[RESOLU] Virus clavier/souris

sytchov · le 10 janvier 2011

Ca plante encore au même endroit! Sans titre - image / photo - Divers - Hiboox

jeanmimigab · le 11 janvier 2011

hello,

essais une dernière fois en suivant cette méthode

Désactivé l'UAC de Seven et redémarre ton pc,si tu ne sais pas comment faire, tu peux utiliser MyUAC (tu fais le choix N°4 et tu laisse MyUAC redémarrer ton PC )

N'oublie pas aussi de lancer OTL en faisant un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur" et en utilisant ce fix

:Files
C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}

C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\toolbar@ask.com

C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\vshare@toolbar

C:\Program Files (x86)\Mozilla Firefox\searchplugins\Goofullsearch.xml

C:\Program Files (x86)\Softonic_France

C:\Program Files (x86)\Ask.com

C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll

C:\Program Files (x86)\DAEMON Tools Toolbar

:OTL

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gooofull s earch.com/bar

IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof1.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-558746396-2105712398-235109265-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gooofull s earch.com/bar

IE - HKU\S-1-5-21-558746396-2105712398-235109265-1000\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof1.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-558746396-2105712398-235109265-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbhelper.dll ()

FF - prefs.js..extensions.enabledItems: {4daac69c-cba7-45e2-9bc8-1044483d3352}:2.7.2.0

FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0

FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.0.12758

FF - prefs.js..keyword.URL: "http://www.gooofullsearch.com/google?cx=partner-pub-6446514721158383:do3tst-6a03&cof=FORID%3A10&ie=UTF-8&hl=es&q="'>http://www.gooofullsearch.com/google?cx=partner-pub-6446514721158383:do3tst-6a03&cof=FORID%3A10&ie=UTF-8&hl=es&q="

[2010/08/27 19:43:46 | 000,000,000 | ---D | M] (Softonic_France Toolbar) -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}

[2010/12/22 23:09:39 | 000,000,000 | ---D | M] (AnchorFree Toolbar) -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\toolbar@ask.com

[2010/11/03 20:50:39 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\vshare@toolbar

O2 - BHO: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof1.dll (Conduit Ltd.)

O2 - BHO: (AnchorFree Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Search-Results)

O2 - BHO: (XBTBPos00 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll ()

O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found

O3 - HKLM\..\Toolbar: (Free software Gooofull toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll ()

O3 - HKLM\..\Toolbar: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof1.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (AnchorFree Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Search-Results)

O3 - HKU\S-1-5-21-558746396-2105712398-235109265-1000\..\Toolbar\WebBrowser: (Free software Gooofull toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll ()

O3:64bit: - HKU\S-1-5-21-558746396-2105712398-235109265-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found

O3 - HKU\S-1-5-21-558746396-2105712398-235109265-1000\..\Toolbar\WebBrowser: (Softonic_France Toolbar) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - C:\Program Files (x86)\Softonic_France\tbSof1.dll (Conduit Ltd.)

O3 - HKU\S-1-5-21-558746396-2105712398-235109265-1000\..\Toolbar\WebBrowser: (AnchorFree Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Search-Results)

O9 - Extra Button: Free software Gooofull toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll ()

O9 - Extra 'Tools' menuitem : Free software Gooofull toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll ()

O33 - MountPoints2\{5b6e40f8-0ed2-11e0-a27b-bbbeb7f13019}\Shell - "" = AutoRun

O33 - MountPoints2\{5b6e40f8-0ed2-11e0-a27b-bbbeb7f13019}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found

:Reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Softonic_France Toolbar" =-

:Commands

[emptytemp]

Si jamais ça bloque encore, essais avec ce fix ci-dessous

:Files

C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}

C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\toolbar@ask.com

C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\vshare@toolbar

C:\Program Files (x86)\Mozilla Firefox\searchplugins\Goofullsearch.xml

C:\Program Files (x86)\Softonic_France

C:\Program Files (x86)\Ask.com

C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll

C:\Program Files (x86)\DAEMON Tools Toolbar

:OTL

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gooofull s earch.com/bar

IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof1.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-558746396-2105712398-235109265-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gooofull s earch.com/bar

IE - HKU\S-1-5-21-558746396-2105712398-235109265-1000\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof1.dll (Conduit Ltd.)

IE - HKU\S-1-5-21-558746396-2105712398-235109265-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbhelper.dll ()

FF - prefs.js..extensions.enabledItems: {4daac69c-cba7-45e2-9bc8-1044483d3352}:2.7.2.0

FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0

FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.0.12758

FF - prefs.js..keyword.URL: "http://www.gooofullsearch.com/google?cx=partner-pub-6446514721158383:do3tst-6a03&cof=FORID%3A10&ie=UTF-8&hl=es&q="

[2010/08/27 19:43:46 | 000,000,000 | ---D | M] (Softonic_France Toolbar) -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}

[2010/12/22 23:09:39 | 000,000,000 | ---D | M] (AnchorFree Toolbar) -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\toolbar@ask.com

[2010/11/03 20:50:39 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\vshare@toolbar

O2 - BHO: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSof1.dll (Conduit Ltd.)

O2 - BHO: (AnchorFree Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Search-Results)

O2 - BHO: (XBTBPos00 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll ()

O9 - Extra Button: Free software Gooofull toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll ()

O9 - Extra 'Tools' menuitem : Free software Gooofull toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll ()

O33 - MountPoints2\{5b6e40f8-0ed2-11e0-a27b-bbbeb7f13019}\Shell - "" = AutoRun

O33 - MountPoints2\{5b6e40f8-0ed2-11e0-a27b-bbbeb7f13019}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found

:Reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Softonic_France Toolbar" =-

:Commands

[emptytemp]

@++

sytchov · le 11 janvier 2011

Ça a marché avec le 2ème fix voici le le rapport:

All processes killed

========== FILES ==========

File\Folder C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352} not found.

File\Folder C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\toolbar@ask.com not found.

File\Folder C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\vshare@toolbar not found.

File\Folder C:\Program Files (x86)\Mozilla Firefox\searchplugins\Goofullsearch.xml not found.

File\Folder C:\Program Files (x86)\Softonic_France not found.

File\Folder C:\Program Files (x86)\Ask.com not found.

File\Folder C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll not found.

File\Folder C:\Program Files (x86)\DAEMON Tools Toolbar not found.

========== OTL ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{4daac69c-cba7-45e2-9bc8-1044483d3352} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.

File C:\Program Files (x86)\Softonic_France\tbSof1.dll not found.

HKU\S-1-5-21-558746396-2105712398-235109265-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Registry value HKEY_USERS\S-1-5-21-558746396-2105712398-235109265-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4daac69c-cba7-45e2-9bc8-1044483d3352} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.

File C:\Program Files (x86)\Softonic_France\tbSof1.dll not found.

Registry value HKEY_USERS\S-1-5-21-558746396-2105712398-235109265-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ not found.

File C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbhelper.dll not found.

Prefs.js: {4daac69c-cba7-45e2-9bc8-1044483d3352}:2.7.2.0 removed from extensions.enabledItems

Prefs.js: vshare@toolbar:1.0.0 removed from extensions.enabledItems

Prefs.js: toolbar@ask.com:3.9.0.12758 removed from extensions.enabledItems

Prefs.js: "http://www.gooofullsearch.com/google?cx=partner-pub-6446514721158383:do3tst-6a03&cof=FORID%3A10&ie=UTF-8&hl=es&q=" removed from keyword.URL

Folder C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.

Folder C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\toolbar@ask.com\ not found.

Folder C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\vshare@toolbar\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.

File C:\Program Files (x86)\Softonic_France\tbSof1.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ not found.

File C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.

File C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.

File C:\Program Files (x86)\AOL for Windows 9.5 Beta 5 0.4337.20.1\tbcore3.dll not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b6e40f8-0ed2-11e0-a27b-bbbeb7f13019}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5b6e40f8-0ed2-11e0-a27b-bbbeb7f13019}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b6e40f8-0ed2-11e0-a27b-bbbeb7f13019}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5b6e40f8-0ed2-11e0-a27b-bbbeb7f13019}\ not found.

File F:\autorun.exe not found.

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\Softonic_France Toolbar not found.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Christophe

->Temp folder emptied: 264900427 bytes

->Temporary Internet Files folder emptied: 100186756 bytes

->Java cache emptied: 1811674 bytes

->FireFox cache emptied: 112153394 bytes

->Google Chrome cache emptied: 6467047 bytes

->Flash cache emptied: 101634 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 46534664 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68111 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 508,00 mb

OTL by OldTimer - Version 3.2.20.1 log created on 01112011_195624

Files\Folders moved on Reboot...

C:\Users\Christophe\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

jeanmimigab · le 11 janvier 2011

ok c'est pas,

peux tu me poster un rapport OTL comme tu l'as fais la première fois...

Note: cette fois ci tu n'auras pas de rapport "Extrat.txt"

et précise moi si il y a des améliorations à propos de tes problème de clavier

sytchov · le 11 janvier 2011

Il y a une légère amélioration, le calvier marche 1 fois sur 4 et la souris pareil alors qu'avant ça marchais jamais. Il y a du mieux au niveau de la connection aussi mais j'ai pa l'impression d'avoir tout mon debit.

Le rapport:

OTL logfile created on: 11/01/2011 20:30:53 - Run 2

OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Christophe\Desktop

64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free

8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 931,41 Gb Total Space | 860,13 Gb Free Space | 92,35% Space Free | Partition Type: NTFS

Drive E: | 465,76 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: NTFS

Computer Name: CHRIS | User Name: Christophe | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Christophe\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)

PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)

PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

PRC - C:\Program Files (x86)\HP\Button Manager\BM.exe ()

PRC - C:\Program Files (x86)\ArcSoft\Magic-i 3\Magic-i.exe (ArcSoft, Inc.)

PRC - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)

PRC - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia)

PRC - C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe ()

PRC - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe ()

PRC - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()

PRC - C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe (TP-LINK TECHNOLOGIES CO., LTD.)

PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)

PRC - C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe ()

PRC - C:\Program Files (x86)\TP-LINK\QSS\HwBtnDetector.exe ()

PRC - C:\Program Files (x86)\ArcSoft\Magic-i 3\uMgiSvr.exe (ArcSoft, Inc.)

PRC - C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)

PRC - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)

========== Modules (SafeList) ==========

MOD - C:\Users\Christophe\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)

SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)

SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (AVerRemote) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia)

SRV - (AVerScheduleService) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe ()

SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)

SRV - (jswpsapi) -- C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe (Atheros Communications, Inc.)

SRV - (JSWHwBtn) -- C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe ()

SRV - (MgiSvr) -- C:\Program Files (x86)\ArcSoft\Magic-i 3\uMgiSvr.exe (ArcSoft, Inc.)

========== Driver Services (SafeList) ==========

DRV:64bit: - (arusb_lhx) -- C:\Windows\SysNative\DRIVERS\arusb_lhx.sys File not found

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)

DRV:64bit: - (arusb_win7x) -- C:\Windows\SysNative\drivers\arusb_win7x.sys (Atheros Communications, Inc.)

DRV:64bit: - (AVerAF15DMBTH64) -- C:\Windows\SysNative\drivers\AVerAF15DMBTH64.sys (AVerMedia TECHNOLOGIES, Inc.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (ArcSoftVirtualCapture) -- C:\Windows\SysNative\drivers\ArcSoftVirtualCapture.sys (ArcSoft, Inc.)

DRV:64bit: - (t3) -- C:\Windows\SysNative\drivers\t3.sys (Creative Technology Ltd.)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (JSWPSLWF) -- C:\Windows\SysNative\drivers\jswpslwfx.sys (Atheros Communications, Inc.)

DRV:64bit: - (PAC207) -- C:\Windows\SysNative\drivers\PFC027.SYS (PixArt Imaging Inc.)

DRV - (LGII2CDevice) -- C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys ()

DRV - (LGDDCDevice) -- C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 16 92 D3 42 A4 77 CB 01 [binary data]

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google Customized Web Search"

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: fbosef1@fbext.fr:1.1.5

FF - prefs.js..extensions.enabledItems: fbjmpas1@fbext.fr:1.1.4

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/12 13:05:02 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/25 23:43:27 | 000,000,000 | ---D | M]

[2010/05/18 16:37:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christophe\AppData\Roaming\mozilla\Extensions

[2011/01/11 12:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions

[2010/12/31 09:54:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010/10/28 10:15:25 | 000,000,000 | ---D | M] ("Facebook J'aime pas") -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\fbjmpas1@fbext.fr

[2010/12/11 08:06:27 | 000,000,000 | ---D | M] ("Facebook On s'en fout") -- C:\Users\Christophe\AppData\Roaming\mozilla\Firefox\Profiles\mghaulj5.default\extensions\fbosef1@fbext.fr

[2011/01/10 09:22:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/09/21 15:27:44 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2010/07/30 14:15:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/07/31 19:48:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/10/26 12:44:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/12/20 13:08:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

[2010/07/20 18:50:09 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/07/20 18:50:09 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/07/20 18:50:09 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/07/20 18:50:09 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/07/20 18:50:09 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found

O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll (SFR)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [iSUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)

O4 - HKLM..\Run: [jswtrayutil] C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe (TP-LINK TECHNOLOGIES CO., LTD.)

O4 - HKLM..\Run: [sPIRunE] C:\Windows\SysWow64\SpiRunE.dll (Creative Technology Ltd.)

O4 - HKCU..\Run: [iSUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)

O4 - Startup: C:\Users\Christophe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{d79e6a6a-777e-11df-8335-406186048853}\Shell - "" = AutoRun

O33 - MountPoints2\{d79e6a6a-777e-11df-8335-406186048853}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/10 19:37:11 | 000,000,000 | ---D | C] -- C:\_OTL

[2011/01/10 12:28:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Christophe\Desktop\OTL.exe

[2011/01/07 09:38:41 | 000,000,000 | ---D | C] -- C:\Users\Christophe\AppData\Roaming\Malwarebytes

[2011/01/07 09:38:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2011/01/07 09:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/01/07 09:38:35 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011/01/07 09:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010/12/30 16:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2010/12/30 16:52:08 | 000,000,000 | ---D | C] -- C:\Users\Christophe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2010/12/25 22:43:21 | 000,000,000 | ---D | C] -- C:\Users\Christophe\AppData\Roaming\Avira

[2010/12/25 22:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2010/12/25 22:33:58 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys

[2010/12/25 22:33:58 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys

[2010/12/25 22:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2010/12/25 22:33:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira

[2010/12/23 23:15:53 | 000,000,000 | ---D | C] -- C:\Users\Christophe\Documents\KONAMI

[2010/12/23 22:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI

[2010/12/23 22:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KONAMI

[2010/12/23 22:30:41 | 000,000,000 | ---D | C] -- C:\Users\Christophe\Documents\Alcohol 120%

[2010/12/23 22:27:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft

[2010/12/23 21:30:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images

[2010/12/23 21:20:20 | 000,000,000 | ---D | C] -- C:\Users\Christophe\AppData\Roaming\DAEMON Tools Lite

[2010/12/23 21:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite

[2010/12/23 17:57:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VID_0E8F&PID_3013

[2010/12/23 17:39:32 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll

[2010/12/23 17:39:32 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll

[2010/12/23 17:39:31 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll

[2010/12/23 17:39:31 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll

[2010/12/23 17:39:31 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll

[2010/12/23 17:39:31 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll

[2010/12/23 17:39:30 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll

[2010/12/23 17:39:30 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll

[2010/12/23 17:39:30 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll

[2010/12/23 17:39:30 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll

[2010/12/23 17:39:29 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll

[2010/12/23 17:39:29 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll

[2010/12/23 17:39:29 | 000,091,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll

[2010/12/23 17:39:29 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll

[2010/12/23 17:39:28 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll

[2010/12/23 17:39:28 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll

[2010/12/23 17:39:27 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll

[2010/12/23 17:39:27 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll

[2010/12/23 17:39:27 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll

[2010/12/23 17:39:27 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll

[2010/12/23 17:39:26 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll

[2010/12/23 17:39:26 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll

[2010/12/23 17:39:24 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll

[2010/12/23 17:39:24 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll

[2010/12/23 17:39:20 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll

[2010/12/23 17:39:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll

[2010/12/23 17:39:19 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll

[2010/12/23 17:39:19 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll

[2010/12/23 17:39:19 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll

[2010/12/23 17:39:19 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll

[2010/12/23 17:39:18 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll

[2010/12/23 17:39:18 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll

[2010/12/23 17:39:18 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll

[2010/12/23 17:39:18 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll

[2010/12/23 17:39:16 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll

[2010/12/23 17:39:16 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll

[2010/12/23 17:39:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll

[2010/12/23 17:39:16 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll

[2010/12/23 17:39:15 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll

[2010/12/23 17:39:15 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll

[2010/12/23 17:39:14 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll

[2010/12/23 17:39:14 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll

[2010/12/22 23:05:53 | 000,000,000 | ---D | C] -- C:\Hotspot Shield

[2010/12/20 13:08:43 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2010/12/20 13:08:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2010/12/20 13:08:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2010/12/15 10:00:42 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll

[2010/12/15 10:00:42 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll

[2010/12/15 10:00:42 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll

[2010/12/15 10:00:42 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll

[2010/12/15 10:00:42 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe

[2010/12/15 10:00:41 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll

[2010/12/15 10:00:41 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe

[2010/12/15 10:00:41 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe

[2010/12/15 10:00:35 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll

[2010/12/15 10:00:35 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll

[2010/12/15 10:00:34 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll

[2010/12/15 10:00:34 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll

[2010/12/15 10:00:31 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll

[2010/12/15 10:00:31 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll

[2010/12/15 10:00:25 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe

[2010/12/15 10:00:15 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2010/12/15 10:00:15 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll

[2010/12/15 10:00:15 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2010/12/15 10:00:15 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2010/12/15 10:00:15 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2010/12/15 10:00:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2010/12/15 10:00:15 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2010/12/15 10:00:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2010/12/15 10:00:11 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2010/12/15 10:00:11 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2010/12/15 10:00:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2010/12/15 10:00:11 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2010/12/15 10:00:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2010/12/15 10:00:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

========== Files - Modified Within 30 Days ==========

[2011/01/11 20:05:50 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/01/11 20:05:50 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/01/11 20:05:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/01/11 20:05:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/01/11 19:58:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/01/11 19:58:21 | 3163,901,952 | -HS- | M] () -- C:\hiberfil.sys

[2011/01/10 23:34:02 | 000,185,749 | ---- | M] () -- C:\Users\Christophe\Desktop\Sans titre.jpg

[2011/01/10 23:33:50 | 000,170,538 | ---- | M] () -- C:\Users\Christophe\Desktop\Sans titre.png

[2011/01/10 12:28:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christophe\Desktop\OTL.exe

[2011/01/07 09:38:38 | 000,001,109 | ---- | M] () -- C:\Users\Christophe\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/12/30 18:02:38 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/12/30 18:02:38 | 000,704,242 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2010/12/30 18:02:38 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/12/30 18:02:38 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2010/12/30 18:02:38 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/12/30 16:52:08 | 000,002,999 | ---- | M] () -- C:\Users\Christophe\Desktop\HiJackThis.lnk

[2010/12/25 22:34:04 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2010/12/25 12:58:55 | 000,000,244 | ---- | M] () -- C:\Users\Christophe\Documents\ax_files.xml

[2010/12/23 22:23:49 | 000,503,352 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys

[2010/12/22 23:05:34 | 005,764,048 | ---- | M] () -- C:\Users\Christophe\Desktop\HSS-1.56-install-anchorfree-243-ask3.exe

[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010/12/20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/12/16 03:20:45 | 000,292,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/01/10 23:34:02 | 000,185,749 | ---- | C] () -- C:\Users\Christophe\Desktop\Sans titre.jpg

[2011/01/10 23:33:50 | 000,170,538 | ---- | C] () -- C:\Users\Christophe\Desktop\Sans titre.png

[2011/01/07 12:18:17 | 000,001,109 | ---- | C] () -- C:\Users\Christophe\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/12/30 16:52:08 | 000,002,999 | ---- | C] () -- C:\Users\Christophe\Desktop\HiJackThis.lnk

[2010/12/25 22:34:04 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2010/12/23 22:55:23 | 000,000,244 | ---- | C] () -- C:\Users\Christophe\Documents\ax_files.xml

[2010/12/23 21:20:57 | 000,503,352 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys

[2010/12/22 23:05:25 | 005,764,048 | ---- | C] () -- C:\Users\Christophe\Desktop\HSS-1.56-install-anchorfree-243-ask3.exe

[2010/09/21 15:28:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/05/18 17:50:40 | 000,049,152 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.dll

[2010/05/18 17:50:40 | 000,003,456 | R--- | C] () -- C:\Windows\SysWow64\AVerIO.sys

[2010/05/18 17:50:32 | 000,598,016 | R--- | C] () -- C:\Windows\SysWow64\sptlib21.dll

[2010/05/18 17:50:32 | 000,294,912 | R--- | C] () -- C:\Windows\SysWow64\sptlib11.dll

[2010/05/18 17:50:32 | 000,290,816 | R--- | C] () -- C:\Windows\SysWow64\sptlib22.dll

[2010/05/18 17:50:32 | 000,249,856 | R--- | C] () -- C:\Windows\SysWow64\sptlib03.dll

[2010/05/18 17:50:32 | 000,249,856 | R--- | C] () -- C:\Windows\SysWow64\sptlib01.dll

[2010/05/18 17:50:32 | 000,225,280 | R--- | C] () -- C:\Windows\SysWow64\sptlib02.dll

[2010/05/18 17:50:32 | 000,135,168 | R--- | C] () -- C:\Windows\SysWow64\sptlib12.dll

[2010/05/18 12:47:15 | 000,008,888 | ---- | C] () -- C:\Windows\SysWow64\AudioDrv.ini

[2010/05/18 12:46:06 | 000,148,992 | ---- | C] () -- C:\Windows\SysWow64\OemSpiE.dll

[2010/05/18 12:46:06 | 000,001,436 | ---- | C] () -- C:\Windows\CfgHPSp.ini

[2010/05/18 12:46:06 | 000,001,434 | ---- | C] () -- C:\Windows\Cfg05Sp.ini

[2010/05/18 12:46:06 | 000,001,434 | ---- | C] () -- C:\Windows\Cfg04Sp.ini

[2010/05/18 12:46:06 | 000,001,091 | ---- | C] () -- C:\Windows\Cfg03Sp.ini

[2010/05/18 12:46:06 | 000,001,091 | ---- | C] () -- C:\Windows\Cfg02Sp.ini

[2010/05/18 12:46:06 | 000,001,000 | ---- | C] () -- C:\Windows\Cfg01Sp.ini

[2010/05/18 12:46:06 | 000,000,932 | ---- | C] () -- C:\Windows\CfgHPHp.ini

[2010/05/18 12:46:06 | 000,000,932 | ---- | C] () -- C:\Windows\CfgHPDO.ini

[2010/05/18 12:46:06 | 000,000,932 | ---- | C] () -- C:\Windows\Cfg05DO.ini

[2010/05/18 12:46:06 | 000,000,932 | ---- | C] () -- C:\Windows\Cfg04DO.ini

[2010/05/18 12:46:06 | 000,000,930 | ---- | C] () -- C:\Windows\Cfg05Hp.ini

[2010/05/18 12:46:06 | 000,000,930 | ---- | C] () -- C:\Windows\Cfg04Hp.ini

[2010/05/18 12:46:06 | 000,000,818 | ---- | C] () -- C:\Windows\Cfg01APR.ini

[2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg03Hp.ini

[2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg03DO.ini

[2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg02Hp.ini

[2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg02DO.ini

[2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg01Hp.ini

[2010/05/18 12:46:06 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg01DO.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPRMi.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPRLI.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPFMi.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPDI.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05RMi.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05RLI.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05FMi.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05DI.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04RMi.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04RLI.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04FMi.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04DI.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03RMi.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03RLI.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03FMi.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03DI.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02RMi.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02RLI.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02FMi.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02DI.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01Mic.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01LI.ini

[2010/05/18 12:46:06 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01DI.ini

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2006/11/02 08:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SP207.INI

========== LOP Check ==========

[2010/08/23 20:14:35 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\CrazyLoader

[2010/12/23 21:46:48 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\DAEMON Tools Lite

[2010/08/30 11:22:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\OfferBox

[2010/08/19 11:47:39 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\OpenOffice.org

[2010/12/05 21:14:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\PlayerPlug

[2010/12/05 21:14:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\PropMgrAsync

[2010/11/09 23:50:20 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\SystemRequirementsLab

[2010/07/04 20:20:00 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\WindSolutions

[2010/07/05 16:03:29 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Xilisoft

[2010/12/09 08:31:54 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >

[2010/05/20 11:03:26 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Adobe

[2010/06/26 19:51:51 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Apple Computer

[2010/12/06 13:13:05 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\ArcSoft

[2010/12/25 22:43:21 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Avira

[2010/08/23 20:14:35 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\CrazyLoader

[2010/06/29 16:05:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Creative

[2010/12/23 21:46:48 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\DAEMON Tools Lite

[2010/05/18 11:47:11 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Identities

[2010/12/06 12:29:37 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\InstallShield

[2010/05/18 14:18:25 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Macromedia

[2011/01/07 09:38:41 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Malwarebytes

[2009/07/14 16:35:18 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Media Center Programs

[2010/09/24 17:30:46 | 000,000,000 | --SD | M] -- C:\Users\Christophe\AppData\Roaming\Microsoft

[2010/05/18 16:37:17 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Mozilla

[2010/08/30 11:22:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\OfferBox

[2010/08/19 11:47:39 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\OpenOffice.org

[2010/12/05 21:14:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\PlayerPlug

[2010/12/05 21:14:31 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\PropMgrAsync

[2010/12/10 23:41:56 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Skype

[2010/12/10 19:42:26 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\skypePM

[2010/11/09 23:50:20 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\SystemRequirementsLab

[2010/12/06 21:48:21 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\vlc

[2010/07/04 20:20:00 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\WindSolutions

[2010/05/18 19:03:50 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\WinRAR

[2010/07/05 16:03:29 | 000,000,000 | ---D | M] -- C:\Users\Christophe\AppData\Roaming\Xilisoft

< %APPDATA%\*.exe /s >

[2010/12/30 16:52:08 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Christophe\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

< %SYSTEMDRIVE%\*.exe >

[2007/11/07 07:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %SYSTEMDRIVE%\*.exe >

[2007/11/07 07:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: AGP440.SYS >

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CDROM.SYS >

[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys

[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: DISK.SYS >

[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysWow64\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys

[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: EXPLORER.EXE >

[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe

[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe

[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe

[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe

[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe

[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe

[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe

[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe

[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: IASTORV.SYS >

[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys

[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NDIS.SYS >

[2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >

[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >

[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys

[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: RASACD.SYS >

[2009/07/14 01:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys

< MD5 for: RDPWD.SYS >

[2009/07/14 01:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys

< MD5 for: SCECLI.DLL >

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SFLOPPY.SYS >

[2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysWow64\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys

[2009/07/14 01:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys

< MD5 for: TCPIP.SYS >

[2010/06/14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys

[2010/06/14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys

[2009/07/14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: TDPIPE.SYS >

[2009/07/14 01:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys

< MD5 for: TDTCP.SYS >

[2009/07/14 01:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys

< MD5 for: USBPRINT.SYS >

[2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysWow64\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys

[2009/07/14 01:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys

< MD5 for: USBSCAN.SYS >

[2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysWow64\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys

[2009/07/14 01:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys

< MD5 for: USERINIT.EXE >

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WININIT.EXE >

[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >

[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< End of report >

jeanmimigab · le 11 janvier 2011

yop,

/!\ Avant tout désactive ton anti virus et ferme tous les programmes en cour de fonctionnement /!\

Télécharge Combofix.exe sur ton bureau.

Fais un clic-droit sur son icône et choisis "Exécuter en tant qu'administrateur"

Suis les instructions et accepte les différents avertissements de combofix pour démarrer le scanne.

Lorsque le scanne sera complet, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

Le rapport se trouve également ici : C:\Combofix.txt

Combofix risque de redémarrer ton PC, quoi qu'il en soit redémarre une deuxième fois ton PC.

Note : Ne te sert surtout pas du PC durant le scanne, celui ci peut être long(de 10 à 30 minutes) et n'arrête surtout pas combofix pendant son scanne.

sytchov · le 12 janvier 2011

ComboFix 11-01-11.01 - Christophe 12/01/2011 10:28:03.1.4 - x64

Microsoft Windows 7 Professionnel 6.1.7600.0.1252.33.1036.18.4023.2895 [GMT 1:00]

Lancé depuis: c:\users\Christophe\Desktop\ComboFix.exe

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Install.exe

c:\users\Christophe\AppData\Roaming\OfferBox

c:\users\Christophe\AppData\Roaming\OfferBox\config.xml

c:\users\Christophe\SoftonicDownloader_pour_future-pinball.exe

c:\windows\SysWow64\pthreadVC.dll

.

((((((((((((((((((((((((((((( Fichiers créés du 2010-12-12 au 2011-01-12 ))))))))))))))))))))))))))))))))))))

.

2011-01-12 09:30 . 2011-01-12 09:30 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-01-12 08:51 . 2010-11-10 05:35 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A255DD0F-6AC2-49E3-B673-9B97B1111FB3}\mpengine.dll

2011-01-10 18:37 . 2011-01-10 18:37 -------- d-----w- C:\_OTL

2011-01-07 08:38 . 2011-01-07 08:38 -------- d-----w- c:\users\Christophe\AppData\Roaming\Malwarebytes

2011-01-07 08:38 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-01-07 08:38 . 2011-01-07 08:38 -------- d-----w- c:\programdata\Malwarebytes

2011-01-07 08:38 . 2011-01-07 08:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-01-07 08:38 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-12-30 15:52 . 2010-12-30 15:52 388096 ----a-r- c:\users\Christophe\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-12-30 15:52 . 2010-12-30 15:52 -------- d-----w- c:\program files (x86)\Trend Micro

2010-12-23 21:58 . 2010-12-23 21:58 -------- d-----w- c:\programdata\KONAMI

2010-12-23 21:58 . 2010-12-23 21:58 -------- d-----w- c:\program files (x86)\KONAMI

2010-12-23 21:27 . 2010-12-25 11:59 -------- d-----w- c:\program files (x86)\Alcohol Soft

2010-12-23 20:20 . 2010-12-23 21:23 503352 ----a-w- c:\windows\system32\drivers\sptd.sys

2010-12-23 20:20 . 2010-12-23 20:46 -------- d-----w- c:\users\Christophe\AppData\Roaming\DAEMON Tools Lite

2010-12-23 20:20 . 2010-12-23 20:20 -------- d-----w- c:\programdata\DAEMON Tools Lite

2010-12-23 16:57 . 2010-12-23 16:57 -------- d-----w- c:\program files (x86)\VID_0E8F&PID_3013

2010-12-23 16:56 . 2010-12-23 16:56 270468 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll

2010-12-23 16:56 . 2010-12-23 16:56 159876 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll

2010-12-23 16:56 . 2002-08-05 09:46 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll

2010-12-23 16:56 . 2002-08-02 02:10 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe

2010-12-23 16:56 . 2002-08-02 01:20 634880 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll

2010-12-23 16:56 . 2002-08-02 01:20 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll

2010-12-23 16:56 . 2002-08-02 01:20 151552 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll

2010-12-22 22:05 . 2011-01-10 08:21 -------- d-----w- C:\Hotspot Shield

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-11-12 17:53 . 2010-07-30 13:15 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2010-10-19 09:41 . 2010-05-18 11:09 270720 ------w- c:\windows\system32\MpSigStub.exe

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]

2009-10-15 08:53 165184 ----a-w- c:\program files (x86)\SFR\Kit\SFRNavErrorHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]

"jswtrayutil"="c:\program files (x86)\TP-LINK\QSS\jswtrayutil.exe" [2008-05-12 36949]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-11-10 421160]

"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]

c:\users\Christophe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-5-18 159744]

AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-5-18 651264]

ButtonManager.lnk - c:\program files (x86)\HP\Button Manager\BM.exe [2010-12-6 266240]

forteManager.lnk - c:\program files (x86)\LG Soft India\forteManager\bin\Monitor.exe [2010-5-18 1687552]

Magic-i.lnk - c:\program files (x86)\ArcSoft\Magic-i 3\Magic-i.exe [2010-12-6 524288]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 136176]

R2 JSWHwBtn;JSW Hardware Button Service;c:\program files (x86)\TP-LINK\QSS\HwBtnSvc.exe [2008-02-29 16384]

R3 arusb_lhx;TP-LINK TL-WN821N 11N Wireless device driver;c:\windows\system32\DRIVERS\arusb_lhx.sys [x]

R3 arusb_win7x;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7x.sys [2009-11-26 769024]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-05-18 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-05-18 79360]

R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files (x86)\TP-LINK\QSS\jswpsapi.exe [2008-04-16 954368]

R3 LGDDCDevice;LGDDCDevice;c:\program files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [2008-12-12 14336]

R3 LGII2CDevice;LGII2CDevice;c:\program files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [2008-12-12 18432]

R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-04 1255736]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-23 503352]

S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys [2008-04-28 26624]

S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2009-04-08 344064]

S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-12-09 405504]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-04-03 240232]

S3 AVerAF15DMBTH64;AVerMedia A850 USB;c:\windows\system32\Drivers\AVerAF15DMBTH64.sys [2009-07-27 592256]

S3 RTL8167;Pilote Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]

S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys [2009-06-04 639512]

.

Contenu du dossier 'Tâches planifiées'

2011-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 13:55]

2011-01-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-07 13:55]

.

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Examen supplémentaire -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page =

mStart Page =

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

FF - ProfilePath - c:\users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\mghaulj5.default\

FF - prefs.js: browser.search.selectedEngine - DAEMON Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: Facebook On s'en fout: fbosef1@fbext.fr - %profile%\extensions\fbosef1@fbext.fr

FF - Ext: Facebook J'aime pas: fbjmpas1@fbext.fr - %profile%\extensions\fbjmpas1@fbext.fr

FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

.

- - - - ORPHELINS SUPPRIMES - - - -

Wow6432Node-HKLM-Run-SPIRunE - SPIRunE.dll

BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll

WebBrowser-{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

AddRemove-Everest Poker.fr - c:\program files (x86)\Everest Poker.fr\cstart.exe

AddRemove-Softonic_France Toolbar - c:\progra~2\SOFTON~1\UNWISE.EXE

AddRemove-Sound Blaster X-Fi Windows Drivers - c:\program files (x86)\Creative\Sound Blaster X-Fi\Program\SETUP.EXE

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"

"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"

"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Heure de fin: 2011-01-12 10:31:56

ComboFix-quarantined-files.txt 2011-01-12 09:31

Avant-CF: 923 713 060 864 octets libres

Après-CF: 923 223 883 776 octets libres

- - End Of File - - D8CFD7796C8626E56EBC677C42CCFA6B

jeanmimigab · le 12 janvier 2011

hello,

c'est pas mal tout ça...

Comment ça va niveau clavier/sourie ?

Si tu as toujours des soucis indique moi la marque et le modèle du clavier et de la sourie

@++

Sethfield · le 12 janvier 2011

J'ai presque le même probleme (clavier parfois ne repond plus, quand je suis sur le net que je clique sur une icone ou autre sa me telecharge un lien, quand je veux aller dans un fichier sa me l'ouvre en clique droit), le probleme part et reviens... Malwarebytes, spybot, ccleaner, eset smart security... bref en detresse... (pardonnez de tomber au milieu de votre post)

sytchov · le 12 janvier 2011

Malhereusement ça bug toujours...la connection a l'air pas mal. Je désespére vraiment, les touches sont toujours inversées, quand je click sur un lien c'est toujours un nouvel onglet qui s'ouvre et la molette devient le zoom. Ça peux redevenir normal pendant deux minutes et replanter toute la journée.

Le clavier et la souris ont été changés entre temps:

Logitech g500

Cyborg V.5 keyboard

Connexion

Pas encore inscrit ?

[RESOLU] Virus clavier/souris

Messages recommandés

sytchov

jeanmimigab

sytchov

jeanmimigab

sytchov

jeanmimigab

sytchov

jeanmimigab

Sethfield

sytchov

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer