Infection PC par cookies traceur de Ads Regiepub

lance_yien · le 20 janvier 2011

Ceci indique que l'espace libre sur tes disques est limite. Un minimum de 15% est recommandé pour avoir une fluidité de navigation acceptable dans tes dossiers.

Drive C: | 157,77 Gb Total Space | 21,92 Gb Free Space | 13,90% Space Free | Partition Type: NTFS
Drive D: | 128,22 Gb Total Space | 11,00 Gb Free Space | 8,58% Space Free | Partition Type: NTFS

Tu as donc du ménage à faire dès qu'on a fini ensemble.

Tu as deux antispyware actifs en même temps:

Lavasoft\Ad-Aware

Spybot - Search & Destroy

Ce n'est pas recommandé car risque de conflit et/ ou ralentissement de ton système. Je te propose d'en désinstaller un tout de suite (gain de place et de ressource)

Tu est abonné ou travaille avec une régie de pubs?

Si ce n'est pas le cas, je te suggère de désinstaller ces toolbar et Cie de chez Conduit Ltd depuis Ajout/Suppression de programmes (si présent):

- Elf 1 Toolbar

- Productivity_2.1

- ConduitEngine

- ReducBarre

Je mets leur référence dans le script suivant (à supprimer). Si pour une raison quelconque tu ne veux pas supprimer quelque chose n'inclus pas sa ligne ou dis-le moi je te refais le script.

Je vais, aussi réinitialiser ton fichier Host. Si tu ne veux pas n'inclus pas sa ligne (en bleu).

Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

:OTL

IE - HKLM\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf0.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {b80f591e-fe9a-46cf-a13e-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {c44f9e21-d93f-490c-b41c-b3548bdd19fc} - C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf0.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {b80f591e-fe9a-46cf-a13e-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {c44f9e21-d93f-490c-b41c-b3548bdd19fc} - C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll (Conduit Ltd.)

O2 - BHO: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf0.dll (Conduit Ltd.)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (ReducBarreHelper Class) - {357ADA38-B41F-4432-9F10-5638FA4A75AD} - C:\Program Files (x86)\ReducBarre\ReducBarre.dll ()

O2 - BHO: (Elf 1.13 Toolbar) - {b80f591e-fe9a-46cf-a13e-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll (Conduit Ltd.)

O2 - BHO: (Productivity 2.1 Toolbar) - {c44f9e21-d93f-490c-b41c-b3548bdd19fc} - C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll (Conduit Ltd.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (BuyObaB) - {1660B308-BECB-4062-890D-396B2FBBC8CA} - C:\Program Files (x86)\ReducBarre\ReducBarre.dll ()

O3 - HKLM\..\Toolbar: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Elf 1.13 Toolbar) - {b80f591e-fe9a-46cf-a13e-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Productivity 2.1 Toolbar) - {c44f9e21-d93f-490c-b41c-b3548bdd19fc} - C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (BuyObaB) - {1660B308-BECB-4062-890D-396B2FBBC8CA} - C:\Program Files (x86)\ReducBarre\ReducBarre.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (Elf 1 Toolbar) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - C:\Program Files (x86)\Elf_1\prxtbElf0.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Elf 1.13 Toolbar) - {B80F591E-FE9A-46CF-A13E-180377240586} - C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Productivity 2.1 Toolbar) - {C44F9E21-D93F-490C-B41C-B3548BDD19FC} - C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll (Conduit Ltd.)

O4 - HKLM..\Run: [bEWINTERNET-FR-DMGP-V2SessionManager] File not found

O4 - HKCU..\Run: [AdobeBridge] File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O33 - MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\Shell - "" = AutoRun

O33 - MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F

@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4D066AD2

@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838

@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:370EF5E8

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0

@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885

@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54

@Alternate Data Stream - 1160 bytes -> C:\ProgramData\Microsoft:ksIB5GmrV8jrJpMwDeXHwNDJXLcN

@Alternate Data Stream - 1038 bytes -> C:\ProgramData\Microsoft:ry6tCUwWVnZbcmjP4Aa82DiYZUUjf

:Services

:Reg

:Files

C:\Program Files (x86)\Productivity_2.1

C:\Program Files (x86)\Elf_1.13

C:\Program Files (x86)\ConduitEngine

C:\Program Files (x86)\Elf_1

C:\Users\GEANT\AppData\Local\Conduit

C:\jre-6u22-windows-i586-iftw-rv.exe

C:\QuickTimeInstaller.exe

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

As-tu encore des soucis avec ta machine avant de passer à la phase finale?

Modifié le 20 janvier 2011 par lance_yien

jdhog · le 20 janvier 2011

j'ai suivi t'ai instruction pour le dernier reducbarre je ne l'ai pas trouvé sur supprimer des programe j'ai une recherche sur tous les programme et quand je l'ai desinstaller avast a envoyer un message de bloquage suite a ton script le PC a redemarre et sur le burau 3 nouveau fichiers 2 desktop.ini et thumbs.db

je te remercie de ton attention

Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/01/15 21:57:25 | 000,001,029 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

01 - Hosts: 127.0.0.1

O1 - Hosts: 127.0.0.1

O1 - Hosts: 127.0.0.1 adstream.com

O1 - Hosts: 127.0.0.1 adstream.every.com

O1 - Hosts:

O1 - Hosts: Listen 12.34.56.78:80

O1 - Hosts: Listen 80

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O2 - BHO: (no name) - {b80f591e-fe9a-46cf-a13e-180377240586} - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {b80f591e-fe9a-46cf-a13e-180377240586} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1660B308-BECB-4062-890D-396B2FBBC8CA} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - No CLSID value found.

O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [bambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()

O4 - HKLM..\Run: [bEWINTERNET-FR-DMGP-V2SessionManager] File not found

O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)

O4 - HKLM..\Run: [PCTuto] C:\Program Files (x86)\PCTuto\pctuto.exe (PCTUTO)

O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)

O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKCU..\Run: [AdobeBridge] File not found

O4 - HKCU..\Run: [bamboo Dock] C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe ()

O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)

O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files (x86)\cspep\cspep.exe ()

O4 - Startup: C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Users\GEANT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WkCalRem.LNK = C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft® Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: jingoo.com ([www] http in Sites de confiance)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\Shell - "" = AutoRun

O33 - MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (lsdelete) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/20 21:14:18 | 000,000,000 | ---D | C] -- C:\_OTL

[2011/01/20 01:02:42 | 000,000,000 | ---D | C] -- C:\Users\GEANT\Desktop\anti virus

[2011/01/19 23:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files

[2011/01/19 02:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011/01/19 02:16:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy

[2011/01/18 18:43:56 | 000,000,000 | ---D | C] -- C:\Users\GEANT\ZHP

[2011/01/17 19:03:24 | 000,069,152 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys

[2011/01/17 19:03:21 | 000,049,752 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys

[2011/01/17 19:01:57 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Local\Sunbelt Software

[2011/01/17 19:01:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}

[2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Lavasoft

[2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft

[2011/01/17 19:01:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft

[2011/01/15 22:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\ZHP

[2011/01/15 22:09:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag

[2011/01/15 17:07:53 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Malwarebytes

[2011/01/15 17:07:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2011/01/15 17:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Malwarebytes' Anti-Malware

[2011/01/15 17:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/01/15 17:07:44 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011/01/15 17:07:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011/01/14 18:14:11 | 000,237,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2011/01/13 19:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Plugin Galaxy 2 Demo 64-bit

[2011/01/13 19:33:39 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\ThePluginSite

[2011/01/13 19:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\PluginGalaxy2Demo_64bit

[2011/01/13 19:23:26 | 000,304,640 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\imgman32.dll

[2011/01/13 19:23:26 | 000,067,072 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31jpg.dil

[2011/01/13 19:23:26 | 000,059,392 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\imhost32.dll

[2011/01/13 19:23:26 | 000,035,840 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31bmp.dil

[2011/01/13 19:23:26 | 000,032,256 | ---- | C] (Data Techniques, Inc.) -- C:\Windows\SysWow64\IM31xbmp.del

[2011/01/13 19:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Plugin Commander Light

[2011/01/13 19:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plugin Commander Light

[2011/01/12 22:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Auto FX Software

[2011/01/12 22:12:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auto FX Software

[2011/01/12 13:58:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elf_1.13

[2011/01/11 19:53:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\cspep

[2011/01/09 20:47:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine

[2011/01/09 20:47:55 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Local\Conduit

[2011/01/09 11:53:03 | 000,000,000 | ---D | C] -- C:\Windows\fr

[2011/01/09 11:52:51 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Windows Live

[2011/01/09 00:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM

[2011/01/06 16:46:38 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1

[2011/01/06 13:38:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Bamboo

[2010/12/29 14:18:17 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\wtablet

[2010/12/27 11:23:30 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Bamboo Explore

[2010/12/27 11:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Explore

[2010/12/27 10:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Wacom

[2010/12/27 10:53:49 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1

[2010/12/27 10:53:46 | 000,000,000 | ---D | C] -- C:\Users\GEANT\AppData\Roaming\Wacom

[2010/12/27 10:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Bamboo Dock

[2010/12/27 10:53:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Dock

[2010/12/27 10:51:51 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll

[2010/12/27 10:51:51 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll

[2010/12/27 10:51:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins

[2010/12/27 10:51:05 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys

[2010/12/27 10:50:58 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys

[2010/12/27 10:50:56 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys

[2010/12/27 10:50:52 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll

[2010/12/27 10:50:51 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll

[2010/12/27 10:50:51 | 000,600,432 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll

[2010/12/27 10:50:50 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll

[2010/12/27 10:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet

[2010/12/22 11:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\iTunes

[2010/12/22 11:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2010/12/22 11:11:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2010/12/22 11:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2009/11/03 05:04:33 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe

========== Files - Modified Within 30 Days ==========

[2011/01/20 21:16:15 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/01/20 21:00:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/01/20 20:57:05 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/01/20 20:57:05 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/01/20 20:49:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/01/20 20:49:10 | 3166,154,752 | -HS- | M] () -- C:\hiberfil.sys

[2011/01/20 10:37:26 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI

[2011/01/19 23:10:40 | 000,144,945 | ---- | M] () -- C:\Users\GEANT\Documents\ZHPDiag rapport 19 janvier 2011

[2011/01/18 23:49:57 | 002,103,956 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/01/18 23:49:57 | 000,913,350 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2011/01/18 23:49:57 | 000,805,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/01/18 23:49:57 | 000,209,296 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2011/01/18 23:49:57 | 000,173,428 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/01/18 17:03:05 | 000,143,246 | ---- | M] () -- C:\Users\GEANT\Documents\ZHPDiag rapport

[2011/01/17 19:07:59 | 000,015,880 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe

[2011/01/17 19:03:21 | 000,049,752 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys

[2011/01/17 19:01:21 | 000,001,142 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk

[2011/01/15 22:33:30 | 000,001,214 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Gestion Commerciale.lnk

[2011/01/15 22:33:30 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\Gestion Commerciale.lnk

[2011/01/14 18:14:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2011/01/13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2011/01/13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe

[2011/01/13 09:47:23 | 000,237,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2011/01/13 09:41:44 | 000,273,488 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2011/01/13 09:40:20 | 000,051,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

[2011/01/13 09:37:34 | 000,029,264 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys

[2011/01/13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2011/01/13 09:37:12 | 000,020,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

[2011/01/12 23:26:08 | 004,922,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/01/12 22:14:55 | 000,000,081 | ---- | M] () -- C:\Windows\s01on

[2011/01/10 13:45:45 | 000,405,078 | ---- | M] () -- C:\Users\GEANT\Documents\mariages-eglise-aveyron-internet.jpg

[2011/01/10 13:45:45 | 000,001,456 | ---- | M] () -- C:\Users\GEANT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs

[2011/01/10 13:38:44 | 000,442,478 | ---- | M] () -- C:\Users\GEANT\Documents\marige-eglise-aveyron-internet.jpg

[2011/01/10 13:25:15 | 000,461,063 | ---- | M] () -- C:\Users\GEANT\Documents\mariage-mairie-st-affrique-internet.jpg

[2011/01/10 13:23:25 | 000,000,821 | ---- | M] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk

[2011/01/10 13:15:39 | 000,171,743 | ---- | M] () -- C:\Users\GEANT\Documents\montage-préparatif--mariages-noir-et-blanc-internet.jpg

[2011/01/08 19:03:57 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT

[2011/01/06 19:46:44 | 000,078,684 | ---- | M] () -- C:\Users\GEANT\Documents\Backup.tabletprefs

[2010/12/29 19:20:49 | 730,086,228 | ---- | M] () -- C:\Users\GEANT\Documents\DSCF0259 cheval detoure 2.psd

========== Files Created - No Company Name ==========

[2011/01/19 23:10:40 | 000,144,945 | ---- | C] () -- C:\Users\GEANT\Documents\ZHPDiag rapport 19 janvier 2011

[2011/01/18 17:03:05 | 000,143,246 | ---- | C] () -- C:\Users\GEANT\Documents\ZHPDiag rapport

[2011/01/17 23:51:09 | 000,015,880 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe

[2011/01/17 19:01:21 | 000,001,142 | ---- | C] () -- C:\Users\GEANT\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk

[2011/01/13 19:23:26 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\Msvcrt10.dll

[2011/01/12 20:18:09 | 000,000,081 | ---- | C] () -- C:\Windows\s01on

[2011/01/10 13:45:45 | 000,405,078 | ---- | C] () -- C:\Users\GEANT\Documents\mariages-eglise-aveyron-internet.jpg

[2011/01/10 13:38:44 | 000,442,478 | ---- | C] () -- C:\Users\GEANT\Documents\marige-eglise-aveyron-internet.jpg

[2011/01/10 13:25:14 | 000,461,063 | ---- | C] () -- C:\Users\GEANT\Documents\mariage-mairie-st-affrique-internet.jpg

[2011/01/10 13:15:38 | 000,171,743 | ---- | C] () -- C:\Users\GEANT\Documents\montage-préparatif--mariages-noir-et-blanc-internet.jpg

[2011/01/08 15:22:34 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI

[2011/01/06 19:46:44 | 000,078,684 | ---- | C] () -- C:\Users\GEANT\Documents\Backup.tabletprefs

[2010/12/29 19:18:26 | 730,086,228 | ---- | C] () -- C:\Users\GEANT\Documents\DSCF0259 cheval detoure 2.psd

[2010/12/27 10:52:49 | 000,000,002 | ---- | C] () -- C:\Users\GEANT\.bdockinstall.log

[2010/12/27 10:50:43 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTouchTabletUserDefaults.xml

[2010/12/27 10:50:43 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml

[2010/11/03 10:30:43 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI

[2010/10/30 23:41:44 | 000,004,912 | ---- | C] () -- C:\ProgramData\mnjemahv.gza

[2010/10/30 23:32:17 | 000,004,948 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik

[2010/10/30 23:32:17 | 000,004,923 | ---- | C] () -- C:\ProgramData\drctchbl.xvi

[2010/10/07 09:45:54 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI

[2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\Workflows

[2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\Work - Home

[2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\filter

[2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\docInfo

[2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\deskjet

[2010/10/07 09:29:20 | 000,000,268 | RH-- | C] () -- C:\Users\GEANT\AppData\Roaming\business-inkjet

[2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT

[2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT

[2010/10/07 09:29:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT

[2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Ambient

[2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Alerts

[2010/10/07 09:29:20 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Action

[2010/06/11 16:54:34 | 002,082,270 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/06/03 15:23:31 | 000,000,109 | ---- | C] () -- C:\Windows\Kit.ini

[2010/05/17 17:51:07 | 000,000,017 | ---- | C] () -- C:\Users\GEANT\AppData\Local\resmon.resmoncfg

[2010/05/17 13:00:58 | 000,001,456 | ---- | C] () -- C:\Users\GEANT\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs

[2010/05/14 17:28:40 | 000,000,132 | ---- | C] () -- C:\Users\GEANT\AppData\Roaming\Préfs Filtre IllExportation Adobe CS5

[2010/03/09 11:43:18 | 000,005,120 | ---- | C] () -- C:\Users\GEANT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/03/05 23:58:39 | 000,000,858 | ---- | C] () -- C:\Users\GEANT\AppData\Roaming\wklnhst.dat

[2009/12/15 01:42:44 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll

[2009/12/15 01:42:44 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

[2009/12/05 17:09:38 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll

[2009/12/05 17:09:38 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini

[2009/11/03 05:32:49 | 000,008,415 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log

[2009/11/03 05:04:12 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/03/16 22:29:03 | 000,000,000 | -HSD | M] -- C:\Users\GEANT\AppData\Roaming\.#

[2010/03/05 17:42:10 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\ACD Systems

[2010/12/27 11:38:18 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Bamboo Explore

[2010/05/14 21:33:42 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010/11/30 12:29:36 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\com.adobe.DC3Module.AdobeADC

[2011/01/06 16:46:41 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1

[2010/11/20 11:35:53 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\DxO Labs

[2010/03/09 21:09:36 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\eSobi

[2011/01/19 22:27:00 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\FileZilla

[2010/03/06 00:03:10 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\GameConsole

[2010/05/21 11:00:00 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\inkscape

[2010/10/30 23:41:45 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Need4Video

[2010/10/28 17:12:29 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Nikon

[2010/08/03 22:34:41 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\OpenCandy

[2010/05/25 12:40:38 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\OpenOffice.org

[2010/05/14 17:31:58 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Opera

[2010/11/20 11:30:22 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\PACE Anti-Piracy

[2010/11/17 15:45:48 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\PCtuto

[2010/03/11 17:59:06 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\PlayFirst

[2010/05/14 17:27:33 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2010/05/21 13:45:09 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Subversion

[2010/03/09 21:07:39 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Template

[2011/01/13 19:33:39 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\ThePluginSite

[2010/12/07 20:51:56 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\TomTom

[2010/09/20 13:33:53 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\UDC Profiles

[2010/05/22 00:58:42 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\VTC Preferences Folder

[2010/12/27 10:53:46 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Wacom

[2010/12/27 10:53:49 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1

[2010/04/01 19:35:13 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\Windows Live Writer

[2010/11/17 08:52:12 | 000,000,000 | ---D | M] -- C:\Users\GEANT\AppData\Roaming\XnView

[2011/01/05 11:37:05 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F

@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4D066AD2

@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838

@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:370EF5E8

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0

@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885

@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D

@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54

@Alternate Data Stream - 1160 bytes -> C:\ProgramData\Microsoft:ksIB5GmrV8jrJpMwDeXHwNDJXLcN

@Alternate Data Stream - 1038 bytes -> C:\ProgramData\Microsoft:ry6tCUwWVnZbcmjP4Aa82DiYZUUjf

< End of report >

lance_yien · le 21 janvier 2011

Bonjour,

Visiblement ça n'a pas bien fonctionné pour OTL parce que tu n'as pas dû appuyer sur le bon bouton (rouge Correction) après avoir collé le script.

Relancer OTL et refaire la manipe complète stp!

Ne t'inquiète pas pour les 3 fichiers, ils sont légitimes et tu ne les verras plus une fois que les fichiers système seront cachés.

jdhog · le 21 janvier 2011

Bonjour,

Visiblement ça n'a pas bien fonctionné pour OTL parce que tu n'as pas dû appuyer sur le bon bouton (rouge Correction) après avoir collé le script.

Relancer OTL et refaire la manipe complète stp!

Ne t'inquiète pas pour les 3 fichiers, ils sont légitimes et tu ne les verras plus une fois que les fichiers système seront cachés.

Bonjour

quand j'ai allumer mon PC ce matin il y a regiepub qui ces ouvert avant de me connecter a exploreur et quand ouvert la page d'acceuil d'orange pas de probleme mais quand j'ai clicquer sur la messagerie ma mis un message d'alerte qui logiciel mal veillant dysfonctionnement

j'attend ta reponse pour relancer le script

lance_yien · le 21 janvier 2011

Fais-le, on verra ce qui reste.

jdhog · le 21 janvier 2011

Fais-le, on verra ce qui reste.

J'ai relancer le script ce coup la il y abien eu la demande de redammarage et le bloc note quand ça à rebooter la page de regiepub est revenu

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{22e03916-85c5-44b0-8dc9-1830c11238d9} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found.

File C:\Program Files (x86)\Elf_1\prxtbElf0.dll not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b80f591e-fe9a-46cf-a13e-180377240586} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b80f591e-fe9a-46cf-a13e-180377240586}\ not found.

File C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c44f9e21-d93f-490c-b41c-b3548bdd19fc} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44f9e21-d93f-490c-b41c-b3548bdd19fc}\ not found.

File C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{22e03916-85c5-44b0-8dc9-1830c11238d9} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found.

File C:\Program Files (x86)\Elf_1\prxtbElf0.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b80f591e-fe9a-46cf-a13e-180377240586} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b80f591e-fe9a-46cf-a13e-180377240586}\ not found.

File C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c44f9e21-d93f-490c-b41c-b3548bdd19fc} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44f9e21-d93f-490c-b41c-b3548bdd19fc}\ not found.

File C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found.

File C:\Program Files (x86)\Elf_1\prxtbElf0.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{357ADA38-B41F-4432-9F10-5638FA4A75AD}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{357ADA38-B41F-4432-9F10-5638FA4A75AD}\ not found.

File C:\Program Files (x86)\ReducBarre\ReducBarre.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b80f591e-fe9a-46cf-a13e-180377240586}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b80f591e-fe9a-46cf-a13e-180377240586}\ not found.

File C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c44f9e21-d93f-490c-b41c-b3548bdd19fc}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44f9e21-d93f-490c-b41c-b3548bdd19fc}\ not found.

File C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll not found.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1660B308-BECB-4062-890D-396B2FBBC8CA} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1660B308-BECB-4062-890D-396B2FBBC8CA}\ not found.

File C:\Program Files (x86)\ReducBarre\ReducBarre.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{22e03916-85c5-44b0-8dc9-1830c11238d9} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22e03916-85c5-44b0-8dc9-1830c11238d9}\ not found.

File C:\Program Files (x86)\Elf_1\prxtbElf0.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

File C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{b80f591e-fe9a-46cf-a13e-180377240586} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b80f591e-fe9a-46cf-a13e-180377240586}\ not found.

File C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c44f9e21-d93f-490c-b41c-b3548bdd19fc} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c44f9e21-d93f-490c-b41c-b3548bdd19fc}\ not found.

File C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1660B308-BECB-4062-890D-396B2FBBC8CA} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1660B308-BECB-4062-890D-396B2FBBC8CA}\ not found.

File C:\Program Files (x86)\ReducBarre\ReducBarre.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{22E03916-85C5-44B0-8DC9-1830C11238D9} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22E03916-85C5-44B0-8DC9-1830C11238D9}\ not found.

File C:\Program Files (x86)\Elf_1\prxtbElf0.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B80F591E-FE9A-46CF-A13E-180377240586} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B80F591E-FE9A-46CF-A13E-180377240586}\ not found.

File C:\Program Files (x86)\Elf_1.13\prxtbElf_.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C44F9E21-D93F-490C-B41C-B3548BDD19FC} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}\ not found.

File C:\Program Files (x86)\Productivity_2.1\prxtbProd.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BEWINTERNET-FR-DMGP-V2SessionManager deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.

File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A9007C0-4076-11D3-8789-0000F8105754}\ not found.

File {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\ not found.

File {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807563E5-5146-11D5-A672-00B0D022E945}\ deleted successfully.

C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL moved successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82d2c6ca-9f00-11df-9649-00262293df2f}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82d2c6ca-9f00-11df-9649-00262293df2f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82d2c6ca-9f00-11df-9649-00262293df2f}\ not found.

File F:\AutoRunCardDetector.exe not found.

ADS C:\ProgramData\Temp:AB689DEA deleted successfully.

ADS C:\ProgramData\Temp:5D7E5A8F deleted successfully.

ADS C:\ProgramData\Temp:4D066AD2 deleted successfully.

ADS C:\ProgramData\Temp:93DE1838 deleted successfully.

ADS C:\ProgramData\Temp:370EF5E8 deleted successfully.

ADS C:\ProgramData\Temp:0B9176C0 deleted successfully.

ADS C:\ProgramData\Temp:E3C56885 deleted successfully.

ADS C:\ProgramData\Temp:E1F04E8D deleted successfully.

ADS C:\ProgramData\Temp:ABE89FFE deleted successfully.

ADS C:\ProgramData\Temp:4CF61E54 deleted successfully.

ADS C:\ProgramData\Microsoft:ksIB5GmrV8jrJpMwDeXHwNDJXLcN deleted successfully.

ADS C:\ProgramData\Microsoft:ry6tCUwWVnZbcmjP4Aa82DiYZUUjf deleted successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== FILES ==========

File\Folder C:\Program Files (x86)\Productivity_2.1 not found.

C:\Program Files (x86)\Elf_1.13 folder moved successfully.

C:\Program Files (x86)\ConduitEngine folder moved successfully.

File\Folder C:\Program Files (x86)\Elf_1 not found.

C:\Users\GEANT\AppData\Local\Conduit\CT2857573 folder moved successfully.

C:\Users\GEANT\AppData\Local\Conduit folder moved successfully.

C:\jre-6u22-windows-i586-iftw-rv.exe moved successfully.

C:\QuickTimeInstaller.exe moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Classic .NET AppPool

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 41620 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33472 bytes

->Flash cache emptied: 56502 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: GEANT

->Temp folder emptied: 12109485 bytes

->Temporary Internet Files folder emptied: 356862313 bytes

->Java cache emptied: 3049592 bytes

->FireFox cache emptied: 42952363 bytes

->Apple Safari cache emptied: 0 bytes

->Flash cache emptied: 102665 bytes

User: Invité

->Temp folder emptied: 3275145 bytes

->Temporary Internet Files folder emptied: 31590069 bytes

->Java cache emptied: 9341 bytes

->FireFox cache emptied: 65784681 bytes

->Flash cache emptied: 23456 bytes

User: photogaphe didier

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 1738097 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67910 bytes

RecycleBin emptied: 12352163655 bytes

Total Files Cleaned = 12 274,00 mb

[EMPTYFLASH]

User: All Users

User: Classic .NET AppPool

->Flash cache emptied: 0 bytes

User: Default

->Flash cache emptied: 0 bytes

User: Default User

->Flash cache emptied: 0 bytes

User: GEANT

->Flash cache emptied: 0 bytes

User: Invité

->Flash cache emptied: 0 bytes

User: photogaphe didier

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.20.2 log created on 01212011_105935

Files\Folders moved on Reboot...

C:\Users\GEANT\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File\Folder C:\Windows\temp\_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot...

lance_yien · le 21 janvier 2011

Beaucoup mieux

A quel moment se manifeste cette page et que dit-elle? (texte affiché, capture d'écran etc...)

Fermer tout et relancer OTL.

Sans rien changer et sans rien ajouter, cliquer sur le bouton bleu Analyse et laisser faire.

Copier/ Coller le contenu du rapport généré.

jdhog · le 21 janvier 2011

Beaucoup mieux

A quel moment se manifeste cette page et que dit-elle? (texte affiché, capture d'écran etc...)

Fermer tout et relancer OTL.

Sans rien changer et sans rien ajouter, cliquer sur le bouton bleu Analyse et laisser faire.

Copier/ Coller le contenu du rapport généré.

la je viens de le rallumer la pub n'est pas arriver sans que me connecte a exploreur

par contre dés que je me suis connecter la deuxieme page cet ouverte url commence adsregiepub cela ne s'affiche pas passe a url Vérificateur d'orthographe

la premiere je n'arrive pas la choper elle en instantaner

je fais le scanne

A+

jdhog · le 21 janvier 2011

la je viens de le rallumer la pub n'est pas arriver sans que me connecte a exploreur

par contre dés que je me suis connecter la deuxieme page cet ouverte url commence adsregiepub cela ne s'affiche pas passe a url Vérificateur d'orthographe

la premiere je n'arrive pas la choper elle en instantaner

je fais le scanne

A+

OTL logfile created on: 21/01/2011 13:01:10 - Run 4

OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\GEANT\Desktop\anti virus

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free

8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 157,77 Gb Total Space | 29,25 Gb Free Space | 18,54% Space Free | Partition Type: NTFS

Drive D: | 128,22 Gb Total Space | 12,22 Gb Free Space | 9,53% Space Free | Partition Type: NTFS

Computer Name: DIDIER-PC | User Name: GEANT | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/20 12:56:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GEANT\Desktop\anti virus\OTL.exe

PRC - [2011/01/17 19:07:43 | 000,936,712 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

PRC - [2011/01/17 19:07:42 | 001,402,272 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

PRC - [2011/01/13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/12/27 10:53:51 | 000,629,336 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe

PRC - [2010/12/27 10:53:38 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe

PRC - [2010/12/09 10:52:54 | 000,684,032 | ---- | M] () -- C:\Program Files (x86)\cspep\cspep.exe

PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

PRC - [2010/08/24 10:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

PRC - [2010/08/04 16:18:56 | 000,966,656 | ---- | M] (PCTUTO) -- C:\Program Files (x86)\PCTuto\pctuto.exe

PRC - [2009/11/03 05:22:51 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2009/10/29 12:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

PRC - [2009/10/22 03:53:42 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

PRC - [2009/10/13 20:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2009/09/10 14:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

PRC - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

PRC - [2009/08/18 10:42:08 | 001,157,128 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe

PRC - [2009/08/04 06:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

PRC - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe

PRC - [2009/06/18 02:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

PRC - [2008/07/29 19:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe

PRC - [2007/06/20 22:04:22 | 000,046,432 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\WkCalRem.exe

========== Modules (SafeList) ==========

MOD - [2011/01/20 12:56:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\GEANT\Desktop\anti virus\OTL.exe

MOD - [2011/01/20 10:08:16 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll

MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/01/13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2010/10/13 11:41:06 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)

SRV:64bit: - [2010/10/13 11:41:04 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)

SRV:64bit: - [2010/01/19 16:49:16 | 000,055,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc)

SRV:64bit: - [2009/10/29 20:10:02 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/14 02:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)

SRV:64bit: - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)

SRV - [2011/01/17 19:07:42 | 001,402,272 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)

SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/08/24 10:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®

SRV - [2009/09/10 14:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)

SRV - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)

SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)

SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)

SRV - [2009/07/14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)

SRV - [2009/07/14 02:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)

SRV - [2009/06/18 02:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)

SRV - [2009/06/18 02:31:46 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/01/13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2010/11/22 09:50:19 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)

DRV:64bit: - [2010/10/05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)

DRV:64bit: - [2010/04/03 09:30:40 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0150.sys -- (RsFx0150)

DRV:64bit: - [2009/11/13 09:47:38 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)

DRV:64bit: - [2009/10/13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009/09/22 00:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)

DRV:64bit: - [2009/09/02 17:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/08/21 10:18:16 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/14 01:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST) Protocole RMCAST (multidiffusion fiable)

DRV:64bit: - [2009/06/18 13:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2009/06/15 12:45:35 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)

DRV:64bit: - [2009/06/15 12:45:35 | 000,116,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)

DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/02 12:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV:64bit: - [2009/06/02 12:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV:64bit: - [2009/06/02 12:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/05/05 09:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)

DRV:64bit: - [2009/05/05 09:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)

DRV:64bit: - [2007/02/16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)

DRV - [2010/11/22 09:50:21 | 000,017,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)

DRV - [2009/09/02 02:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV - [2009/03/26 04:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\Drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_5732z&r=27360210f545l0304z1l5t48k2d912

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Portail Orange : Actu, Sport, Assistance Internet, Web Mail Orange

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: reducbarre@reducbarre.com:1.1

FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/15 10:00:42 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/15 10:00:42 | 000,000,000 | ---D | M]

[2010/12/07 20:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Extensions

[2010/12/07 20:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Extensions\home2@tomtom.com

[2011/01/20 21:09:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GEANT\AppData\Roaming\mozilla\Firefox\Profiles\h80luezw.default\extensions

[2011/01/06 12:59:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/05/25 12:33:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/08/17 00:55:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/11/27 03:13:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/01/06 12:59:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

File not found (No name found) -- C:\USERS\GEANT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\H80LUEZW.DEFAULT\EXTENSIONS\REDUCBARRE@REDUCBARRE.COM

[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

[2010/06/12 02:05:49 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/06/12 02:05:49 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/06/12 02:05:49 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/06/12 02:05:49 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/06/12 02:05:49 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/01/21 11:01:37 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost