Il y a actuellement 531 visiteurs
Dimanche 22 Décembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

[Réglé] (aide) Redirection vers d'autres sites. • page 3

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

Re: [aide] Redirection vers d'autres sites.

Message le 05 Juin 2012 18:13

Le logiciel plante quand je fais des scan " a cessé de fonctionné".

Et pour le virus c'est a chaque fois que je redémarre le pc qu'il réaparrait
Boubou2509
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 126
Inscription: 15 Jan 2011 20:42
 


Re: [aide] Redirection vers d'autres sites.

Message le 05 Juin 2012 18:14

• Si ton antivirus affiche une alerte, ignores-la et désactives l'antivirus temporairement.
Branches toutes tes sources de données externes à ton PC
(Clé USB, Disque dur Externe, iPod/iPhone/iPad, MP3, Carte SD, etc ...) sans les ouvrir.


• Télécharges UsbFix sur ton Bureau.

/!\ Utilisateur de Windows Vista et Windows Seven : Clique droit sur le logo de USBFix, « Exécuter en tant qu'Administrateur » /!\

• Lances UsbFix.
• Cliques sur Recherche.
• Patientes le temps du scan.
• UsbFix va ouvrir le bloc-notes et y copier le rapport d'analyse.
• Enregistres le rapport sur ton Bureau.
• Héberges le rapport UsbFix sur CJoint.com
• Postes le lien donné.

/!\ Note : Pour éviter de figer l'analyse USBFix, laisses le travailler sans toucher à ton P.C. ! /!\
Avatar de l'utilisateur
Yanis91270
PC-Infopraticien
PC-Infopraticien
 
Messages: 2667
Inscription: 24 Avr 2012 16:49
Localisation: Parc des Princes / Bgayet
 

Re: [aide] Redirection vers d'autres sites.

Message le 05 Juin 2012 18:28

Code: Tout sélectionner
############################## | UsbFix V 7.084 | [Recherche]

Utilisateur: SON (Administrateur) # SON-PC
Mis à jour le 13/03/2012 par El Desaparecido
Lancé à 19:20:50 | 05/06/2012

Site Web: http://eldesaparecido.com
Fichier suspect ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: System manufacturer (System Product Name) (x64-based PC) # Desktop Computer
CPU: Intel(R) Core(TM) i5 CPU         750  @ 2.67GHz (2668)
RAM -> [ Total : 2046 | Free : 806 ]
BIOS: BIOS Date: 12/14/10 15:27:28 Ver: 08.00.15
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium  (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [ (!) Disabled ]
WU: Windows Update Service [ Enabled ]
AV: Microsoft Security Essentials [ Enabled | Updated ]
FW: Windows FireWall Service [ (!) Disabled ]

C:\ (%systemdrive%) -> Disque fixe # 443 Go (361 Go libre(s) - 81%) [] # NTFS
E:\ -> Disque fixe # 488 Go (314 Go libre(s) - 64%) [Boubou] # NTFS
F:\ -> CD-ROM
V:\ -> Disque fixe # 932 Go (336 Go libre(s) - 36%) [Videos] # NTFS

################## | Processus Actif |

C:\Windows\system32\csrss.exe (428)
C:\Windows\system32\wininit.exe (508)
C:\Windows\system32\csrss.exe (528)
C:\Windows\system32\services.exe (564)
C:\Windows\system32\lsass.exe (592)
C:\Windows\system32\lsm.exe (600)
C:\Windows\system32\svchost.exe (712)
C:\Windows\system32\svchost.exe (792)
C:\Windows\system32\atiesrxx.exe (844)
C:\Windows\system32\winlogon.exe (892)
C:\Windows\System32\svchost.exe (932)
C:\Windows\System32\svchost.exe (972)
C:\Windows\system32\svchost.exe (1004)
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (312)
C:\Windows\system32\svchost.exe (532)
C:\Windows\system32\svchost.exe (1104)
C:\Windows\system32\atieclxx.exe (1132)
C:\Windows\System32\spoolsv.exe (1336)
C:\Windows\system32\Dwm.exe (1560)
C:\Windows\Explorer.EXE (1592)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (1608)
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe (1652)
C:\Windows\system32\taskhost.exe (1676)
C:\Program Files\Bonjour\mDNSResponder.exe (1700)
C:\Windows\System32\svchost.exe (1772)
C:\Windows\system32\lxefcoms.exe (1868)
C:\Windows\SysWOW64\IoctlSvc.exe (1936)
C:\Windows\system32\svchost.exe (808)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (1200)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (2008)
C:\Windows\system32\taskeng.exe (2160)
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe (2284)
C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe (2300)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2352)
C:\Program Files\Microsoft Security Client\msseces.exe (2648)
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (2656)
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (2704)
C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe (2752)
C:\Program Files (x86)\Razer\BlackWidow\BlackWidowTray.exe (2768)
C:\Program Files (x86)\iTunes\iTunesHelper.exe (2796)
C:\Program Files\iPod\bin\iPodService.exe (3004)
C:\Windows\system32\SearchIndexer.exe (1468)
C:\Program Files\Windows Media Player\wmpnetwk.exe (1068)
C:\Windows\system32\svchost.exe (2988)
C:\Windows\system32\wbem\wmiprvse.exe (3116)
C:\Program Files (x86)\Mozilla Firefox\firefox.exe (3612)
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (2736)
C:\Windows\system32\wuauclt.exe (3052)
C:\Windows\SysWOW64\ping.exe (2256)
C:\Windows\system32\conhost.exe (724)
C:\Windows\system32\SearchProtocolHost.exe (4044)
C:\Windows\system32\SearchFilterHost.exe (3588)
C:\UsbFix\Go.exe (776)
C:\Windows\system32\wbem\wmiprvse.exe (2500)

################## | Éléments infectieux |


################## | Registre |


################## | Mountpoints2 |



################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
V:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F |


Le truc d'avant il plante juste apres avoir trouvé l'infection :
[url]
http://imageshack.us/f/10/sanstitrezyq.jpg/[/url]
Boubou2509
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 126
Inscription: 15 Jan 2011 20:42
 

Re: [aide] Redirection vers d'autres sites.

Message le 05 Juin 2012 18:38

Okay, retentes en Mode Sans Echec.
Avatar de l'utilisateur
Yanis91270
PC-Infopraticien
PC-Infopraticien
 
Messages: 2667
Inscription: 24 Avr 2012 16:49
Localisation: Parc des Princes / Bgayet
 

Re: [aide] Redirection vers d'autres sites.

Message le 05 Juin 2012 19:02

Crash aussi en mode sans echec ...

C'est bizarre quand même que ce truc persiste ...
y'a pas un truc pour le virer une bonne fois pour toute ?
Boubou2509
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 126
Inscription: 15 Jan 2011 20:42
 

Re: [aide] Redirection vers d'autres sites.

Message le 05 Juin 2012 21:13

• Télécharges AntiZeroAccess sur ton Bureau.

/!\ Utilisateur de Windows Vista et Windows Seven : Cliques droit sur le logo de AdwCleaner, « Exécuter en tant qu'Administrateur » /!\

• Lances le.
• Tapes Y et appuyes sur Entrée pour lancer le scan.
• Si un redémarrage est nécessaire, le faire immédiatement.
• AntiZeroAccess va ouvrir le bloc-notes et y copier le rapport d'analyse.
• Enregistres le rapport sur ton Bureau.
• Héberges le rapport AntiZeroAccess sur CJoint.com
• Postes le lien donné.

/!\ Note : AntiZeroAccess.txt est enregistré dans le même emplacement que le programme AntiZeroAccess /!\
Avatar de l'utilisateur
Yanis91270
PC-Infopraticien
PC-Infopraticien
 
Messages: 2667
Inscription: 24 Avr 2012 16:49
Localisation: Parc des Princes / Bgayet
 

Re: [aide] Redirection vers d'autres sites.

Message le 06 Juin 2012 16:16

Le logiciel "Only work on 32bit"
Boubou2509
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 126
Inscription: 15 Jan 2011 20:42
 

Re: [aide] Redirection vers d'autres sites.

Message le 06 Juin 2012 16:24

• AVANT D' UTILISER COMBOFIX •

Tu utilises un logiciel d'émulation de CD, Daemon Tools peur gêner les outils de désinfection.
Utilises Defogger pour les désactiver temporairement :

• Télécharges Defogger sur ton Bureau.
• Lances le.
• Une fenêtre va apparaitre. Cliques sur Disable.
• Redémarres ton Ordinateur si Defogger te le demande.

• Désactives l' U.A.C. le temps de la désinfection.
• Fermes tous tes programmes et applications en cours.
• Deconnectes toi d' Internet.
• Désactives tous tes logiciels de protection (AntiVirus, AntiSpyware, AntiMalwara, PareFeu, ...)
• Pendant la durée de cette étape, ne te sert pas du pc et n'ouvres aucun programme.


• Fais un clique droit sur ComboFix et enregistres la cible du lien sous ton Bureau sous un autre nom exemple ton pseudo.exe.

/!\ Utilisateur de Windows Vista et Windows Seven : Clique droit sur le logo de ComboFix, « Exécuter en tant qu'Administrateur » /!\

/!\ Acceptes l'installation de la console de récupération si ComboFix te le demande /!\

• Réponds Oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
• Il se peut que Combofix ait besoin de se connecter à internet pour trouver les mises à jour, donc il faut l'autoriser.

• En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection, laisses-le faire.
• ComboFix va ouvrir le bloc-notes et y copier le rapport d'analyse.
• Enregistres le rapport sur ton Bureau.
• Héberges le rapport ComboFix sur CJoint.com
• Postes le lien donné.

• APRÈS AVOIR UTILISER COMBOFIX •

• Ré-actives la protection de l' U.A.C.
• Réactives Daemon Tools en relançant Defogger et en cliquant sur Re-enable.
Avatar de l'utilisateur
Yanis91270
PC-Infopraticien
PC-Infopraticien
 
Messages: 2667
Inscription: 24 Avr 2012 16:49
Localisation: Parc des Princes / Bgayet
 

Re: [aide] Redirection vers d'autres sites.

Message le 06 Juin 2012 18:02

pas de rapport pour combofix ...
Boubou2509
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 126
Inscription: 15 Jan 2011 20:42
 

Re: [aide] Redirection vers d'autres sites.

Message le 06 Juin 2012 19:33

Le rapport se trouve là:

C:\ComboFix.txt
Avatar de l'utilisateur
Yanis91270
PC-Infopraticien
PC-Infopraticien
 
Messages: 2667
Inscription: 24 Avr 2012 16:49
Localisation: Parc des Princes / Bgayet
 

Re: [aide] Redirection vers d'autres sites.

Message le 07 Juin 2012 15:45

introuvable ...
Boubou2509
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 126
Inscription: 15 Jan 2011 20:42
 

Re: [aide] Redirection vers d'autres sites.

Message le 08 Juin 2012 17:16

je te jure que y'a pas de rapport :(
Boubou2509
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 126
Inscription: 15 Jan 2011 20:42
 

Re: [aide] Redirection vers d'autres sites.

Message le 08 Juin 2012 17:20

Pas de souci, je te crois ^^

• Télécharges OTL sur ton Bureau.

/!\ Utilisateur de Windows Vista et Windows Seven : Clique droit sur le logo de OTL, « Exécuter en tant qu'Administrateur » /!\

• Lances OTL.
• Coches toutes ces cases:
Tous les utilisateurs, Recherche Lop, Recherche Purity et mets 60 Jours à l'âge du fichier. #Screen.

• Sous Personnalisation, copies & colles ceci:
Code: Tout sélectionner
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs


• Cliques sur Analyse.
• Patientes le temps de l'analyse.
• OTL va ouvrir 2 rapports dans le bloc-notes (Extras.txt & OTLTxt).
• Enregistres les 2 rapports sur ton Bureau.
• Héberges les rapports Extras.txt & OLT.txt sur CJoint.com
• Postes les liens donnés.

/!\ Note : Pour éviter de figer l'analyse OTL, laisses le travailler sans toucher à ton P.C. ! /!\
Avatar de l'utilisateur
Yanis91270
PC-Infopraticien
PC-Infopraticien
 
Messages: 2667
Inscription: 24 Avr 2012 16:49
Localisation: Parc des Princes / Bgayet
 

Re: [aide] Redirection vers d'autres sites.

Message le 08 Juin 2012 18:17

voila

Code: Tout sélectionner
OTL logfile created on: 08/06/2012 19:07:25 - Run 1
OTL by OldTimer - Version 3.2.47.0     Folder = C:\Users\SON\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
2,00 Gb Total Physical Memory | 0,54 Gb Available Physical Memory | 27,21% Memory free
4,00 Gb Paging File | 1,92 Gb Available in Paging File | 48,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,13 Gb Total Space | 357,88 Gb Free Space | 80,76% Space Free | Partition Type: NTFS
Drive E: | 488,28 Gb Total Space | 313,78 Gb Free Space | 64,26% Space Free | Partition Type: NTFS
Drive V: | 931,51 Gb Total Space | 335,94 Gb Free Space | 36,06% Space Free | Partition Type: NTFS
 
Computer Name: SON-PC | User Name: SON | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/06/08 19:06:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\SON\Downloads\OTL.exe
PRC - [2012/04/21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/04/04 15:56:38 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012/02/27 00:15:32 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
PRC - [2012/02/15 10:32:12 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2011/06/03 11:04:26 | 000,979,360 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
PRC - [2011/05/16 12:43:32 | 000,887,696 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\BlackWidow\BlackWidowTray.exe
PRC - [2011/04/01 05:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2010/07/07 10:58:02 | 001,089,664 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe
PRC - [2010/06/24 14:19:50 | 000,109,056 | ---- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
PRC - [2009/07/17 13:48:18 | 006,038,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
PRC - [2009/07/14 03:14:28 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PING.EXE
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2006/12/19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/06/05 15:25:40 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/04/21 03:16:53 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/20 14:19:56 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2010/06/01 10:38:40 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
MOD - [2010/02/08 17:19:52 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
MOD - [2009/09/30 11:33:08 | 000,024,576 | ---- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009/07/17 13:48:18 | 006,038,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
MOD - [2009/04/22 20:20:00 | 000,179,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\AsusService.dll
MOD - [2009/04/20 13:55:34 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\pngio.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011/07/28 23:35:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2010/09/09 18:10:20 | 001,070,760 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxefcoms.exe -- (lxef_device)
SRV - [2012/06/05 15:27:28 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/04/01 05:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/06/24 14:19:50 | 000,109,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006/12/19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2011/09/02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:[b]64bit:[/b] - [2011/09/02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:[b]64bit:[/b] - [2011/07/29 00:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2011/07/28 22:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2011/06/07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2011/05/12 18:04:22 | 000,154,624 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:[b]64bit:[/b] - [2011/05/10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2011/04/01 05:07:54 | 004,184,672 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam 200(UVC)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/08/04 21:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2010/07/29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:[b]64bit:[/b] - [2009/08/31 10:09:38 | 000,112,240 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:[b]64bit:[/b] - [2009/07/16 11:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 22:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:[b]64bit:[/b] - [2005/11/07 15:33:12 | 000,021,120 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DB3G.sys -- (Razerlow)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/28 19:40:18 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/08/29 10:16:50] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 52 40 49 D4 E1 66 CC 01  [binary data]
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/04 18:58:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/08/30 12:50:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SON\AppData\Roaming\mozilla\Extensions
[2012/06/06 19:28:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SON\AppData\Roaming\mozilla\Firefox\Profiles\syqhj9f5.default\extensions
[2012/06/04 18:58:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/21 03:45:57 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2012/04/21 03:45:57 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/21 03:45:57 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/04/21 03:45:57 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2012/04/21 03:45:57 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/04/21 03:45:57 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: Skype Click to Call = C:\Users\SON\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
 
O1 HOSTS File: ([2011/08/30 16:08:22 | 000,000,860 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       activate.adobe.com
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow\BlackWidowTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe (Razer USA Ltd)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47380B57-9875-4784-9F19-F186D78EEAB4}: DhcpNameServer = 62.201.142.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E8E661A-82E7-45E1-8C4E-E99BAC28E84F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F74DB9CE-2F0F-4DA0-84F2-28E9CCED0F63}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/06/01 22:52:03 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/06/01 22:52:03 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/06/01 22:52:03 | 000,000,000 | RHSD | M] - V:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] MsMpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PEVSystemStart - Service
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] procexp90.Sys - Driver
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] BFE - Service
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] MsMpSvc - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PEVSystemStart - Service
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] procexp90.Sys - Driver
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - C:\Windows\SysWOW64\wbem\mpssvc.mof ()
SafeBootNet: MsMpSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:[b]64bit:[/b] {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:[b]64bit:[/b] >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:[b]64bit:[/b] >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:[/b] vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/06/08 07:38:41 | 000,000,000 | ---D | C] -- C:\Windows\TempB495D829-0699-A3C8-EF5C-E5DE92770D5C-Signatures
[2012/06/07 07:53:05 | 000,000,000 | ---D | C] -- C:\Windows\Temp1890B691-EEBB-841A-617A-02A6A4EFA4FD-Signatures
[2012/06/06 18:55:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/06 18:55:46 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/06/06 08:41:30 | 000,000,000 | ---D | C] -- C:\Windows\Temp2B299613-5CAE-11C2-F3DA-705BCA429DF5-Signatures
[2012/06/05 21:34:06 | 000,000,000 | ---D | C] -- C:\Windows\Temp2AD1573C-85FB-254F-C0BC-A072CB16F733-Signatures
[2012/06/05 19:20:46 | 000,000,000 | ---D | C] -- C:\UsbFix
[2012/06/05 18:30:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2012/06/05 18:30:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2012/06/05 15:25:40 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/05 15:25:40 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/05 13:51:35 | 000,000,000 | ---D | C] -- C:\Users\SON\AppData\Roaming\DiskAid
[2012/06/05 13:42:38 | 000,000,000 | ---D | C] -- C:\Users\SON\AppData\Roaming\libimobiledevice
[2012/06/05 13:42:28 | 000,000,000 | ---D | C] -- C:\Users\SON\AppData\Roaming\log
[2012/06/05 13:42:28 | 000,000,000 | ---D | C] -- C:\Users\SON\AppData\Roaming\6beb527b45923a8c6b4c5773a7012ebb0ae1ec13
[2012/06/05 13:42:14 | 000,000,000 | ---D | C] -- C:\Users\SON\AppData\Local\4Videosoft Studio
[2012/06/05 13:42:13 | 000,000,000 | ---D | C] -- C:\Users\SON\Documents\4Videosoft Studio
[2012/06/05 13:32:20 | 000,000,000 | ---D | C] -- C:\Users\SON\AppData\Roaming\WindSolutions
[2012/06/05 13:26:00 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2012/06/05 12:55:42 | 000,000,000 | ---D | C] -- C:\Users\SON\Desktop\absinthe-win-2.0
[2012/06/05 12:26:03 | 000,000,000 | ---D | C] -- C:\Windows\Temp200C3B0B-FD9C-DD31-656E-DC6BA5972551-Signatures
[2012/06/04 22:04:20 | 000,000,000 | ---D | C] -- C:\Windows\TempFF27DC57-46DB-BC93-DC5B-7D692D9C9910-Signatures
[2012/06/04 19:37:41 | 000,000,000 | ---D | C] -- C:\ZHP
[2012/06/04 19:06:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/06/04 19:06:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/06/04 18:58:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/06/04 18:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2012/06/03 20:54:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/06/03 20:54:28 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/06/03 20:54:28 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/06/03 20:54:23 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/06/03 20:54:23 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/06/03 20:44:25 | 000,000,000 | ---D | C] -- C:\Users\SON\AppData\Local\Macromedia
[2012/06/03 20:38:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileHippo.com
[2012/06/03 20:37:22 | 000,000,000 | ---D | C] -- C:\Users\SON\AppData\Roaming\CrystalIdea Software
[2012/06/03 19:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012/06/03 12:24:58 | 000,000,000 | ---D | C] -- C:\Windows\TempDB2AD471-F40B-C846-3D75-F4139CBB6374-Signatures
[2012/06/02 22:43:52 | 000,000,000 | ---D | C] -- C:\Windows\TempB3501B11-850E-0712-8396-D95A37CEABB8-Signatures
[2012/06/02 17:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPFix
[2012/06/02 11:37:55 | 000,000,000 | ---D | C] -- C:\Windows\Temp7D710F40-D8CD-DEC9-7AC2-77E748B1B528-Signatures
[2012/06/01 22:52:03 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2012/06/01 14:03:52 | 000,000,000 | ---D | C] -- C:\Windows\Temp2150D4F0-D8F8-51F9-628E-E2F8F597BAE8-Signatures
[2012/05/31 21:56:57 | 000,000,000 | ---D | C] -- C:\Windows\Temp2412A0D7-6995-5415-BECD-D10B7E85ACCD-Signatures
[2012/05/31 17:28:19 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/05/31 14:07:44 | 000,000,000 | ---D | C] -- C:\Windows\Temp299C198C-A22B-749D-5A0E-790CF7FBBC92-Signatures
[2012/05/30 08:40:45 | 000,000,000 | ---D | C] -- C:\Windows\TempDA34B710-6D1A-7001-5686-0C9FED948F81-Signatures
[2012/05/30 08:29:42 | 000,000,000 | ---D | C] -- C:\Windows\Temp647AB916-2E59-3FB6-376B-0C1ED8D85695-Signatures
[2012/05/29 12:42:51 | 000,000,000 | ---D | C] -- C:\Windows\TempF177DC0E-21C8-77EC-B4EE-B102A0CEA5C3-Signatures
[2012/05/29 12:37:00 | 000,000,000 | ---D | C] -- C:\found.006
[2012/05/28 15:31:23 | 000,000,000 | ---D | C] -- C:\Windows\Temp95BAC4CC-0A44-B1E0-454D-9C6D910927B5-Signatures
[2012/05/27 11:42:19 | 000,000,000 | ---D | C] -- C:\Windows\TempC37581E8-8914-D8AD-9DAB-33663156698D-Signatures
[2012/05/26 10:56:46 | 000,000,000 | ---D | C] -- C:\Windows\Temp7C452E1A-FC57-FDA8-7D7A-C02D37EDC8F3-Signatures
[2012/05/25 17:21:20 | 000,000,000 | ---D | C] -- C:\Users\SON\Desktop\__MACOSX
[2012/05/25 17:20:53 | 005,433,715 | ---- | C] (Igor Pavlov) -- C:\Users\SON\Desktop\absinthe-win-2.0.exe
[2012/05/25 15:20:17 | 000,000,000 | ---D | C] -- C:\Windows\Temp203BAAE7-0DD4-B5EA-57E8-0FDF36F2D2D8-Signatures
[2012/05/24 21:29:58 | 000,000,000 | ---D | C] -- C:\Windows\Temp485893E1-4DC2-0BD7-DBC4-5AA2F2F5B777-Signatures
[2012/05/24 20:13:23 | 000,000,000 | ---D | C] -- C:\Users\SON\Documents\Fichiers Outlook
[2012/05/24 17:29:54 | 000,000,000 | ---D | C] -- C:\Windows\Temp1FF2525D-7DFA-B578-1F23-4396769C1923-Signatures
[2012/05/21 18:02:38 | 000,000,000 | ---D | C] -- C:\Windows\TempF760698E-B50E-36FF-657F-F68DA5C53462-Signatures
[2012/05/20 10:38:37 | 000,000,000 | ---D | C] -- C:\Windows\Temp647D5CC1-AC12-C837-E9ED-633CEDC6A556-Signatures
[2012/05/19 14:18:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012/05/19 14:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/05/19 14:17:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012/05/19 14:17:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/05/19 14:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2012/05/19 14:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/05/19 14:15:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/05/19 14:14:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/05/19 14:14:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/05/19 14:14:25 | 000,000,000 | ---D | C] -- C:\Users\SON\AppData\Local\Microsoft Help
[2012/05/19 14:14:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/05/19 14:14:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/05/19 14:13:02 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/05/19 14:12:54 | 000,000,000 | ---D | C] -- C:\Users\SON\AppData\Roaming\TuneUp Software
[2012/05/19 14:12:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012/05/19 14:12:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/05/19 14:12:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/05/19 14:11:17 | 000,000,000 | ---D | C] -- C:\Users\SON\AppData\Roaming\DAEMON Tools Lite
[2012/05/19 14:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012/05/19 10:43:58 | 000,000,000 | ---D | C] -- C:\Windows\TempA7CFD094-1821-D67B-4516-84BB2E746F9D-Signatures
[2012/05/18 09:51:09 | 000,000,000 | ---D | C] -- C:\Windows\Temp4B3F5317-4B89-4EFD-3DB7-4B95EFCC4178-Signatures
[2012/05/17 23:24:47 | 000,000,000 | ---D | C] -- C:\Windows\TempF24D7F04-5449-AF18-A0D0-EE058BF5AFE3-Signatures
[2012/05/17 10:53:30 | 000,000,000 | ---D | C] -- C:\Windows\TempF81A8D62-A821-6DB5-255B-D2CBD09E077D-Signatures
[2012/05/16 08:14:02 | 000,000,000 | ---D | C] -- C:\Windows\Temp7198E682-1B11-078E-1F41-7CD7987B8B00-Signatures
[2012/05/16 08:03:36 | 000,000,000 | ---D | C] -- C:\Windows\TempA63C1525-1A40-894A-1F2D-404EB64D47B5-Signatures
[2012/05/15 17:25:13 | 000,000,000 | ---D | C] -- C:\Windows\Temp6819ACCE-EE7E-5D0F-2631-9B2D4B704DED-Signatures
[2012/05/14 17:49:13 | 000,000,000 | ---D | C] -- C:\Windows\TempE172915D-246E-88D6-4348-45FA71C2E586-Signatures
[2012/05/13 10:22:13 | 000,000,000 | ---D | C] -- C:\Windows\TempE2437174-1582-C883-0E58-49B2C2F33E75-Signatures
[2012/05/12 18:16:05 | 000,000,000 | ---D | C] -- C:\Windows\TempAAA917D3-A237-AB2E-A9A3-380B2D33FED4-Signatures
[2012/05/11 15:38:37 | 000,000,000 | ---D | C] -- C:\Windows\Temp27243541-75F1-A066-7539-EDBA7EFD8686-Signatures
[2012/05/10 17:59:40 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/05/10 17:59:39 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/05/10 17:59:38 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/10 17:59:38 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/05/10 17:56:54 | 000,000,000 | ---D | C] -- C:\Windows\TempFFAC72C7-5628-A054-E17C-F35293C9899C-Signatures
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/06/08 19:09:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/06/08 18:55:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/08 18:41:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/08 18:26:04 | 000,023,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/08 18:26:04 | 000,023,632 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/08 18:24:07 | 001,564,338 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/08 18:24:07 | 000,709,358 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/06/08 18:24:07 | 000,621,074 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/08 18:24:07 | 000,132,686 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/06/08 18:24:07 | 000,108,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/08 18:19:01 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/08 18:19:01 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/06/08 18:18:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/08 18:18:50 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2012/06/08 18:18:35 | 1609,076,736 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/08 07:38:42 | 000,002,106 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/06/07 19:47:49 | 000,109,846 | ---- | M] () -- C:\Users\SON\Desktop\gelée pommes.jpg
[2012/06/06 18:45:47 | 000,000,000 | ---- | M] () -- C:\Users\SON\defogger_reenable
[2012/06/05 15:27:28 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/05 15:27:28 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/04 18:58:12 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/06/03 20:54:21 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/06/03 20:54:21 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/05/27 17:40:31 | 366,509,324 | ---- | M] () -- C:\Users\SON\Desktop\Breaking Bad - S03E02 - Tensions.avi
[2012/05/27 02:11:44 | 366,231,300 | ---- | M] () -- C:\Users\SON\Desktop\Breaking Bad - S03E01 - Crash.avi
[2012/05/25 12:30:54 | 005,433,715 | ---- | M] (Igor Pavlov) -- C:\Users\SON\Desktop\absinthe-win-2.0.exe
[2012/05/24 20:13:29 | 000,001,135 | ---- | M] () -- C:\Users\SON\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/05/24 20:10:12 | 001,584,566 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/20 10:34:32 | 000,442,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/06/08 19:09:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/06/08 18:48:54 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{a822ef32-eabc-c648-0ad8-3d92e1305c4b}\U\00000008.@
[2012/06/07 19:47:49 | 000,109,846 | ---- | C] () -- C:\Users\SON\Desktop\gelée pommes.jpg
[2012/06/06 18:45:47 | 000,000,000 | ---- | C] () -- C:\Users\SON\defogger_reenable
[2012/06/05 15:25:40 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/04 18:58:12 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/06/04 18:58:12 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/05/31 17:07:03 | 000,093,696 | ---- | C] () -- C:\Windows\Installer\{a822ef32-eabc-c648-0ad8-3d92e1305c4b}\U\80000032.@
[2012/05/31 17:06:58 | 000,076,800 | ---- | C] () -- C:\Windows\Installer\{a822ef32-eabc-c648-0ad8-3d92e1305c4b}\U\80000064.@
[2012/05/31 17:06:58 | 000,000,740 | ---- | C] () -- C:\Windows\Installer\{a822ef32-eabc-c648-0ad8-3d92e1305c4b}\L\00000004.@
[2012/05/31 17:06:55 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{a822ef32-eabc-c648-0ad8-3d92e1305c4b}\U\80000000.@
[2012/05/31 17:06:53 | 000,001,584 | ---- | C] () -- C:\Windows\Installer\{a822ef32-eabc-c648-0ad8-3d92e1305c4b}\U\000000cb.@
[2012/05/31 17:06:53 | 000,001,536 | ---- | C] () -- C:\Windows\Installer\{a822ef32-eabc-c648-0ad8-3d92e1305c4b}\U\00000004.@
[2012/05/27 19:01:39 | 366,509,324 | ---- | C] () -- C:\Users\SON\Desktop\Breaking Bad - S03E02 - Tensions.avi
[2012/05/27 19:01:27 | 366,231,300 | ---- | C] () -- C:\Users\SON\Desktop\Breaking Bad - S03E01 - Crash.avi
[2012/05/24 20:13:29 | 000,001,135 | ---- | C] () -- C:\Users\SON\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2012/05/06 15:57:17 | 000,005,672 | ---- | C] () -- C:\Users\SON\AppData\Local\Temp11.html
[2012/05/06 15:56:07 | 000,001,955 | ---- | C] () -- C:\Users\SON\AppData\Local\Temp1.html
[2012/02/02 16:57:52 | 000,106,856 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/01/11 19:05:44 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{a822ef32-eabc-c648-0ad8-3d92e1305c4b}\@
[2011/09/30 07:43:37 | 000,000,000 | ---- | C] () -- C:\Users\SON\AppData\Local\{33DB138E-75DB-498F-98BC-EEE8D43A80D7}
[2011/08/30 09:07:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/08/29 10:52:22 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011/08/29 10:52:22 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011/08/29 10:50:10 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2011/08/29 10:50:09 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011/08/29 10:50:09 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/08/29 10:12:48 | 001,584,566 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/17 23:54:02 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/04/01 05:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011/04/01 05:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/04/01 05:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011/03/17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012/06/05 13:42:28 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\6beb527b45923a8c6b4c5773a7012ebb0ae1ec13
[2012/06/03 20:37:22 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\CrystalIdea Software
[2012/06/07 18:48:17 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\DAEMON Tools Lite
[2012/06/05 13:55:59 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\DiskAid
[2012/04/20 20:33:20 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Garmin
[2012/02/07 22:49:20 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\GlarySoft
[2012/01/13 19:49:22 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\ImgBurn
[2011/12/27 03:19:48 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Leadertech
[2012/06/05 13:42:44 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\libimobiledevice
[2011/11/16 19:39:03 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\LibreOffice
[2012/06/05 13:42:28 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\log
[2012/02/04 22:05:07 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\LolClient
[2012/02/07 14:53:35 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\redsn0w
[2012/05/19 14:12:54 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\TuneUp Software
[2012/06/07 18:48:16 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\uTorrent
[2012/06/05 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\WindSolutions
[2011/08/30 15:45:11 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\xrecode2
[2012/06/08 18:19:01 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012/06/08 18:15:59 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2012/06/05 13:42:28 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\6beb527b45923a8c6b4c5773a7012ebb0ae1ec13
[2011/09/02 18:07:48 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Adobe
[2011/08/29 11:01:45 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Ahead
[2011/08/30 15:28:20 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Apple Computer
[2011/08/30 09:09:13 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\ATI
[2012/06/03 20:37:22 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\CrystalIdea Software
[2012/06/07 18:48:17 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\DAEMON Tools Lite
[2012/06/05 13:55:59 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\DiskAid
[2012/01/07 19:42:58 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\dvdcss
[2012/02/26 01:40:03 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\FastStone
[2012/04/20 20:33:20 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Garmin
[2012/02/07 22:49:20 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\GlarySoft
[2011/08/29 09:13:27 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Identities
[2012/01/13 19:49:22 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\ImgBurn
[2011/08/29 10:54:38 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\InstallShield
[2011/12/27 03:19:48 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Leadertech
[2012/06/05 13:42:44 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\libimobiledevice
[2011/11/16 19:39:03 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\LibreOffice
[2012/06/05 13:42:28 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\log
[2011/12/27 03:17:53 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Logishrd
[2011/12/27 03:19:59 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Logitech
[2012/02/04 22:05:07 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\LolClient
[2011/11/13 16:27:39 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Macromedia
[2012/03/06 17:57:55 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Malwarebytes
[2009/07/14 17:35:05 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Media Center Programs
[2012/05/28 17:51:22 | 000,000,000 | --SD | M] -- C:\Users\SON\AppData\Roaming\Microsoft
[2011/08/30 12:50:59 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Mozilla
[2012/02/07 14:53:35 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\redsn0w
[2012/06/07 18:48:16 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\Skype
[2012/05/19 14:12:54 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\TuneUp Software
[2012/06/07 18:48:16 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\uTorrent
[2012/02/07 22:43:41 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\vlc
[2012/06/05 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\WindSolutions
[2011/08/29 10:48:27 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\WinRAR
[2011/08/30 15:45:11 | 000,000,000 | ---D | M] -- C:\Users\SON\AppData\Roaming\xrecode2
 
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2011/12/27 03:19:48 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\SON\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
 
[color=#A23BEC]< %temp%\*.exe /s >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\consrv.dll >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/07/14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\atl.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
[color=#A23BEC]< MD5 for: WININIT.EXE  >[/color]
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >[/color]
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >[/color]
"Debug" =
"" = mnmsrvc
"Kmode" = \SystemRoot\System32\win32k.sys
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s >[/color]
"ProfilesDirectory" = %SystemDrive%\Users -- [2011/08/29 09:13:18 | 000,000,000 | ---D | M]
"Default" = %SystemDrive%\Users\Default -- [2011/08/29 09:13:11 | 000,000,000 | RH-D | M]
"Public" = %SystemDrive%\Users\Public -- [2009/07/14 17:35:05 | 000,000,000 | R--D | M]
"ProgramData" = %SystemDrive%\ProgramData -- [2012/06/05 13:56:31 | 000,000,000 | -H-D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18]
"Flags" = 12
"State" = 0
"RefCount" = 1
"Sid" = 01 01 00 00 00 00 00 05 12 00 00 00  [binary data]
"ProfileImagePath" = %systemroot%\system32\config\systemprofile -- [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19]
"ProfileImagePath" = C:\Windows\ServiceProfiles\LocalService -- [2012/06/08 12:25:51 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20]
"ProfileImagePath" = C:\Windows\ServiceProfiles\NetworkService -- [2012/06/08 12:25:51 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3076268114-1058155476-2427366309-1001]
"ProfileImagePath" = C:\Users\SON -- [2012/06/06 18:45:47 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 256
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 52 20 5C B7 D4 2B 12 3F A5 AB AE 90 E9 03 00 00  [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 1
"RunLogonScriptSync" = 0
 
[color=#A23BEC]< nslookup http://www.google.fr /c >[/color]
 
[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/04/21 03:46:41 | 000,869,120 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/04/21 03:46:41 | 000,869,120 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/04/21 03:46:41 | 000,869,120 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/04/21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/04/21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/04/21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/05/23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/05/23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/05/23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/05/23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/08/30 08:43:22 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/08/30 08:43:22 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/08/30 08:43:22 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/08/30 08:43:23 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/08/30 08:43:23 | 000,748,336 | ---- | M] (Microsoft Corporation)
 
[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color]
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/04/21 03:46:41 | 000,869,120 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/04/21 03:46:41 | 000,869,120 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/04/21 03:46:41 | 000,869,120 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/04/21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/04/21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/04/21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/05/23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/05/23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/05/23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/05/23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/08/30 08:43:20 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/08/30 08:43:20 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/08/30 08:43:20 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/08/30 08:43:23 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/08/30 08:43:23 | 000,748,336 | ---- | M] (Microsoft Corporation)

< End of report >
Boubou2509
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 126
Inscription: 15 Jan 2011 20:42
 

Re: [aide] Redirection vers d'autres sites.

Message le 08 Juin 2012 18:50

Code: Tout sélectionner
Poste moi aussi le rapport Extras.txt s'il te plait.


/!\ Utilisateur de Windows Vista et Windows Seven : Clique droit sur le logo de OTL, « Exécuter en tant qu'Administrateur » /!\

• Coches en haut à droite Rapport Minimal.
• Sous Personnalisation, copies & colles ceci:
Code: Tout sélectionner
:OTL
[2012/05/29 12:37:00 | 000,000,000 | ---D | C] -- C:\found.006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 52 40 49 D4 E1 66 CC 01  [binary data]
IE - HKU\S-1-5-21-3076268114-1058155476-2427366309-1001\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
[2011/08/30 12:50:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SON\AppData\Roaming\mozilla\Extensions
:Commands
[emptytemp]


• Cliques sur Correction.
• Patientes le temps de l'analyse.
• OTL va ouvrir le rapport dans le bloc-notes (OTL.log).
• Enregistres le rapport sur ton Bureau.
• Héberges le rapport OTL.log sur CJoint.com
• Postes le lien donnés.

/!\ Note : Pour éviter de figer l'analyse OTL, laisses le travailler sans toucher à ton P.C. ! /!\
Avatar de l'utilisateur
Yanis91270
PC-Infopraticien
PC-Infopraticien
 
Messages: 2667
Inscription: 24 Avr 2012 16:49
Localisation: Parc des Princes / Bgayet
 

PrécédenteSuivante


Sujets similaires

Message [Réglé] Votre avis sur les disques durs "INN®" (ou Innovtec)
Bonjour à tousFaisant des recherches sur le net en vue d'acheter un disque dur externe de 6 ou 8 To, je suis tombé sur des annonces - sur le site Cdiscount de la marque Innovtec et, vu les tarifs affichés, je m'interroge sur la qualité du produit.Par exemple, celui-ci : https://www.cdiscount.com/inf ...
Réponses: 8

Message [Réglé] Mauvaise performance SSD NVME
Bonjour, j'ai un WDC PC SN530 SDBPNPZ-512G, et quand je fais des benchmark où je ne comprends rien, ils m'indiquent dès résultat pas terrible, y a t'il moyen d'arranger ça ?https://www.userbenchmark.com/UserRun/68904129Merci de votre aide.
Réponses: 10

Message [Réglé] Suite de mon sujet Démarrage PC parfois difficile
Bonjour,j'avais ouvert un sujet suite au démarrage très lent de mon PC. Votre aide m'a permis d'améliorer la situation mais ce n'est pas parfait (plus de 2 minutes avant la fenêtre de saisie du code d'accès Windows).On m'a conseillé de demander une désinfection. J'ai suivi la procédure et je joins l ...
Réponses: 34

Message [Réglé] Clé usb qui s'affiche pas
Bonjour a tous ,Tout d'abord désolé si je me suis trompé de section.Voila j'ai un collègue qui m'a passé une clé usb avec une vidéo dessus pour que je change le formas et que la clé puisse lire la vidéo sur sa télé. Jusqu'à la tout va bien mais une fois que je met la clé dans mon ordi ( Windows 11 ) ...
Réponses: 13

Message [Réglé] Mini PC pour la 4k HDR
Bonjour (et bonne année a tous ),Actuellement, j'ai mon bon vieux mini PC (I5-4210U) , fonctionnel mais hélas devenu trop limité en performance pour la 4K (j'arrive à lire des fichiers en H264 avec très peu voir pas de lags tout dépend le lecteur) et on parle même pas avec du H265 (saccadé à mort) ...
Réponses: 6

Message [Réglé] android auto
Bonjour Je possede un tel. samsung S7 . Je viens d'intaller android auto et chaque fois que je branche mon tel. sur mon vehicule , mon telephone me dit de mettre android à jour. En fouillant un peu sur le net j'ai cru voir que samsung avait arreté les mises à jour sur les S7 . Est ce vrai , sinon co ...
Réponses: 3

Message [Réglè] HELP
Bonjour a tous,j'ai voulu désinstaller les pilotes AMD high définition audio device dans le gestionnaire croyant que les pilotes realtek prendraient la place j'ai redémarré mon PC et depuis je n'ai plus de son l?icône est affublée d'une belle croix rouge (aucun haut parleur ou casque n'est branché) ...
Réponses: 7


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 4 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.