver Group
 SafeBootNet:64bit: Boot Bus Extender - Driver Group
 SafeBootNet:64bit: Boot file system - Driver Group
 SafeBootNet:64bit: File system - Driver Group
 SafeBootNet:64bit: Filter - Driver Group
 SafeBootNet:64bit: HelpSvc - Service
 SafeBootNet:64bit: Messenger - Service
 SafeBootNet:64bit: NDIS Wrapper - Driver Group
 SafeBootNet:64bit: NetBIOSGroup - Driver Group
 SafeBootNet:64bit: NetDDEGroup - Driver Group
 SafeBootNet:64bit: Network - Driver Group
 SafeBootNet:64bit: NetworkProvider - Driver Group
 SafeBootNet:64bit: PCI Configuration - Driver Group
 SafeBootNet:64bit: PNP Filter - Driver Group
 SafeBootNet:64bit: PNP_TDI - Driver Group
 SafeBootNet:64bit: Primary disk - Driver Group
 SafeBootNet:64bit: rdsessmgr - Service
 SafeBootNet:64bit: sacsvr - Service
 SafeBootNet:64bit: SCSI Class - Driver Group
 SafeBootNet:64bit: Streams Drivers - Driver Group
 SafeBootNet:64bit: System Bus Extender - Driver Group
 SafeBootNet:64bit: TDI - Driver Group
 SafeBootNet:64bit: vmms - Service
 SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
 SafeBootNet:64bit: WudfUsbccidDriver - Driver
 SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002​BE10318} - Net
 SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002​BE10318} - NetClient
 SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002​BE10318} - NetService
 SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002​BE10318} - NetTrans
 SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F​805F530} - Smart card readers
 SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 SafeBootNet: AppMgmt - Service
 SafeBootNet: Base - Driver Group
 SafeBootNet: Boot Bus Extender - Driver Group
 SafeBootNet: Boot file system - Driver Group
 SafeBootNet: File system - Driver Group
 SafeBootNet: Filter - Driver Group
 SafeBootNet: HelpSvc - Service
 SafeBootNet: Messenger - Service
 SafeBootNet: NDIS Wrapper - Driver Group
 SafeBootNet: NetBIOSGroup - Driver Group
 SafeBootNet: NetDDEGroup - Driver Group
 SafeBootNet: Network - Driver Group
 SafeBootNet: NetworkProvider - Driver Group
 SafeBootNet: PCI Configuration - Driver Group
 SafeBootNet: PNP Filter - Driver Group
 SafeBootNet: PNP_TDI - Driver Group
 SafeBootNet: Primary disk - Driver Group
 SafeBootNet: rdsessmgr - Service
 SafeBootNet: sacsvr - Service
 SafeBootNet: SCSI Class - Driver Group
 SafeBootNet: Streams Drivers - Driver Group
 SafeBootNet: System Bus Extender - Driver Group
 SafeBootNet: TDI - Driver Group
 SafeBootNet: vmms - Service
 SafeBootNet: WudfUsbccidDriver - Driver
 SafeBootNet: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootNet: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootNet: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootNet: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootNet: {4D36E972-E325-11CE-BFC1-08002​BE10318} - Net
 SafeBootNet: {4D36E973-E325-11CE-BFC1-08002​BE10318} - NetClient
 SafeBootNet: {4D36E974-E325-11CE-BFC1-08002​BE10318} - NetService
 SafeBootNet: {4D36E975-E325-11CE-BFC1-08002​BE10318} - NetTrans
 SafeBootNet: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootNet: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F​805F530} - Smart card readers
 SafeBootNet: {533C5B84-EC70-11D2-9505-00C04​F79DEAF} - Volume shadow copy
 SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002​BE2092F} - IEEE 1394 Bus host controllers
 SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04​FA372A7} - SBP2 IEEE 1394 Devices
 SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7​D41B0E6} - SecurityDevices
 
 ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c​74c7e95} - Microsoft Windows Media Player 12.0
 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508​C9228ED} - %SystemRoot%\system32\regsvr32​.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.​dll
 ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f​8051515} - Offline Browsing Pack
 ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA0​0B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
 ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA0​0B6015F} - DirectDrawEx
 ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f​8051515} - Internet Explorer Help
 ActiveX:64bit: {4f645220-306d-11d2-995d-00c04​f98bbc9} - Microsoft Windows Script 5.6
 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04​f98bbc9} - Internet Explorer Setup Tools
 ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04​f98bbc9} - Browsing Enhancements
 ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04​F79FAA6} - Microsoft Windows Media Player
 ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04​f98bbc9} - MSN Site Access
 ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04​FA35D02} - Address Book 7
 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA0​05B4340} - regsvr32.exe /s /n /i:U shell32.dll
 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA0​05B4383} - C:\Windows\System32\ie4uinit.e​xe -BaseSettings
 ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476D​BF70820} - C:\Windows\system32\Rundll32.e​xe C:\Windows\system32\mscories.dll,Install
 ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA0​0B911A5} - Dynamic HTML Data Binding
 ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-44455​3540600} - Internet Explorer Core Fonts
 ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04​f98bbc9} - HTML Help
 ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F​87A369E} - Active Directory Service Interface
 ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B​63FC7B4} - .NET Framework
 ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A​6C9E703} - .NET Framework
 ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080​c74c7e95} - %SystemRoot%\system32\unregmp2​.exe /ShowWMP
 ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de46​0746276c} - C:\Windows\System32\ie4uinit.e​xe -UserIconConfig
 ActiveX:64bit: >{365a36be-a463-4137-b21c-d91d​1227273b} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c​74c7e95} - Microsoft Windows Media Player 12.0
 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508​C9228ED} - %SystemRoot%\system32\regsvr32​.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.​dll
 ActiveX: {3af36230-a269-11d1-b5bf-0000f​8051515} - Offline Browsing Pack
 ActiveX: {44BBA840-CC51-11CF-AAFA-00AA0​0B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
 ActiveX: {44BBA855-CC51-11CF-AAFA-00AA0​0B6015F} - DirectDrawEx
 ActiveX: {45ea75a0-a269-11d1-b5bf-0000f​8051515} - Internet Explorer Help
 ActiveX: {4f645220-306d-11d2-995d-00c04​f98bbc9} - Microsoft Windows Script 5.6
 ActiveX: {5fd399c0-a70a-11d1-9948-00c04​f98bbc9} - Internet Explorer Setup Tools
 ActiveX: {630b1da0-b465-11d1-9948-00c04​f98bbc9} - Browsing Enhancements
 ActiveX: {6BF52A52-394A-11d3-B153-00C04​F79FAA6} - Microsoft Windows Media Player
 ActiveX: {6fab99d0-bab8-11d1-994a-00c04​f98bbc9} - MSN Site Access
 ActiveX: {7790769C-0471-11d2-AF11-00C04​FA35D02} - Address Book 7
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4340} - regsvr32.exe /s /n /i:U shell32.dll
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4383} - C:\Windows\System32\ie4uinit.e​xe -BaseSettings
 ActiveX: {89B4C1CD-B018-4511-B0A1-5476D​BF70820} - C:\Windows\system32\Rundll32.e​xe C:\Windows\system32\mscories.dll,Install
 ActiveX: {9381D8F2-0288-11D0-9501-00AA0​0B911A5} - Dynamic HTML Data Binding
 ActiveX: {C9E9A340-D1F1-11D0-821E-44455​3540600} - Internet Explorer Core Fonts
 ActiveX: {de5aed00-a4bf-11d1-9948-00c04​f98bbc9} - HTML Help
 ActiveX: {E92B03AB-B707-11d2-9CBD-0000F​87A369E} - Active Directory Service Interface
 ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B​63FC7B4} - .NET Framework
 ActiveX: {FEBEF00C-046D-438D-8A88-BF94A​6C9E703} - .NET Framework
 ActiveX: >{22d6f312-b0f6-11d0-94ab-0080​c74c7e95} - %SystemRoot%\system32\unregmp2​.exe /ShowWMP
 ActiveX: >{26923b43-4d38-484f-9b9e-de46​0746276c} - C:\Windows\System32\ie4uinit.e​xe -UserIconConfig
 ActiveX: >{365a36be-a463-4137-b21c-d91d​1227273b} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
 Drivers32:64bit: aux - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: midi - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: midi1 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: midi2 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: midi3 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: midi4 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: midimapper - C:\Windows\System32\midimap.dl​l (Microsoft Corporation)
 Drivers32:64bit: mixer - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: mixer1 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: mixer2 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: mixer3 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: mixer4 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: msacm.imaadpcm - C:\Windows\System32\imaadp32.a​cm (Microsoft Corporation)
 Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.a​cm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32:64bit: msacm.msadpcm - C:\Windows\System32\msadp32.ac​m (Microsoft Corporation)
 Drivers32:64bit: msacm.msg711 - C:\Windows\System32\msg711.acm​ (Microsoft Corporation)
 Drivers32:64bit: msacm.msgsm610 - C:\Windows\System32\msgsm32.ac​m (Microsoft Corporation)
 Drivers32:64bit: vidc.i420 - C:\Windows\System32\iyuv_32.dl​l (Microsoft Corporation)
 Drivers32:64bit: vidc.iyuv - C:\Windows\System32\iyuv_32.dl​l (Microsoft Corporation)
 Drivers32:64bit: vidc.mrle - C:\Windows\System32\msrle32.dl​l (Microsoft Corporation)
 Drivers32:64bit: vidc.msvc - C:\Windows\System32\msvidc32.d​ll (Microsoft Corporation)
 Drivers32:64bit: vidc.uyvy - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
 Drivers32:64bit: vidc.yuy2 - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
 Drivers32:64bit: vidc.yvu9 - C:\Windows\System32\tsbyuv.dll​ (Microsoft Corporation)
 Drivers32:64bit: vidc.yvyu - C:\Windows\System32\msyuv.dll (Microsoft Corporation)
 Drivers32:64bit: wave - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: wave1 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: wave2 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: wave3 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: wave4 - C:\Windows\System32\wdmaud.drv​ (Microsoft Corporation)
 Drivers32:64bit: wavemapper - C:\Windows\System32\msacm32.dr​v (Microsoft Corporation)
 Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.a​cm (Fraunhofer Institut Integrierte Schaltungen IIS)
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2013/02/21 15:34:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
 [2013/02/13 17:35:16 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.d​ll
 [2013/02/13 17:35:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.d​ll
 [2013/02/13 17:35:15 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
 [2013/02/13 17:35:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
 [2013/02/13 17:35:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
 [2013/02/13 17:35:15 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.ex​e
 [2013/02/13 17:35:15 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.ex​e
 [2013/02/13 17:35:14 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cp​l
 [2013/02/13 17:35:14 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
 [2013/02/13 17:35:13 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.d​ll
 [2013/02/13 17:35:13 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cp​l
 [2013/02/13 17:35:13 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dl​l
 [2013/02/13 17:35:13 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dl​l
 [2013/02/13 17:35:10 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.d​ll
 [2013/02/13 17:35:10 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dl​l
 [2013/02/13 17:35:10 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dl​l
 [2013/02/13 17:35:10 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.d​ll
 [2013/02/13 09:26:15 | 005,500,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.e​xe
 [2013/02/13 09:26:13 | 003,957,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.e​xe
 [2013/02/13 09:26:13 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.e​xe
 [2013/02/13 09:26:04 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.d​ll
 [2013/02/13 09:26:04 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KernelBase​.dll
 [2013/02/13 09:26:04 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow64win.d​ll
 [2013/02/13 09:26:04 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.ex​e
 [2013/02/13 09:26:04 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll​
 [2013/02/13 09:26:03 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow64.dll
 [2013/02/13 09:26:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.ex​e
 [2013/02/13 09:26:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntvdm64.dl​l
 [2013/02/13 09:26:03 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dl​l
 [2013/02/13 09:26:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe​
 [2013/02/13 09:26:03 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
 [2013/02/13 09:26:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-libraryloader-l1-1-0.dll​
 [2013/02/13 09:26:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-libraryloader-l1-1-0.dll​
 [2013/02/13 09:26:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow64cpu.d​ll
 [2013/02/13 09:26:02 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-security-base-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-file-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-file-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-processthreads-l1-1-0.dl​l
 [2013/02/13 09:26:02 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-processthreads-l1-1-0.dl​l
 [2013/02/13 09:26:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-sysinfo-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-sysinfo-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-synch-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-synch-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-rtlsupport-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-xstate-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-util-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-string-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-string-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-rtlsupport-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-profile-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-profile-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-datetime-l1-1-0.dll
 [2013/02/13 09:26:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-datetime-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-security-base-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-threadpool-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-threadpool-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-misc-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-localregistry-l1-1-0.dll​
 [2013/02/13 09:26:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-localregistry-l1-1-0.dll​
 [2013/02/13 09:26:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-localization-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-localization-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-xstate-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-processenvironment-l1-1-​0.dll
 [2013/02/13 09:26:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-processenvironment-l1-1-​0.dll
 [2013/02/13 09:26:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-namedpipe-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-namedpipe-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-misc-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-memory-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-memory-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-interlocked-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-heap-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-heap-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-util-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-io-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-io-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-interlocked-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-handle-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-handle-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-fibers-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-fibers-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-errorhandling-l1-1-0.dll​
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-errorhandling-l1-1-0.dll​
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-delayload-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-delayload-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-debug-l1-1-0.dll
 [2013/02/13 09:26:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-debug-l1-1-0.dll
 [2013/02/13 09:26:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win​-core-console-l1-1-0.dll
 [2013/02/13 09:26:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win​-core-console-l1-1-0.dll
 [2013/02/13 09:26:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
 [2013/02/13 09:25:58 | 000,287,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FW​PKCLNT.SYS
 [2012/01/11 01:39:46 | 000,081,408 | ---- | C] (Exg3JD2MJp) -- C:\Users\User\AppData\Roaming\​skype.dat
 [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files - Modified Within 30 Days ==========
 
 [2013/03/11 17:12:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2013/03/11 17:12:54 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-5P-​1.C7483456-A289-439d-8115-6016​32D005A0
 [2013/03/11 17:12:53 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-3​76B-497e-B012-9C450E1B7327-5P-​0.C7483456-A289-439d-8115-6016​32D005A0
 [2013/03/11 17:12:35 | 000,000,004 | ---- | M] () -- C:\Users\User\AppData\Roaming\​skype.ini
 [2013/03/11 17:09:41 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineCore.job
 [2013/03/11 17:07:57 | 3220,623,360 | -HS- | M] () -- C:\hiberfil.sys
 [2013/03/11 16:35:42 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askMachineUA.job
 [2013/03/11 16:35:05 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
 [2013/03/06 10:27:19 | 000,016,412 | ---- | M] () -- C:\Users\User\Documents\RBT ALP.ods
 [2013/02/26 17:16:48 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlaye​rApp.exe
 [2013/02/26 17:16:48 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlaye​rCPLApp.cpl
 [2013/02/22 10:56:44 | 000,001,963 | ---- | M] () -- C:\Users\User\AppData\Roaming\​Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
 [2013/02/14 13:03:06 | 000,369,624 | ---- | M] () -- C:\Windows\System32\FNTCACHE.D​AT
 [2013/02/13 17:38:36 | 000,704,464 | ---- | M] () -- C:\Windows\System32\perfh00C.d​at
 [2013/02/13 17:38:36 | 000,616,032 | ---- | M] () -- C:\Windows\System32\perfh009.d​at
 [2013/02/13 17:38:36 | 000,130,770 | ---- | M] () -- C:\Windows\System32\perfc00C.d​at
 [2013/02/13 17:38:36 | 000,106,412 | ---- | M] () -- C:\Windows\System32\perfc009.d​at
 [2013/02/13 10:28:37 | 000,002,441 | ---- | M] () -- C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Adobe Reader 9.lnk
 [2013/02/13 10:28:37 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
 [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
 ========== Files Created - No Company Name ==========
 
 [2013/03/10 17:54:04 | 000,000,004 | ---- | C] () -- C:\Users\User\AppData\Roaming\​skype.ini
 [2013/03/01 10:25:35 | 000,016,412 | ---- | C] () -- C:\Users\User\Documents\RBT ALP.ods
 [2012/12/26 17:41:20 | 000,150,889 | ---- | C] () -- C:\Users\User\AppData\Local\sp​eeddial.crx
 [2012/08/16 09:08:01 | 000,000,268 | RH-- | C] () -- C:\ProgramData\SupportPrinters​
 [2012/08/16 09:08:01 | 000,000,268 | RH-- | C] () -- C:\Users\User\AppData\Roaming\​String Comparison
 [2012/08/16 09:08:01 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
 [2012/08/16 09:08:00 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Super Strings
 [2012/08/16 09:08:00 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Strings
 [2012/08/16 09:08:00 | 000,000,268 | RH-- | C] () -- C:\Users\User\AppData\Roaming\​Stingers
 [2012/08/16 09:08:00 | 000,000,268 | RH-- | C] () -- C:\Users\User\AppData\Roaming\​StatusSheet
 [2012/08/16 09:08:00 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
 [2012/08/16 09:08:00 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
 [2010/12/31 11:20:27 | 000,005,632 | ---- | C] () -- C:\Users\User\AppData\Local\DC​BC2A71-70D8-4DAN-EHR8-E0D61DEA​3FDF.ini
 [2010/10/05 08:07:11 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
 [2010/10/04 13:18:06 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
 [2010/09/28 06:36:31 | 000,007,867 | ---- | C] () -- C:\Windows\Irremote.ini
 [2010/09/28 06:22:44 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\hidservice​.ini
 [2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
 [2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
 [2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
 [2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
 [2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFi​lter.dll
 [2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextH​andler.dll
 [2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dl​l
 [2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb​40.dll
 [2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 [2009/04/27 23:08:02 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
 
 ========== LOP Check ==========
 
 [2011/11/13 14:00:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​AdSignerPDF
 [2011/11/13 14:00:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​AdSigner_Certificate
 [2011/10/26 15:16:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​ArchiFacile
 [2013/02/01 13:52:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​bayardKids.08AE7BFC096D057FBA4​8C7E4F898C35F7FA11BBA.1
 [2010/12/18 18:17:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​FileZilla
 [2010/12/18 18:17:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​freeTVRadio
 [2012/04/09 08:27:41 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​gtk-2.0
 [2010/12/18 18:17:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​LiveCAD3
 [2012/08/20 07:53:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​Nikon
 [2012/07/25 02:38:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​OfferBox
 [2012/09/01 08:39:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​OpenCandy
 [2010/12/18 18:17:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​OpenOffice.org
 [2012/12/26 17:41:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​Searchya
 [2012/09/29 09:53:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​SFR
 [2010/12/18 18:17:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​Thunderbird
 [2012/09/01 09:17:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​TuneUp Software
 [2010/12/18 18:10:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Alwil Software
 [2012/08/16 09:08:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Ambience
 [2012/08/16 09:08:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Applause and Laugher
 [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
 [2011/10/26 15:09:50 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interproc​ess
 [2010/12/18 18:50:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
 [2012/09/01 09:16:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
 [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
 [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
 [2012/08/16 09:08:01 | 000,000,000 | ---D | M] -- C:\ProgramData\EnterNHelp
 [2010/12/18 18:50:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
 [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
 [2012/09/01 08:39:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Freemake
 [2010/12/18 18:50:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
 [2010/12/18 18:50:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
 [2012/08/20 04:40:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Nikon
 [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
 [2012/11/13 13:43:38 | 000,000,000 | ---D | M] -- C:\ProgramData\SweetIM
 [2013/01/01 15:35:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Tarma Installer
 [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
 [2012/09/01 09:18:01 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
 [2012/08/16 09:08:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Ultima_T15
 [2012/08/16 09:08:00 | 000,000,000 | ---D | M] -- C:\ProgramData\vhosts
 [2011/10/26 15:11:04 | 000,000,000 | -H-D | M] -- C:\ProgramData\{1B0B54CA-AA7D-​41D3-A84A-29E7C9CB13A2}
 [2012/09/01 09:16:35 | 000,000,000 | -HSD | M] -- C:\ProgramData\{32364CEA-7855-​4A3C-B674-53D8E9B97936}
 [2012/12/16 05:34:32 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
 ========== Purity Check ==========
 
 
 
 ========== Custom Scans ==========
 
 
 Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.
 
 Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
 
 Invalid Environment Variable: %APPDATA%\*.
 
 Invalid Environment Variable: %APPDATA%\*.exe
 
 < %SYSTEMDRIVE%\*.*  >
 [2009/07/13 21:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
 [2010/12/18 17:57:42 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
 [2012/08/20 04:12:04 | 000,000,045 | ---- | M] () -- C:\error.log
 [2007/11/07 02:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
 [2007/11/07 02:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
 [2007/11/07 02:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
 [2007/11/07 02:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
 [2007/11/07 02:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
 [2007/11/07 02:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
 [2007/11/07 02:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
 [2007/11/07 02:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
 [2007/11/07 02:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
 [2007/11/07 02:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
 [2013/03/11 17:07:57 | 3220,623,360 | -HS- | M] () -- C:\hiberfil.sys
 [2007/11/07 02:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 [2007/11/07 02:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
 [2007/11/07 02:44:20 | 000,075,280 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
 [2007/11/07 02:44:20 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
 [2007/11/07 02:44:20 | 000,090,128 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
 [2007/11/07 02:44:20 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
 [2007/11/07 02:44:20 | 000,094,224 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
 [2007/11/07 02:44:20 | 000,080,400 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
 [2007/11/07 02:44:20 | 000,078,864 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
 [2007/11/07 02:44:20 | 000,074,768 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
 [2007/11/07 02:44:20 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
 [2013/03/11 17:08:06 | 4294,168,576 | -HS- | M] () -- C:\pagefile.sys
 [2010/12/20 13:36:46 | 000,003,274 | ---- | M] () -- C:\RHDSetup.log
 [2007/11/07 02:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
 [2007/11/07 02:50:40 | 001,927,956 | ---- | M] () -- C:\VC_RED.cab
 [2007/11/07 02:53:12 | 000,242,176 | ---- | M] () -- C:\VC_RED.MSI
 
 < %SYSTEMDRIVE%\*.exe  >
 [2007/11/07 02:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
 < %PROGRAMFILES%\*.*  >
 [2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
 
 < %PROGRAMFILES%\*.  >
 [2010/12/18 18:06:30 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
 [2009/07/13 23:20:08 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
 [2011/04/08 13:03:39 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
 [2009/07/14 11:35:27 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
 [2010/12/18 18:50:59 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
 [2013/02/21 15:36:03 | 000,000,000 | ---D | M] -- C:\Program Files\Google
 [2013/02/14 13:01:27 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
 [2010/12/18 18:06:32 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
 [2012/05/12 16:59:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
 [2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
 [2012/11/18 17:38:17 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
 [2010/12/18 18:06:34 | 000,000,000 | ---D | M] -- C:\Program Files\PACKARD BELL
 [2010/12/18 18:06:34 | 000,000,000 | ---D | M] -- C:\Program Files\PlayReady
 [2010/12/18 18:02:50 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
 [2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
 [2009/07/14 01:09:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
 [2010/12/18 18:06:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
 [2010/12/18 18:06:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
 [2009/07/14 11:24:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
 [2012/05/08 17:58:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
 [2012/06/22 07:20:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
 [2010/12/20 13:27:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
 [2010/12/20 13:26:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
 [2010/12/18 18:50:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
 [2010/12/18 18:06:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
 [2009/07/14 11:24:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
 [2009/07/14 01:32:38 | 000,000,000 | --

n°766909
dédétraqué
Profil : Equipe sécurité
Posté le 13-03-2013 à 19:24:10  answer
Prévenir les modérateurs en cas d'abus
 

Salut cirdec1


 Relance le PC sur le CD, et une fois le bureau de reatogo chargé , tu lances OTLPE , l'icone jaune


 * Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Custom Scan ":

 :reg
 [HKLM\SOFTWARE_ON_C\Microsoft\Windows NT\CurrentVersion\Winlogon]
 "Userinit"="C:\\WINDOWS\\syste​m32\\userinit.exe,"
 "Shell"="explorer.exe"

 :OTL
 O20 - HKU\User_ON_C Winlogon: Shell - (C:\Users\User\AppData\Roaming​\skype.dat) - C:\Users\User\AppData\Roaming\​skype.dat (Exg3JD2MJp)
 [2012/01/11 01:39:46 | 000,081,408 | ---- | C] (Exg3JD2MJp) -- C:\Users\User\AppData\Roaming\​skype.dat
 [2013/03/11 17:12:35 | 000,000,004 | ---- | M] () -- C:\Users\User\AppData\Roaming\​skype.ini
 [2010/12/18 18:17:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​freeTVRadio    
 [2012/07/25 02:38:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​OfferBox    
 [2012/09/01 08:39:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\​OpenCandy    
 [2012/11/13 13:43:38 | 000,000,000 | ---D | M] -- C:\ProgramData\SweetIM    
 [2011/10/26 15:11:04 | 000,000,000 | -H-D | M] -- C:\ProgramData\{1B0B54CA-AA7D-​41D3-A84A-29E7C9CB13A2}    

 :Commands
 [Emptytemp]



 * Clique sur " RUNFIX " pour lancer la suppression.

 *Poste le rapport généré par OTL et remettre dans le bios le changement de sata mode que tu as fais et redémarre le PC en mode normal.


 -----


 Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
 http://general-changelog-team. [...] adwcleaner

 Lance le, clique sur [Suppression] puis patiente le temps du scan.
 Une fois le scan fini, un rapport s'ouvrira, poste le contenu de ce rapport.
 Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


 @++   :)

n°766910
cirdec1
Posté le 13-03-2013 à 21:32:27  answer
Prévenir les modérateurs en cas d'abus
 

voila c est fait voici le resultat puis je passe au redemarrage normal

 ========== REGISTRY ==========
 HKLM\SOFTWARE_ON_C\Microsoft\W​indows NT\CurrentVersion\Winlogon\\"Userinit"|"C:\\WINDOWS\\system32\\userinit.exe," /E : value set successfully!
 HKLM\SOFTWARE_ON_C\Microsoft\W​indows NT\CurrentVersion\Winlogon\\"Shell"|"explorer.exe" /E : value set successfully!
 ========== OTL ==========
 Registry value HKEY_USERS\User_ON_C\SOFTWARE\​Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\User\AppData\Roaming\skype.dat deleted successfully.
 C:\Users\User\AppData\Roaming\​skype.dat moved successfully.
 File C:\Users\User\AppData\Roaming\​skype.dat not found.
 C:\Users\User\AppData\Roaming\​skype.ini moved successfully.
 C:\Users\User\AppData\Roaming\​freeTVRadio folder moved successfully.
 C:\Users\User\AppData\Roaming\​OfferBox\http_app.offerbox.com​\sdch folder moved successfully.
 C:\Users\User\AppData\Roaming\​OfferBox\http_app.offerbox.com​ folder moved successfully.
 C:\Users\User\AppData\Roaming\​OfferBox folder moved successfully.
 C:\Users\User\AppData\Roaming\​OpenCandy\E8161827A5E541AEB270​A0BF15B7D5B4 folder moved successfully.
 C:\Users\User\AppData\Roaming\​OpenCandy\4EAC910330194B068402​084B02B62733 folder moved successfully.
 C:\Users\User\AppData\Roaming\​OpenCandy folder moved successfully.
 C:\ProgramData\SweetIM\Communi​cator\Logs folder moved successfully.
 C:\ProgramData\SweetIM\Communi​cator\conf\LocalStorage folder moved successfully.
 C:\ProgramData\SweetIM\Communi​cator\conf folder moved successfully.
 C:\ProgramData\SweetIM\Communi​cator folder moved successfully.
 C:\ProgramData\SweetIM folder moved successfully.
 C:\ProgramData\{1B0B54CA-AA7D-​41D3-A84A-29E7C9CB13A2} folder moved successfully.
 ========== COMMANDS ==========
 
 [EMPTYTEMP]
 
 User: All Users
 
 User: Default
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 ->Flash cache emptied: 57616 bytes
 
 User: Default User
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 0 bytes
 ->Flash cache emptied: 0 bytes
 
 User: Public
 
 User: UpdatusUser
 ->Temp folder emptied: 0 bytes
 ->Temporary Internet Files folder emptied: 33170 bytes
 
 User: User
 ->Temp folder emptied: 1365581682 bytes
 ->Temporary Internet Files folder emptied: 635405417 bytes
 ->Java cache emptied: 2723849 bytes
 ->Google Chrome cache emptied: 349318818 bytes
 ->Flash cache emptied: 2949638 bytes
 
 %systemdrive% .tmp files removed: 0 bytes
 %systemroot% .tmp files removed: 0 bytes
 %systemroot%\System32 .tmp files removed: 0 bytes
 %systemroot%\System32 (64bit) .tmp files removed: 1665600 bytes
 %systemroot%\System32\drivers .tmp files removed: 0 bytes
 Windows Temp folder emptied: 536993983 bytes
 %systemroot%\sysnative\config\​systemprofile\AppData\Local\Mi​crosoft\Windows\Temporary Internet Files folder emptied: 50674 bytes
 
 Total Files Cleaned = 2,761.00 mb
 
 
 OTLPE by OldTimer - Version 3.1.48.0 log created on 03142013_041445

n°766911
cirdec1
Posté le 13-03-2013 à 22:01:09  answer
Prévenir les modérateurs en cas d'abus
 

redémarrage normal ok
 apparemment tout remarche

 merci beaucoup pour ton aide

 voilà le rapport d'adw cleaner

 # AdwCleaner v2.114 - Rapport créé le 14/03/2013 à 04:53:01
 # Mis à jour le 05/03/2013 par Xplode
 # Système d'exploitation : Windows 7 Home Premium  (64 bits)
 # Nom d'utilisateur : User - PC-DE-USER
 # Mode de démarrage : Normal
 # Exécuté depuis : C:\Users\User\Downloads\AdwCle​aner.exe
 # Option [Suppression]


 ***** [Services] *****

 Arrêté & Supprimé : Offerbox update service

 ***** [Fichiers / Dossiers] *****

 Dossier Supprimé : C:\Program Files (x86)\Conduit
 Dossier Supprimé : C:\Program Files (x86)\freeTVRadio
 Dossier Supprimé : C:\Program Files (x86)\Ilivid
 Dossier Supprimé : C:\Program Files (x86)\SweetIM
 Dossier Supprimé : C:\Program Files (x86)\Windows iLivid Toolbar
 Dossier Supprimé : C:\Program Files (x86)\Yontoo
 Dossier Supprimé : C:\ProgramData\boost_interproc​ess
 Dossier Supprimé : C:\ProgramData\Microsoft\Windo​ws\Start Menu\Programs\Ilivid
 Dossier Supprimé : C:\ProgramData\Tarma Installer
 Dossier Supprimé : C:\Users\User\AppData\Local\Go​ogle\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
 Dossier Supprimé : C:\Users\User\AppData\Local\Go​ogle\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
 Dossier Supprimé : C:\Users\User\AppData\Local\Go​ogle\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
 Dossier Supprimé : C:\Windows\Installer\{38470B46​-9BF1-40AE-A588-F6AD6D1C2D42}
 Dossier Supprimé : C:\Windows\Installer\{C3E85EE9​-5892-4142-B537-BCEB3DAC4C3D}
 Fichier Supprimé : C:\Users\Public\Desktop\eBay.l​nk

 ***** [Registre] *****

 Clé Supprimée : HKCU\Software\AppDataLow\Softw​are\Conduit
 Clé Supprimée : HKCU\Software\AppDataLow\Softw​are\ConduitSearchScopes
 Clé Supprimée : HKCU\Software\AppDataLow\Softw​are\PriceGong
 Clé Supprimée : HKCU\Software\AppDataLow\Softw​are\PricePeep
 Clé Supprimée : HKCU\Software\AppDataLow\Softw​are\Toolbar
 Clé Supprimée : HKCU\Software\freeTVRadio
 Clé Supprimée : HKCU\Software\Google\Chrome\Ex​tensions\cjpglkicenollcignonpg​iafdgfeehoj
 Clé Supprimée : HKCU\Software\ilivid
 Clé Supprimée : HKCU\Software\InstallCore
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{4C4AD71D-52E1-4402-9E5B-CBFC2​95EC9BA}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{99079A25-328F-4BD4-BE04-00955​ACAA0A7}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{EEE6C35B-6118-11DC-9C72-00132​0C79847}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{EEE6C35C-6118-11DC-9C72-00132​0C79847}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{FCBCCB87-9224-4B8D-B117-F56D9​24BEB18}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Settings\​{FD72061E-9FDE-484D-A58A-0BAB4​151CAD8}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{02​478D38-C3F9-4EFB-9B51-7695ECA0​5670}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{4C​4AD71D-52E1-4402-9E5B-CBFC295E​C9BA}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{99​079A25-328F-4BD4-BE04-00955ACA​A0A7}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{A7​A6995D-6EE1-4FD1-A258-49395D5B​F99C}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{DF​7770F7-832F-4BDF-B144-100EDDD0​C3AE}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{EE​E6C35B-6118-11DC-9C72-001320C7​9847}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{EE​E6C35C-6118-11DC-9C72-001320C7​9847}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{FC​BCCB87-9224-4B8D-B117-F56D924B​EB18}
 Clé Supprimée : HKCU\Software\Microsoft\Window​s\CurrentVersion\Ext\Stats\{FD​72061E-9FDE-484D-A58A-0BAB4151​CAD8}
 Clé Supprimée : HKCU\Software\Offerbox
 Clé Supprimée : HKCU\Software\SearchCore for Browsers
 Clé Supprimée : HKCU\Software\Softonic
 Clé Supprimée : HKCU\Software\Spointer
 Clé Supprimée : HKCU\Software\TBSB05488
 Clé Supprimée : HKLM\Software\AedgePerformance​BCN
 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1​5F6BCB7-BB0F-4A66-8762-4765B05​597EB}
 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1​973277F-87B0-4EA3-9ED2-470A91D​284CF}
 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C​FDAFE39-20CE-451D-BD45-A37452F​39CF0}
 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D​616A4A2-7B38-4DBC-9093-6FE7A4A​21B17}
 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\es​rv.EXE
 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Yo​ntooIEClient.DLL
 Clé Supprimée : HKLM\SOFTWARE\Classes\Applicat​ions\ilividsetupv1.exe
 Clé Supprimée : HKLM\SOFTWARE\Classes\ComObjec​t.DeskbarEnabler
 Clé Supprimée : HKLM\SOFTWARE\Classes\ComObjec​t.DeskbarEnabler.1
 Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.sea​rchyaESrvc
 Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.sea​rchyaESrvc.1
 Clé Supprimée : HKLM\SOFTWARE\Classes\ilivid
 Clé Supprimée : HKLM\Software\Classes\Installe​r\Features\2B1E51D87B2D71A44BB​42DDD5E894160
 Clé Supprimée : HKLM\Software\Classes\Installe​r\Features\9EE58E3C298524145B7​3CBBED3CAC4D3
 Clé Supprimée : HKLM\Software\Classes\Installe​r\Features\EB6AF8AEEB922FA4392​548F13812E50B
 Clé Supprimée : HKLM\Software\Classes\Installe​r\Products\2B1E51D87B2D71A44BB​42DDD5E894160
 Clé Supprimée : HKLM\Software\Classes\Installe​r\Products\9EE58E3C298524145B7​3CBBED3CAC4D3
 Clé Supprimée : HKLM\Software\Classes\Installe​r\Products\EB6AF8AEEB922FA4392​548F13812E50B
 Clé Supprimée : HKLM\SOFTWARE\Classes\OfferBox​UI.TheBoxCtrl
 Clé Supprimée : HKLM\SOFTWARE\Classes\OfferBox​UI.TheBoxCtrl.1
 Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.​IEToolbar
 Clé Supprimée : HKLM\SOFTWARE\Classes\SWEETIE.​IEToolbar.1
 Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_​urlsearchhook.toolbarurlsearch​hook
 Clé Supprimée : HKLM\SOFTWARE\Classes\sweetim_​urlsearchhook.toolbarurlsearch​hook.1
 Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB0548​8.IEToolbar
 Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB0548​8.IEToolbar.1
 Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB0548​8.TBSB05488
 Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB0548​8.TBSB05488.3
 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.​CT3008653
 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3​.sweetie
 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3​.sweetie.1
 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3​.TBSB05488
 Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3​.TBSB05488.1
 Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\​{15F6BCB7-BB0F-4A66-8762-4765B​05597EB}
 Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\​{4509D3CC-B642-4745-B030-645B7​9522C6D}
 Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\​{6A4BCABA-C437-4C76-A54E-AF31B​8A76CB9}
 Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\​{8ABB9FA2-0740-4AD9-8F54-11922​54B3CF4}
 Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\​{D372567D-67C1-4B29-B3F0-159B5​2B3E967}
 Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\​{EC4085F2-8DB3-45A6-AD0B-CA289​F3C5D7E}
 Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\​{EEE6C35E-6118-11DC-9C72-00132​0C79847}
 Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\​{EEE6C35F-6118-11DC-9C72-00132​0C79847}
 Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearc​hHook.ToolbarURLSearchHook
 Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearc​hHook.ToolbarURLSearchHook.1
 Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIE​Client.Api
 Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIE​Client.Api.1
 Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIE​Client.Layers
 Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIE​Client.Layers.1
 Clé Supprimée : HKLM\Software\Conduit
 Clé Supprimée : HKLM\Software\ilivid
 Clé Supprimée : HKLM\Software\InstallCore
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\BundleSweetIMSetup_RASAPI32
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\BundleSweetIMSetup_RASMANCS
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\datamngrUI_RASAPI32
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\datamngrUI_RASMANCS
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\iLividSetupV1_RASAPI32
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\iLividSetupV1_RASMANCS
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\SearchquMediaBar_RASAPI32
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\SearchquMediaBar_RASMANCS
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\SetupDataMngr_Searchqu_RASAP​I32
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\SetupDataMngr_Searchqu_RASMA​NCS
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\SweetIM_RASAPI32
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\SweetIM_RASMANCS
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\SweetPacksUpdateManager_RASA​PI32
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\SweetPacksUpdateManager_RASM​ANCS
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\WajamUpdater_RASAPI32
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracin​g\WajamUpdater_RASMANCS
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Ext\PreApprov​ed\{02478D38-C3F9-4EFB-9B51-76​95ECA05670}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Ext\PreApprov​ed\{0EE02110-967B-4256-ACA6-BC​8AC7CB7E61}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Ext\PreApprov​ed\{40038D23-8356-413E-95B5-40​70C5D042FF}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Ext\PreApprov​ed\{D5F775F6-8871-46A4-9521-68​A9694B6830}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Ext\PreApprov​ed\{DF7770F7-832F-4BDF-B144-10​0EDDD0C3AE}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Uninstall\TBS​B05488.TBSB05488Toolbar
 Clé Supprimée : HKLM\Software\Offerbox
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{0EE02110-967B-4256-​ACA6-BC8AC7CB7E61}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{10DE7085-6A1E-4D41-​A7BF-9AF93E351401}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{20B456BE-E93B-48C4-​B8E8-876AC01E8A20}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{3C471948-F874-49F5-​B338-4F214A2EE0B1}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{40038D23-8356-413E-​95B5-4070C5D042FF}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{57CADC46-58FF-4105-​B733-5A9F3FC9783C}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{6801410E-CC88-42D6-​A93B-909E95645407}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{80922EE0-8A76-46AE-​95D5-BD3C3FE0708D}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{99066096-8989-4612-​841F-621A01D54AD7}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{99079A25-328F-4BD4-​BE04-00955ACAA0A7}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{A1F3BAED-C4B1-4E7D-​9AD4-3FEAC1ABB06C}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{A40DC6C5-79D0-4CA8-​A185-8FF989AF1115}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{AE07101B-46D4-4A98-​AF68-0333EA26E113}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{CA3EB689-8F09-4026-​AA10-B9534C691CE0}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{CC1AC828-BB47-4361-​AFB5-96EEE259DD87}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{D5F775F6-8871-46A4-​9521-68A9694B6830}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{DF7770F7-832F-4BDF-​B144-100EDDD0C3AE}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{EEE6C35B-6118-11DC-​9C72-001320C79847}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{EEE6C35C-6118-11DC-​9C72-001320C79847}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{EEE6C35D-6118-11DC-​9C72-001320C79847}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{FCBCCB87-9224-4B8D-​B117-F56D924BEB18}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{FD72061E-9FDE-484D-​A58A-0BAB4151CAD8}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\CLSID\{FE9271F2-6EFD-44B0-​A826-84C829536E93}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{10DE7085-6A1E-4​D41-A7BF-9AF93E351401}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{1AD27395-1659-4​DFF-A319-2CFA243861A5}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{1B730ACF-26A3-4​47B-9994-14AEE0EB72CC}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{20B456BE-E93B-4​8C4-B8E8-876AC01E8A20}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{2A42D13C-D427-4​787-821B-CF6973855778}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{3D8478AA-7B88-4​8A9-8BCB-B85D594411EC}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{4897BBA6-48D9-4​68C-8EFA-846275D7701B}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{8216BD4A-4DC2-4​DCE-9AFF-C86C5ACC6757}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{A1F3BAED-C4B1-4​E7D-9AD4-3FEAC1ABB06C}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{D4D390BE-98E6-4​633-AD1B-B18B54BE5E76}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{E67D5BC7-7129-4​93E-9281-F47BDAFACE4F}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{EEE6C358-6118-1​1DC-9C72-001320C79847}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{EEE6C359-6118-1​1DC-9C72-001320C79847}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Clas​ses\Interface\{EEE6C35A-6118-1​1DC-9C72-001320C79847}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Goog​le\Chrome\Extensions\bjeikehei​jdjdfjbmknpefojickbkmom
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Goog​le\Chrome\Extensions\cjpglkice​nollcignonpgiafdgfeehoj
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Goog​le\Chrome\Extensions\jcdgjdiie​iljkfkdcloehkohchhpekkn
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Goog​le\Chrome\Extensions\niapdbllc​anepiiimjjndipklodoedlc
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Internet Explorer\Low Rights\ElevationPolicy\{819DC4​CA-4FFF-4C2E-800D-F346471D99BC​}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Internet Explorer\Low Rights\ElevationPolicy\{B53123​67-B3B5-4757-8247-B70184629B2B​}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C3​67-6118-11DC-9C72-001320C79847​}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B​51-7695ECA05670}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C​72-001320C79847}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B1​17-F56D924BEB18}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Windows\CurrentVersion\E​xplorer\Browser Helper Objects\{FD72061E-9FDE-484D-A5​8A-0BAB4151CAD8}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Windows\CurrentVersion\U​ninstall\{8D15E1B2-D2B7-4A17-B​44B-D2DDE5981406}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Windows\CurrentVersion\U​ninstall\{C3E85EE9-5892-4142-B​537-BCEB3DAC4C3D}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Windows\CurrentVersion\U​ninstall\{EA8FA6BE-29BE-4AF2-9​352-841F83215EB0}
 Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Windows\CurrentVersion\U​ninstall\ilivid
 Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5​7CADC46-58FF-4105-B733-5A9F3FC​9783C}
 Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A​E07101B-46D4-4A98-AF68-0333EA2​6E113}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{10DE7085-6A1E-4D41-A7BF-9AF​93E351401}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{1AD27395-1659-4DFF-A319-2CF​A243861A5}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{1B730ACF-26A3-447B-9994-14A​EE0EB72CC}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{20B456BE-E93B-48C4-B8E8-876​AC01E8A20}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{2A42D13C-D427-4787-821B-CF6​973855778}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{3D8478AA-7B88-48A9-8BCB-B85​D594411EC}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{4897BBA6-48D9-468C-8EFA-846​275D7701B}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{8216BD4A-4DC2-4DCE-9AFF-C86​C5ACC6757}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{A1F3BAED-C4B1-4E7D-9AD4-3FE​AC1ABB06C}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{D4D390BE-98E6-4633-AD1B-B18​B54BE5E76}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{E67D5BC7-7129-493E-9281-F47​BDAFACE4F}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{EEE6C358-6118-11DC-9C72-001​320C79847}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{EEE6C359-6118-11DC-9C72-001​320C79847}
 Clé Supprimée : HKLM\SOFTWARE\Classes\Interfac​e\{EEE6C35A-6118-11DC-9C72-001​320C79847}
 Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Ex​tensions\cjpglkicenollcignonpg​iafdgfeehoj
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Uninstall\{88​9DF117-14D1-44EE-9F31-C5FB5D47​F68B}
 Clé Supprimée : HKLM\SOFTWARE\Tarma Installer
 Valeur Supprimée : HKCU\Software\Microsoft\Intern​et Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
 Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Run [OfferBox]
 Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\Run [Sweetpacks Communicator]
 Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Interne​t Explorer\mgHelperApp.exe]
 Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Interne​t Explorer\mgToolbarProxy.dll]
 Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
 Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Micr​osoft\Internet Explorer\Toolbar [10]
 Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Toolbar [10]

 ***** [Navigateurs] *****

 -\\ Internet Explorer v9.0.8112.16464

 Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.helperbar.com/?pub​lisher=OPENCANDY&dpid=OPENCAND​Y&co=FR&userid=a162981b-81db-4​73f-b18b-60a57fabe13e&affid=11​1583&searchtype=ds&babsrc=lnkr​y&q={searchTerms} --> hxxp://www.google.com
 Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.helperbar.com/?pub​lisher=OPENCANDY&dpid=OPENCAND​Y&co=FR&userid=a162981b-81db-4​73f-b18b-60a57fabe13e&affid=11​1583&searchtype=ds&babsrc=lnkr​y&q={searchTerms} --> hxxp://www.google.com
 Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.helperbar.com/?pub​lisher=OPENCANDY&dpid=OPENCAND​Y&co=FR&userid=a162981b-81db-4​73f-b18b-60a57fabe13e&affid=11​1583&searchtype=ds&babsrc=lnkr​y&q={searchTerms} --> hxxp://www.google.com
 Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchya.com/?f=1&a​=searchoo&cd=2XzuyEtN2Y1L1Qzut​DtDtByDtCtCyEyEzzzztCtC0E0BtC0​AtN0D0Tzu0StAyCtDtN1L2XzutBtFt​BtFtCtFyEtBtCtN1L1Czu0A1O1O1L1​I1L1T2Z1P1B&cr=1954222324&ir= --> hxxp://www.google.com
 Remplacé : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchya.com/?f=1&a​=searchoo&cd=2XzuyEtN2Y1L1Qzut​DtDtByDtCtCyEyEzzzztCtC0E0BtC0​AtN0D0Tzu0StAyCtDtN1L2XzutBtFt​BtFtCtFyEtBtCtN1L1Czu0A1O1O1L1​I1L1T2Z1P1B&cr=1954222324&ir= --> hxxp://www.google.com

 -\\ Google Chrome v25.0.1364.152

 *************************

 AdwCleaner[S1].txt - [19560 octets] - [14/03/2013 04:53:01]

 ########## EOF - C:\AdwCleaner[S1].txt - [19621 octets] ##########

n°766912
dédétraqué
Profil : Equipe sécurité
Posté le 13-03-2013 à 22:04:04  answer
Prévenir les modérateurs en cas d'abus
 

Salut cirdec1


 OK super

 On va vérifier le PC une dernière fois :

 Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

 - Quitte les applications en cours afin de ne pas interrompre le scan.
 - Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
 Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
 - Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport standard". Fais de même avec "Tous les utilisateurs" à coté.
 - Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".

 Ne modifie pas les autres paramètres !

 Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "

 netsvcs
 msconfig
 safebootminimal
 safebootnetwork
 activex
 drivers32
 %SYSTEMDRIVE%\*.*
 %SYSTEMDRIVE%\*.exe
 %PROGRAMFILES%\*.*
 %PROGRAMFILES%\*.
 /md5start
 consrv.dll
 volsnap.sys
 hidserv.dll
 appmgmts.dll
 eventlog.dll
 winlogon.exe
 scecli.dll
 netlogon.dll
 cngaudit.dll
 sceclt.dll
 ntelogon.dll
 logevent.dll
 iaStor.sys
 nvstor.sys
 atapi.sys
 IdeChnDr.sys
 viasraid.sys
 AGP440.sys
 vaxscsi.sys
 nvatabus.sys
 viamraid.sys
 wininet.dll
 wininit.exe
 nvata.sys
 nvgts.sys
 iastorv.sys
 ViPrt.sys
 eNetHook.dll
 explorer.exe
 svchost.exe
 userinit.exe
 qmgr.dll
 ws2_32.dll
 proquota.exe
 imm32.dll
 kernel32.dll
 ndis.sys
 autochk.exe
 spoolsv.exe
 xmlprov.dll
 ntmssvc.dll
 mswsock.dll
 Beep.SYS
 ntfs.sys
 termsrv.dll
 sfcfiles.dll
 st3shark.sys
 winlogon.exe
 wininit.ini
 /md5stop
 HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Session Manager\SubSystems /s
 SAVEMBR:0
 %systemroot%\*. /mp /s
 %systemroot%\system32\*.dll /lockedfiles
 %systemroot%\Tasks\*.job /lockedfiles
 %systemroot%\system32\drivers\​*.sys /lockedfiles
 %systemroot%\System32\config\*​.sav
 c:\$recycle.bin\*.* /s


 - Clique sur le bouton Analyse.
 - Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

 Utilise cjoint.com pour poster en lien tes rapports :
 http://cjoint.com/

 - Clique sur Parcourir pour aller chercher le rapport OTL.txt sur le bureau
 - Clique sur Ouvrir ensuite sur Créer le lien Cjoint

 - Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

 Après fais de même avec l'autre rapport Extras.txt


 @++   :)

 Page :
1

Aller à :
Ajouter une réponse
  


  


  virus hadopi

 

Sujets relatifs
ordinateur lent 4 virus detecté pas aviraEncore un PC victime du virus UKASH...
Virus Win32/Small.CA et crashpetit virus
comment savoir si il y a des virus sur mon ordinateur avec zhpdiagVirus et grosse difficulté a me servir de mozilla [résolu]
Virus doublon accent circonflexe^^ , comment s'en débarasser?Virus dans mon ordinateur?
PC bloqué par virus ukash [résolu]probleme virus hadopi
Plus de sujets relatifs à : virus hadopi

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
[résolu] viru ukash 25 15-03-2013 à 19:03:28
securite mon pc 0 12-03-2013 à 09:47:11
Menace:VBS:Agent-TU[Trj] 35 23-03-2013 à 13:56:46
ordinateur bloqué (Ukash, office central de lutte c. criminalité ...) 8 11-03-2013 à 21:02:50
Ouverture impossible disque local D: 3 11-03-2013 à 18:30:01

Recevez toute
l’actu du forum !