Se connecter / S'enregistrer
Votre question
Résolu

[Résolu] Pub intempestives

Tags :
  • software
  • Sécurité
Dernière réponse : dans Sécurité et virus
25 Mai 2011 21:11:45

Bonsoir,

J'ai exécuter Navilog, voici le résultat ci-dessous.
Pouvez-vous me dire ce que je dois faire après.

Merci d'avance



Fix Navipromo version 4.1.0 commencé le 25/05/2011 21:04:19,37

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\navilog1

Mise à jour le 20.04.2011 à 09h00 par IL-MAFIOSO


Recherche executée en mode normal


Aucune Infection Navipromo/Egdaccess trouvée



*** Scan terminé 25/05/2011 21:05:21,14 ***

Autres pages sur : resolu pub intempestives

a c 267 8 Sécurité
25 Mai 2011 22:32:04

Bonjour,

  • Télécharge OTL (par OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prend pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres Bloc-notes vont s'ouvrir : OTL.txt et Extras.txt. Ils se trouvent au même endroit qu'OTL.

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    m
    0
    l
    Contenus similaires
    25 Mai 2011 23:32:04

    Je te joins le rapport

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 23:26:25 le 25/05/2011, Mode normal

    Microsoft Windows 7 Édition Intégrale (X86)
    ChrysMat@CHRYSMAT-PC ( )

    ============== RECHERCHE ==============


    Fichier trouvé: C:\Program Files\Mozilla FireFox\searchplugins\crawlersrch.xml
    Fichier trouvé: C:\Windows\system32\ConduitEngine.tmp
    Dossier trouvé: C:\Users\ChrysMat\AppData\Roaming\PCtuto
    Dossier trouvé: C:\Users\ChrysMat\AppData\Roaming\Mozilla\FireFox\Profiles\6gneqnml.default\conduit
    Fichier trouvé: C:\Users\ChrysMat\AppData\Roaming\Mozilla\FireFox\Profiles\6gneqnml.default\searchplugins\conduit.xml
    Dossier trouvé: C:\Users\ChrysMat\AppData\LocalLow\Conduit
    Dossier trouvé: C:\Program Files\Conduit
    Dossier trouvé: C:\Users\ChrysMat\AppData\LocalLow\ConduitEngine
    Dossier trouvé: C:\Program Files\ConduitEngine
    Dossier trouvé: C:\Users\ChrysMat\AppData\Roaming\CrazyLoader
    Dossier trouvé: C:\Users\ChrysMat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrazyLoader
    Dossier trouvé: C:\Program Files\CrazyLoader
    Dossier trouvé: C:\Users\ChrysMat\AppData\Local\OpenCandy
    Dossier trouvé: C:\Users\ChrysMat\AppData\Local\PCTuto
    Dossier trouvé: C:\Program Files\PCTuto

    -- Fichier ouvert: C:\Users\ChrysMat\AppData\Roaming\Mozilla\FireFox\Profiles\6gneqnml.default\Prefs.js --
    Ligne trouvée: user_pref("CT1460988.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
    Ligne trouvée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
    Ligne trouvée: user_pref("CT1460988.ct1460988.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_...
    Ligne trouvée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
    Ligne trouvée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
    Ligne trouvée: user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
    Ligne trouvée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250...
    Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091,CT1460988,CT2269050");
    Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091,CT1460988,CT2269050");
    Ligne trouvée: user_pref("CommunityToolbar.facebook.sessionKey", "2.mtqL6RT41JbU2o2JUaf7tg__.86400.1283284800-10824...
    Ligne trouvée: user_pref("CommunityToolbar.facebook.sessionSecret", "etjCzrtdbIy3cUtshWTR4g__");
    Ligne trouvée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Sep 18 2010 23:44:43 GMT+0200");
    Ligne trouvée: user_pref("CommunityToolbar.facebook.userId", "1082445628");
    Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091");
    Ligne trouvée: user_pref("browser.search.defaultenginename", "Crawler Search");
    Ligne trouvée: user_pref("browser.search.order.1", "Crawler Search");
    -- Fichier Fermé --


    Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Classes\CLSID\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}
    Clé trouvée: HKLM\Software\Classes\CLSID\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}
    Clé trouvée: HKLM\Software\Classes\Interface\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}
    Clé trouvée: HKLM\Software\Classes\CLSID\{86460CE5-46A0-4543-B8FE-2D2AE182A2FE}
    Clé trouvée: HKLM\Software\Classes\CLSID\{A1755B14-2AFA-42a6-97C3-AA81B4482B71}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1755B14-2AFA-42a6-97C3-AA81B4482B71}
    Clé trouvée: HKLM\Software\Classes\CLSID\{BFEF4710-4294-4DFE-9968-82421DFE390F}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BFEF4710-4294-4DFE-9968-82421DFE390F}
    Clé trouvée: HKLM\Software\Classes\CLSID\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
    Clé trouvée: HKLM\Software\Classes\CLSID\{CB1CC8F5-D23C-400F-8472-F6AEFEDE4768}
    Clé trouvée: HKLM\Software\Classes\Interface\{CB1CC8F5-D23C-400F-8472-F6AEFEDE4768}
    Clé trouvée: HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
    Clé trouvée: HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
    Clé trouvée: HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
    Clé trouvée: HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
    Clé trouvée: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
    Clé trouvée: HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
    Clé trouvée: HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
    Clé trouvée: HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}
    Clé trouvée: HKLM\Software\Classes\Interface\{471E3998-588E-41D5-A874-FA11C44B70DE}
    Clé trouvée: HKLM\Software\Classes\Interface\{4C3B62AF-CA25-4FBA-8405-32E44F83BB6F}
    Clé trouvée: HKLM\Software\Classes\Interface\{4F309FEB-422A-4808-91D0-71DFACCCA399}
    Clé trouvée: HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
    Clé trouvée: HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
    Clé trouvée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
    Clé trouvée: HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
    Clé trouvée: HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
    Clé trouvée: HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
    Clé trouvée: HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
    Clé trouvée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    Clé trouvée: HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
    Clé trouvée: HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
    Clé trouvée: HKLM\Software\Classes\Interface\{8F271B52-1E44-42D7-B316-BA23A0FD9DB4}
    Clé trouvée: HKLM\Software\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
    Clé trouvée: HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
    Clé trouvée: HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
    Clé trouvée: HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
    Clé trouvée: HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
    Clé trouvée: HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
    Clé trouvée: HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
    Clé trouvée: HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
    Clé trouvée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
    Clé trouvée: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    Clé trouvée: HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
    Clé trouvée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
    Clé trouvée: HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
    Clé trouvée: HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
    Clé trouvée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
    Clé trouvée: HKLM\Software\Classes\Interface\{D4E856E7-C034-49BA-BFEF-B785F3CBD7BA}
    Clé trouvée: HKLM\Software\Classes\Interface\{DB7A9C36-6C85-48BE-BA8D-151B6B144BE0}
    Clé trouvée: HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
    Clé trouvée: HKLM\Software\Classes\Interface\{F77F3DFC-F5DC-4316-AB50-B50B16F2BEF4}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{63AF3145-D2DC-4F1D-BB3A-3AAD9FEC3430}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{D530F69A-EB2D-4EC6-BD37-E123AEFCA011}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{F5BCBC2A-E8F6-4A47-BBCB-61713EA03787}
    Clé trouvée: HKLM\Software\Classes\Conduit.Engine
    Clé trouvée: HKLM\Software\Classes\Crazyloader.Spointer
    Clé trouvée: HKLM\Software\Classes\Crazyloader.Spointer.1
    Clé trouvée: HKLM\Software\Classes\Crazyloader.SpointerCtrl
    Clé trouvée: HKLM\Software\Classes\Crazyloader.SpointerCtrl.1
    Clé trouvée: HKLM\Software\Classes\Crazyloader.SpointerWebDisp
    Clé trouvée: HKLM\Software\Classes\Crazyloader.SpointerWebDisp.1
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT1460988
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT2504091
    Clé trouvée: HKLM\Software\Conduit
    Clé trouvée: HKLM\Software\conduitEngine
    Clé trouvée: HKCU\Software\Conduit
    Clé trouvée: HKCU\Software\Spointer
    Clé trouvée: HKCU\Software\AppDataLow\Toolbar
    Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
    Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine
    Clé trouvée: HKCU\Software\AppDataLow\Software\Hotbar
    Clé trouvée: HKU\.DEFAULT\Software\CToolbar
    Clé trouvée: HKU\S-1-5-18\Software\CToolbar
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0E5DCC87-ED47-4747-9F98-B63D43811D06}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA4B812-2415-4000-AFCB-56F53E668DC5}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CrazyLoader
    Clé trouvée: HKLM\Software\Google\Chrome\Extensions\fikmanfpkongnopggnndbikhhicdpfka

    Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|crazyloader@spointer.com
    Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
    Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542}


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.6.16 (fr)] ****

    Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})
    Searchplugins\crawlersrch.xml (hxxp://www.crawler.com/search/dispatcher.aspx?tp=ff&qkw={searchTerms})
    Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=wbst&f=4&q={searchTerms}/)
    Searchplugins\fcmdSrchddr.xml (hxxp://start.facemoods.com/?a=ddr&f=4&q={searchTerms}/)
    Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension for Firefox )
    HKLM_Extensions|crazyloader@spointer.com - C:\Program Files\CrazyLoader\spointer\extensions\crazyloader@spointer.com
    HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\

    -- C:\Users\ChrysMat\AppData\Roaming\Mozilla\FireFox\Profiles\6gneqnml.default --
    Extensions\ffxtlbr@Facemoods.com (Facemoods)
    Extensions\firebug@software.joehewitt.com (Firebug)
    Extensions\firebug@software.joehewitt.com-trash (?)
    Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
    Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} (Html Validator)
    Extensions\{618D522B-652C-4e19-9194-048700B12ED6} (Sothink SWF Catcher)
    Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} (DVDVideoSoftTB Toolbar)
    Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
    Extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} (myBabylon English Toolbar)
    Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Toolbar)
    Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} (Web Developer)
    Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}/)
    Prefs.js - browser.download.lastDir, J:\\wamp\\www\\Espoir et Vie\\images
    Prefs.js - browser.search.defaultenginename, Crawler Search
    Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13054
    Prefs.js - browser.search.selectedEngine, Search
    Prefs.js - browser.startup.homepage, hxxp://www.jeux-2-filles.com/
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16

    ========================================

    **** Google Chrome Version [11.0.696.68] ****

    Extension\fikmanfpkongnopggnndbikhhicdpfka (C:\Program Files\CrazyLoader\spointer\extensions\chrome\crazyloader_air_chrome.crx) (?)
    Extension\ihflimipbcaljfnojhhknppphnnciiif (C:\Program Files\facemoods.com\facemoods\1.4.17.4\facemoods.crx) (?)
    Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)

    -- C:\Users\ChrysMat\AppData\Local\Google\Chrome\User Data\Default --
    Preferences - default_search_provider: "facemoods" (Activé: true) (hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4)
    Preferences - homepage: hxxp://start.facemoods.com/?a=ddr
    Preferences - homepage_is_newtabpage: false
    Plugin - Interest Recognizer for Crazyloader (Activé: true) (C:\Users\ChrysMat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fikmanfpkongnopggnndbikhhicdpfka\3.4.1545.153_0\crazyloader_air_chrome.dll)
    Plugin - RealJukebox NS Plugin (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll)
    Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
    Plugin - "Windows Live Photo Gallery" (Activé: true)
    Plugin - "Interest Recognizer for Crazyloader" (Activé: true)
    Plugin - "RealJukebox NS Plugin" (Activé: true)

    ========================================

    **** Internet Explorer Version [9.0.8112.16421] ****

    HKCU_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
    HKCU_Main|Search bar - hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tb...
    HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKCU_Main|Start Page - hxxp://start.facemoods.com/?a=wbst
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
    HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|SearchAssistant - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
    HKCU_URLSearchHooks|{BA14329E-9550-4989-B3F2-9732E92D17CC} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuz0.dll)
    HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuz0.dll)
    HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=wbst&s={searchTerms}&f=4)
    HKCU_SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - "Search the web (Babylon)" (hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13054)
    HKCU_SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - "Recherche Crawler" (hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60446)
    HKCU_Toolbar\WebBrowser|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
    HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll)
    HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\tbVuz0.dll)
    HKCU_Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542} (x)
    HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll)
    HKLM_Toolbar|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
    HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\tbVuz0.dll)
    HKLM_Toolbar|{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} (C:\Program Files\facemoods.com\facemoods\1.4.17.4\facemoodsTlbr.dll)
    HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
    HKLM_ElevationPolicy\49f43739-397e-4373-a17c-492e78e52c78 - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?)
    HKLM_ElevationPolicy\b01b6414-4e61-4c0f-bca0-7fd6131fbd24 - C:\Program Files\myBabylon_English\myBabylon_EnglishToolbarHelper.exe (x)
    HKLM_ElevationPolicy\{02DAEBED-1504-4562-A498-4120120DEB8A} - C:\Program Files\Lexmark Toolbar\tbsched.exe (?)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{0E5DCC87-ED47-4747-9F98-B63D43811D06} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (Conduit Ltd.)
    HKLM_ElevationPolicy\{240373D3-4199-4F41-BB4D-15D5B830C82D}-32 - C:\Program Files\iGraal\iGraalHelper.exe (IGraal)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{7D1F9AB0-F4FB-47C9-B902-421086604769} - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper1.exe (Conduit Ltd.)
    HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
    HKLM_ElevationPolicy\{DBA4B812-2415-4000-AFCB-56F53E668DC5} - C:\Program Files\CrazyLoader\spointer\crazyloader_air.exe (Crazyloader)
    HKLM_ElevationPolicy\{FFDF9EF3-3C3A-4f05-9A6E-5D3B778EC567} - C:\Program Files\facemoods.com\facemoods\1.4.17.4\facemoodssrv.exe (facemoods.com)
    HKLM_Extensions\{0FB6492F-7FED-4446-9863-992806E1C419} - "iGraal" (C:\Program Files\iGraal\iGraalButton.dll,201)
    HKLM_Extensions\{88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - "Add to VideoGet" (C:\Program Files\Nuclear Coffee\VideoGet\VideoGet.ico)
    HKLM_Extensions\{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - "Sothink SWF Catcher" (C:\Program Files\Common Files\SourceTec\SWF Catcher\SWFCatcher.dll,128)
    HKLM_Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - "Translate this web page with Babylon" (C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll,202)
    BHO\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - "Lexmark Barre d'outils" (C:\Program Files\Lexmark Toolbar\toolband.dll)
    BHO\{240373D3-4199-4F41-BB4D-15D5B830C82D} - "iGraal BHO" (C:\Program Files\iGraal\iGraalBHO.dll)
    BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files\ConduitEngine\ConduitEngine.dll)
    BHO\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (?)
    BHO\{64182481-4F71-486b-A045-B233BD0DA8FC} - "CescrtHlpr Object" (C:\Program Files\facemoods.com\facemoods\1.4.17.4\bh\facemoods.dll)
    BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuz0.dll)
    BHO\{C5F65718-341D-4e7d-9842-FCB9CC89527E} - "Interest recogniser for Crazyloader (powered by Spointer)" (C:\Program Files\CrazyLoader\spointer\extensions\crazyloader_air_ie.dll)
    BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 2 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 25/05/2011 23:26:59 (20013 Octet(s))

    Fin à: 23:28:46, 25/05/2011

    ============== E.O.F ==============
    m
    0
    l
    a c 267 8 Sécurité
    26 Mai 2011 00:17:22

    Ok, tu peux utiliser l'option "Nettoyer" d'Ad-Remover puis poster le rapport.
    m
    0
    l
    26 Mai 2011 00:27:56

    Ci-dessous le rapport.
    Encore merci !


    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 00:19:54 le 26/05/2011, Mode normal

    Microsoft Windows 7 Édition Intégrale (X86)
    ChrysMat@CHRYSMAT-PC ( )

    ============== ACTION(S) ==============


    Fichier supprimé: C:\Program Files\Mozilla FireFox\searchplugins\crawlersrch.xml
    Fichier supprimé: C:\Windows\system32\ConduitEngine.tmp
    Dossier supprimé: C:\Users\ChrysMat\AppData\Roaming\PCtuto
    Dossier supprimé: C:\Users\ChrysMat\AppData\Roaming\Mozilla\FireFox\Profiles\6gneqnml.default\conduit
    Fichier supprimé: C:\Users\ChrysMat\AppData\Roaming\Mozilla\FireFox\Profiles\6gneqnml.default\searchplugins\conduit.xml
    Dossier supprimé: C:\Users\ChrysMat\AppData\LocalLow\Conduit
    Dossier supprimé: C:\Program Files\Conduit
    Dossier supprimé: C:\Users\ChrysMat\AppData\LocalLow\ConduitEngine
    Dossier supprimé: C:\Program Files\ConduitEngine
    Dossier supprimé: C:\Users\ChrysMat\AppData\Roaming\CrazyLoader
    Dossier supprimé: C:\Users\ChrysMat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrazyLoader
    Dossier supprimé: C:\Program Files\CrazyLoader
    Dossier supprimé: C:\Users\ChrysMat\AppData\Local\OpenCandy
    Dossier supprimé: C:\Users\ChrysMat\AppData\Local\PCTuto
    Dossier supprimé: C:\Program Files\PCTuto

    (!) -- Fichiers temporaires supprimés.


    -- Fichier ouvert: C:\Users\ChrysMat\AppData\Roaming\Mozilla\FireFox\Profiles\6gneqnml.default\Prefs.js --
    Ligne supprimée: user_pref("CT1460988.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
    Ligne supprimée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146...
    Ligne supprimée: user_pref("CT1460988.ct1460988.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_...
    Ligne supprimée: user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
    Ligne supprimée: user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226...
    Ligne supprimée: user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
    Ligne supprimée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250...
    Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091,CT1460988,CT2269050");
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091,CT1460988,CT2269050");
    Ligne supprimée: user_pref("CommunityToolbar.facebook.sessionKey", "2.mtqL6RT41JbU2o2JUaf7tg__.86400.1283284800-10824...
    Ligne supprimée: user_pref("CommunityToolbar.facebook.sessionSecret", "etjCzrtdbIy3cUtshWTR4g__");
    Ligne supprimée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Sep 18 2010 23:44:43 GMT+0200");
    Ligne supprimée: user_pref("CommunityToolbar.facebook.userId", "1082445628");
    Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091");
    Ligne supprimée: user_pref("browser.search.defaultenginename", "Crawler Search");
    Ligne supprimée: user_pref("browser.search.order.1", "Crawler Search");
    -- Fichier Fermé --


    Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé supprimée: HKLM\Software\Classes\CLSID\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}
    Clé supprimée: HKLM\Software\Classes\CLSID\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}
    Clé supprimée: HKLM\Software\Classes\Interface\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}
    Clé supprimée: HKLM\Software\Classes\CLSID\{86460CE5-46A0-4543-B8FE-2D2AE182A2FE}
    Clé supprimée: HKLM\Software\Classes\CLSID\{A1755B14-2AFA-42a6-97C3-AA81B4482B71}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1755B14-2AFA-42a6-97C3-AA81B4482B71}
    Clé supprimée: HKLM\Software\Classes\CLSID\{BFEF4710-4294-4DFE-9968-82421DFE390F}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BFEF4710-4294-4DFE-9968-82421DFE390F}
    Clé supprimée: HKLM\Software\Classes\CLSID\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5F65718-341D-4e7d-9842-FCB9CC89527E}
    Clé supprimée: HKLM\Software\Classes\CLSID\{CB1CC8F5-D23C-400F-8472-F6AEFEDE4768}
    Clé supprimée: HKLM\Software\Classes\Interface\{CB1CC8F5-D23C-400F-8472-F6AEFEDE4768}
    Clé supprimée: HKLM\Software\Classes\Interface\{15FD8424-D12A-4C51-8C6C-D5D57B80F781}
    Clé supprimée: HKLM\Software\Classes\Interface\{2447E305-5E90-42A8-BD1E-0BC333B807E1}
    Clé supprimée: HKLM\Software\Classes\Interface\{2557DD3F-23A0-477C-BCD8-90FD0AECC4B8}
    Clé supprimée: HKLM\Software\Classes\Interface\{2893116C-A176-42B1-8794-DA8C9FC45564}
    Clé supprimée: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
    Clé supprimée: HKLM\Software\Classes\Interface\{3CEB04AB-08AF-45F4-81B4-70D13C1F7B85}
    Clé supprimée: HKLM\Software\Classes\Interface\{40CA90F3-4098-4877-AE87-23EB612B18C7}
    Clé supprimée: HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}
    Clé supprimée: HKLM\Software\Classes\Interface\{471E3998-588E-41D5-A874-FA11C44B70DE}
    Clé supprimée: HKLM\Software\Classes\Interface\{4C3B62AF-CA25-4FBA-8405-32E44F83BB6F}
    Clé supprimée: HKLM\Software\Classes\Interface\{4F309FEB-422A-4808-91D0-71DFACCCA399}
    Clé supprimée: HKLM\Software\Classes\Interface\{50D2FDCC-2707-49CB-8223-7FE0424909AA}
    Clé supprimée: HKLM\Software\Classes\Interface\{5A635A91-C303-45C9-8DB9-F759D98A3B9D}
    Clé supprimée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
    Clé supprimée: HKLM\Software\Classes\Interface\{67B3BECF-7B6F-42B2-99F0-F7656F89CFFA}
    Clé supprimée: HKLM\Software\Classes\Interface\{715FFD42-4E05-4EAB-9513-C8DAA5395AE2}
    Clé supprimée: HKLM\Software\Classes\Interface\{759D6F7C-8D30-45B6-ABEA-FA51C190EED5}
    Clé supprimée: HKLM\Software\Classes\Interface\{7E335D04-2E6E-4D0E-A921-C3D9192E7121}
    Clé supprimée: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    Clé supprimée: HKLM\Software\Classes\Interface\{878CE013-7BA9-4650-A78C-B2234C0C1648}
    Clé supprimée: HKLM\Software\Classes\Interface\{8EE46F55-1CE1-4DB9-811A-68938EC7F3DD}
    Clé supprimée: HKLM\Software\Classes\Interface\{8F271B52-1E44-42D7-B316-BA23A0FD9DB4}
    Clé supprimée: HKLM\Software\Classes\Interface\{99CCFB8C-6380-4A14-8FDD-EF3E7E95335D}
    Clé supprimée: HKLM\Software\Classes\Interface\{99FDCA0C-7380-4E9C-8D99-5DC4750334EF}
    Clé supprimée: HKLM\Software\Classes\Interface\{9A4A64A4-A2FB-48FA-9BBA-1AC50267695D}
    Clé supprimée: HKLM\Software\Classes\Interface\{A7213D71-47E1-4832-92D7-D61DFE9F231F}
    Clé supprimée: HKLM\Software\Classes\Interface\{A87DFD99-CF81-4241-85CE-881E0026B686}
    Clé supprimée: HKLM\Software\Classes\Interface\{B1D9F4B1-B9FF-463F-BF15-AB9CB26160F7}
    Clé supprimée: HKLM\Software\Classes\Interface\{B20D7ADD-989C-4BC0-A797-F6FE7998EFD7}
    Clé supprimée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
    Clé supprimée: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    Clé supprimée: HKLM\Software\Classes\Interface\{BFC20A15-B0AC-44CC-A25A-A7039014BA9F}
    Clé supprimée: HKLM\Software\Classes\Interface\{C96B9FAE-A032-4100-BB47-32EF05E28BE4}
    Clé supprimée: HKLM\Software\Classes\Interface\{CF82F350-E1C4-4916-AC12-BA73DB60AFB7}
    Clé supprimée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
    Clé supprimée: HKLM\Software\Classes\Interface\{D4E856E7-C034-49BA-BFEF-B785F3CBD7BA}
    Clé supprimée: HKLM\Software\Classes\Interface\{DB7A9C36-6C85-48BE-BA8D-151B6B144BE0}
    Clé supprimée: HKLM\Software\Classes\Interface\{F019AEC4-4C95-46DE-A107-E302473E3B9A}
    Clé supprimée: HKLM\Software\Classes\Interface\{F77F3DFC-F5DC-4316-AB50-B50B16F2BEF4}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{63AF3145-D2DC-4F1D-BB3A-3AAD9FEC3430}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{D530F69A-EB2D-4EC6-BD37-E123AEFCA011}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{F5BCBC2A-E8F6-4A47-BBCB-61713EA03787}
    Clé supprimée: HKLM\Software\Classes\Conduit.Engine
    Clé supprimée: HKLM\Software\Classes\Crazyloader.Spointer
    Clé supprimée: HKLM\Software\Classes\Crazyloader.Spointer.1
    Clé supprimée: HKLM\Software\Classes\Crazyloader.SpointerCtrl
    Clé supprimée: HKLM\Software\Classes\Crazyloader.SpointerCtrl.1
    Clé supprimée: HKLM\Software\Classes\Crazyloader.SpointerWebDisp
    Clé supprimée: HKLM\Software\Classes\Crazyloader.SpointerWebDisp.1
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT1460988
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT2504091
    Clé supprimée: HKLM\Software\Conduit
    Clé supprimée: HKLM\Software\conduitEngine
    Clé supprimée: HKCU\Software\Conduit
    Clé supprimée: HKCU\Software\Spointer
    Clé supprimée: HKCU\Software\AppDataLow\Toolbar
    Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
    Clé supprimée: HKCU\Software\AppDataLow\Software\conduitEngine
    Clé supprimée: HKCU\Software\AppDataLow\Software\Hotbar
    Clé supprimée: HKU\.DEFAULT\Software\CToolbar
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0E5DCC87-ED47-4747-9F98-B63D43811D06}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA4B812-2415-4000-AFCB-56F53E668DC5}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CrazyLoader
    Clé supprimée: HKLM\Software\Google\Chrome\Extensions\fikmanfpkongnopggnndbikhhicdpfka

    Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|crazyloader@spointer.com
    Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542}


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.6.16 (fr)] ****

    Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})
    Searchplugins\fcmdSrch.xml ( hxxp://start.facemoods.com/?a=wbst&f=4&q={searchTerms}/)
    Searchplugins\fcmdSrchddr.xml (hxxp://start.facemoods.com/?a=ddr&f=4&q={searchTerms}/)
    Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension for Firefox )
    HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\

    -- C:\Users\ChrysMat\AppData\Roaming\Mozilla\FireFox\Profiles\6gneqnml.default --
    Extensions\firebug@software.joehewitt.com (Firebug)
    Extensions\firebug@software.joehewitt.com-trash (?)
    Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
    Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} (Html Validator)
    Extensions\{618D522B-652C-4e19-9194-048700B12ED6} (Sothink SWF Catcher)
    Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} (DVDVideoSoftTB Toolbar)
    Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
    Extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} (myBabylon English Toolbar)
    Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Toolbar)
    Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} (Web Developer)
    Prefs.js - browser.download.lastDir, J:\\wamp\\www\\Espoir et Vie\\images
    Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13054
    Prefs.js - browser.search.selectedEngine, Search
    Prefs.js - browser.startup.homepage, hxxp://www.jeux-2-filles.com/
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.16

    ========================================

    **** Google Chrome Version [11.0.696.68] ****

    Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)

    -- C:\Users\ChrysMat\AppData\Local\Google\Chrome\User Data\Default --
    Preferences - default_search_provider: "facemoods" (Activé: true) (hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4)
    Preferences - homepage: hxxp://start.facemoods.com/?a=ddr
    Preferences - homepage_is_newtabpage: false
    Plugin - Interest Recognizer for Crazyloader (Activé: true) (C:\Users\ChrysMat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fikmanfpkongnopggnndbikhhicdpfka\3.4.1545.153_0\crazyloader_air_chrome.dll)
    Plugin - RealJukebox NS Plugin (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll)
    Plugin - Windows Live Photo Gallery (Activé: true) (C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll)
    Plugin - "Windows Live Photo Gallery" (Activé: true)
    Plugin - "Interest Recognizer for Crazyloader" (Activé: true)
    Plugin - "RealJukebox NS Plugin" (Activé: true)

    ========================================

    **** Internet Explorer Version [9.0.8112.16421] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{BA14329E-9550-4989-B3F2-9732E92D17CC} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuz0.dll)
    HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuz0.dll)
    HKCU_SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A} - "Facemoods Search" (hxxp://start.facemoods.com/?a=wbst&s={searchTerms}&f=4)
    HKCU_Toolbar\WebBrowser|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
    HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll)
    HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\tbVuz0.dll)
    HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll)
    HKLM_Toolbar|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
    HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\tbVuz0.dll)
    HKLM_ElevationPolicy\49f43739-397e-4373-a17c-492e78e52c78 - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?)
    HKLM_ElevationPolicy\b01b6414-4e61-4c0f-bca0-7fd6131fbd24 - C:\Program Files\myBabylon_English\myBabylon_EnglishToolbarHelper.exe (x)
    HKLM_ElevationPolicy\{02DAEBED-1504-4562-A498-4120120DEB8A} - C:\Program Files\Lexmark Toolbar\tbsched.exe (?)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{240373D3-4199-4F41-BB4D-15D5B830C82D}-32 - C:\Program Files\iGraal\iGraalHelper.exe (IGraal)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{7D1F9AB0-F4FB-47C9-B902-421086604769} - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper1.exe (Conduit Ltd.)
    HKLM_Extensions\{0FB6492F-7FED-4446-9863-992806E1C419} - "iGraal" (C:\Program Files\iGraal\iGraalButton.dll,201)
    HKLM_Extensions\{88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - "Add to VideoGet" (C:\Program Files\Nuclear Coffee\VideoGet\VideoGet.ico)
    HKLM_Extensions\{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - "Sothink SWF Catcher" (C:\Program Files\Common Files\SourceTec\SWF Catcher\SWFCatcher.dll,128)
    HKLM_Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - "Translate this web page with Babylon" (C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll,202)
    BHO\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - "Lexmark Barre d'outils" (C:\Program Files\Lexmark Toolbar\toolband.dll)
    BHO\{240373D3-4199-4F41-BB4D-15D5B830C82D} - "iGraal BHO" (C:\Program Files\iGraal\iGraalBHO.dll)
    BHO\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} (?)
    BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuz0.dll)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 427 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 26/05/2011 00:20:05 (17633 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 25/05/2011 23:26:59 (20152 Octet(s))

    Fin à: 00:22:52, 26/05/2011

    ============== E.O.F ==============
    m
    0
    l
    26 Mai 2011 21:31:57

    Bonsoir,

    Voici le rapport.


    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 6686

    Windows 6.1.7600
    Internet Explorer 9.0.8112.16421

    26/05/2011 21:31:07
    mbam-log-2011-05-26 (21-31-07).txt

    Type d'examen: Examen complet (C:\|J:\|)
    Elément(s) analysé(s): 455085
    Temps écoulé: 2 heure(s), 27 minute(s), 28 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 8
    Fichier(s) infecté(s): 8

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    c:\program files\perfect optimizer (PUP.PerfectOptimizer) -> Not selected for removal.
    c:\program files\perfect optimizer\Backup (PUP.PerfectOptimizer) -> Not selected for removal.
    c:\program files\perfect optimizer\Backup\application (PUP.PerfectOptimizer) -> Not selected for removal.
    c:\program files\perfect optimizer\Backup\Registry (PUP.PerfectOptimizer) -> Not selected for removal.
    c:\program files\perfect optimizer\Backup\Registry\firstbackup (PUP.PerfectOptimizer) -> Not selected for removal.
    c:\program files\perfect optimizer\Backup\Registry\fullbackup (PUP.PerfectOptimizer) -> Not selected for removal.
    c:\program files\perfect optimizer\Backup\Service (PUP.PerfectOptimizer) -> Not selected for removal.
    c:\program files\perfect optimizer\Temp (PUP.PerfectOptimizer) -> Not selected for removal.

    Fichier(s) infecté(s):
    c:\system volume information\systemrestore\frstaging\Users\ChrysMat\AppData\Local\Temp\hgdcyv.dll (Trojan.Hiloti.Gen) -> Quarantined and deleted successfully.
    c:\system volume information\systemrestore\frstaging\Users\ChrysMat\AppData\Local\Temp\awwtss.dll (Trojan.Hiloti.Gen) -> Quarantined and deleted successfully.
    c:\system volume information\systemrestore\frstaging\Users\ChrysMat\AppData\Local\Temp\ssrpno.dll (Trojan.Hiloti.Gen) -> Quarantined and deleted successfully.
    c:\system volume information\systemrestore\frstaging\Users\ChrysMat\AppData\Local\Temp\wvvttu.dll (Trojan.Hiloti.Gen) -> Quarantined and deleted successfully.
    c:\system volume information\systemrestore\frstaging\Users\ChrysMat\documents\vuze downloads\avs.audio.editor.4.2.1.107+crack\avsaudioeditor.exe (Trojan.Chifrax) -> Quarantined and deleted successfully.
    c:\Users\ChrysMat\downloads\perfectoptimizer.exe (PUP.PerfectOptimizer) -> Not selected for removal.
    c:\Users\ChrysMat\downloads\virtual.dj 7new - stef\virtual.dj 7new - stef\crack virtualdj 7.0.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    c:\program files\perfect optimizer\perfectoptimizer.ini (PUP.PerfectOptimizer) -> Not selected for removal.
    m
    0
    l
    a c 267 8 Sécurité
    26 Mai 2011 21:58:39

    Pourquoi ne pas avoir supprimé PerfectOptimizer ?
    m
    0
    l
    26 Mai 2011 22:03:28

    En fait, vu qu'il n'étaient pas coché, j'ai hésité.
    Je vais recommencer pour les supprimer.
    m
    0
    l
    a c 267 8 Sécurité
    26 Mai 2011 22:06:28

    Menu Démarrer > Panneau de configuration > Désinstaller un programme > Regarde si PerfectOptimizer apparaît ou non à cet endroit.
    m
    0
    l
    26 Mai 2011 22:11:31

    oui il apparaît. je l'ai supprimé
    m
    0
    l
    a c 267 8 Sécurité
    26 Mai 2011 22:14:30

    Le PC va mieux ?

  • Relance Malwarebytes' Anti-Malware, va dans Quarantaine et supprime tout.

  • Refais un scan OTL et poste le rapport OTL.
    m
    0
    l
    26 Mai 2011 23:02:16

    ça va beaucoup mieux, merci^^
    Voici le rapport

    OTL logfile created on: 26/05/2011 22:55:24 - Run 2
    OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\ChrysMat\Downloads
    Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free
    6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 145,62 Gb Total Space | 5,77 Gb Free Space | 3,97% Space Free | Partition Type: NTFS
    Drive D: | 145,62 Gb Total Space | 60,21 Gb Free Space | 41,35% Space Free | Partition Type: NTFS
    Drive J: | 6,83 Gb Total Space | 2,09 Gb Free Space | 30,55% Space Free | Partition Type: NTFS

    Computer Name: CHRYSMAT-PC | User Name: ChrysMat | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/05/25 22:34:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\ChrysMat\Downloads\OTL.exe
    PRC - [2011/04/13 00:57:24 | 000,313,160 | ---- | M] (Smilebox, Inc.) -- C:\Users\ChrysMat\AppData\Roaming\Smilebox\SmileboxTray.exe
    PRC - [2011/04/01 23:51:32 | 000,061,864 | ---- | M] () -- C:\PROGRA~1\Raptr\raptr.exe
    PRC - [2011/04/01 23:51:32 | 000,043,944 | ---- | M] () -- C:\PROGRA~1\Raptr\raptr_im.exe
    PRC - [2011/04/01 22:07:44 | 000,572,328 | ---- | M] (Raptr Inc.) -- C:\Program Files\Raptr\raptr_ep32.exe
    PRC - [2011/01/31 13:16:40 | 000,703,360 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
    PRC - [2010/12/08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    PRC - [2010/11/23 18:49:24 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
    PRC - [2010/11/16 15:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    PRC - [2010/11/15 14:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
    PRC - [2010/10/28 13:54:42 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    PRC - [2010/08/24 16:11:30 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
    PRC - [2010/08/24 16:11:30 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
    PRC - [2010/08/24 16:11:29 | 002,176,512 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
    PRC - [2010/08/13 13:04:34 | 000,408,936 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~1\MICROS~3\Office12\WINWORD.EXE
    PRC - [2010/05/11 11:16:34 | 000,140,288 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
    PRC - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
    PRC - [2010/03/07 21:46:55 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PRC - [2010/03/07 21:46:55 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PRC - [2010/03/05 20:31:32 | 002,808,320 | ---- | M] (MooSoft Development Inc) -- C:\Program Files\The Cleaner\tcap.exe
    PRC - [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/10/27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2009/07/14 03:14:28 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
    PRC - [2009/07/14 03:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
    PRC - [2009/03/02 14:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2008/11/13 10:33:54 | 000,097,128 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
    PRC - [2008/09/03 15:04:22 | 000,541,976 | ---- | M] (PIXELA CORPORATION) -- C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe
    PRC - [2008/02/28 02:53:25 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdxcoms.exe
    PRC - [2008/02/28 02:53:22 | 000,098,984 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxdxserv.exe
    PRC - [2004/10/01 16:12:18 | 000,565,309 | ---- | M] (Broadcom Corporation) -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
    PRC - [2004/10/01 16:06:34 | 000,163,840 | ---- | M] (Broadcom Corporation) -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    PRC - [1997/06/16 01:11:00 | 000,096,256 | ---- | M] () -- C:\Users\ChrysMat\Documents\cappro\Jascap32.exe


    ========== Modules (SafeList) ==========

    MOD - [2011/05/25 22:34:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\ChrysMat\Downloads\OTL.exe
    MOD - [2011/04/01 22:07:42 | 000,576,936 | ---- | M] (Raptr Inc.) -- C:\Program Files\Raptr\ltc_help32-48855.dll
    MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
    MOD - [2009/07/14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/12/08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
    SRV - [2010/08/24 16:11:30 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
    SRV - [2010/05/29 12:38:23 | 001,343,400 | ---- | M] () [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
    SRV - [2010/03/07 21:46:55 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2010/03/07 21:46:55 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2010/03/07 00:51:16 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2010/03/05 20:31:32 | 000,812,544 | ---- | M] (MooSoft Development LLC) [Auto | Stopped] -- C:\Program Files\The Cleaner\mhelper.exe -- (moohelp)
    SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2010/01/26 17:45:08 | 000,243,056 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
    SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
    SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2009/06/17 11:18:42 | 006,582,912 | ---- | M] () [On_Demand | Stopped] -- j:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe -- (wampmysqld)
    SRV - [2008/12/10 01:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- j:\wamp\bin\apache\apache2.2.11\bin\httpd.exe -- (wampapache)
    SRV - [2008/02/28 02:53:25 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdxcoms.exe -- (lxdx_device)
    SRV - [2008/02/28 02:53:22 | 000,098,984 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)
    SRV - [2007/03/20 17:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
    SRV - [2004/10/01 16:06:34 | 000,163,840 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe -- (btwdins)


    ========== Driver Services (SafeList) ==========

    DRV - [2010/08/24 16:11:30 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
    DRV - [2010/08/01 01:45:24 | 000,003,584 | ---- | M] (Systems Internals) [Kernel | System | Running] -- C:\Windows\iprot\6bd6aafb-ce29-4dbb-ad25-c59a3e0c7415\PhysMem.sys -- (6bd6aafb-ce29-4dbb-ad25-c59a3e0c7415)
    DRV - [2010/07/30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
    DRV - [2010/07/30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
    DRV - [2010/07/30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
    DRV - [2010/07/30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
    DRV - [2010/03/07 21:46:56 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2010/03/07 21:46:55 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2010/02/11 14:28:26 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
    DRV - [2009/12/21 14:34:24 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
    DRV - [2009/11/23 18:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
    DRV - [2009/11/23 18:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
    DRV - [2009/07/14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
    DRV - [2009/07/14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
    DRV - [2009/07/14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
    DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2009/07/14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
    DRV - [2009/07/14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
    DRV - [2009/07/14 00:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
    DRV - [2009/06/10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2009/03/30 11:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
    DRV - [2009/02/13 13:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
    DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
    DRV - [2007/09/25 16:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
    DRV - [2005/03/15 18:04:00 | 000,161,792 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ov530vid.sys -- (ovt530)
    DRV - [2004/10/01 15:50:26 | 000,023,271 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\btserial.sys -- (BTSERIAL)
    DRV - [2004/10/01 15:50:20 | 000,222,876 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\btslbcsp.sys -- (BTSLBCSP)
    DRV - [2004/10/01 15:48:30 | 001,241,482 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\btkrnl.sys -- (BTKRNL)
    DRV - [2004/10/01 15:43:44 | 000,054,488 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwusb.sys -- (BTWUSB)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 21 96 0B 39 0F CB 01 [binary data]
    IE - HKCU\..\URLSearchHook: {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========


    FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/10/28 13:57:43 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/02/11 23:27:30 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/31 18:56:27 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/25 19:53:47 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/02/11 23:27:30 | 000,000,000 | ---D | M]

    [2010/08/24 19:57:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Extensions
    [2010/08/24 19:52:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Extensions\MediaCoder
    [2010/08/24 19:57:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Extensions\MediaCoder-MCEX
    [2010/07/01 23:12:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Extensions\MediaCoder-Setup-Wizard
    [2011/05/26 00:49:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions
    [2011/02/05 01:39:07 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    [2010/03/07 00:34:33 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
    [2010/08/24 21:51:30 | 000,000,000 | ---D | M] (Sothink SWF Catcher) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions\{618D522B-652C-4e19-9194-048700B12ED6}
    [2010/12/23 22:54:22 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
    [2010/12/06 23:00:20 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    [2010/08/22 07:04:25 | 000,000,000 | ---D | M] (myBabylon English Toolbar) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
    [2010/08/20 00:48:23 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
    [2011/02/08 21:29:11 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
    [2011/02/21 10:27:00 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions\firebug@software.joehewitt.com
    [2011/02/21 10:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions\firebug@software.joehewitt.com-trash
    [2010/11/14 13:44:58 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\ChrysMat\AppData\Roaming\mozilla\Firefox\Profiles\6gneqnml.default\extensions\foxmarks@kei.com
    [2011/02/25 11:03:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
    [2010/07/10 15:39:37 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    [2010/06/30 12:02:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/06/23 07:00:12 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2011/03/27 16:53:40 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2010/06/26 21:01:53 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
    [2011/03/27 16:53:40 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2011/03/27 16:53:40 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2011/03/09 17:49:59 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
    [2010/12/13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
    [2011/03/27 16:53:40 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2011/03/27 16:53:40 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
    O2 - BHO: (iGraal BHO) - {240373D3-4199-4F41-BB4D-15D5B830C82D} - C:\Program Files\iGraal\iGraalBHO.dll (iGraal)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
    O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
    O4 - HKLM..\Run: [NWEReboot] File not found
    O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKCU..\Run: [] File not found
    O4 - HKCU..\Run: [Ceedo AutoDetect] File not found
    O4 - HKCU..\Run: [MSN] C:\Users\ChrysMat\AppData\Roaming\ddoserver.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
    O4 - HKCU..\Run: [Raptr] File not found
    O4 - HKCU..\Run: [SmileboxTray] C:\Users\ChrysMat\AppData\Roaming\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
    O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
    O4 - HKCU..\Run: [tcactive] C:\Program Files\The Cleaner\tcap.exe (MooSoft Development Inc)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
    O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm ()
    O8 - Extra context menu item: Free YouTube Download - C:\Users\ChrysMat\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
    O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\ChrysMat\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O9 - Extra Button: iGraal - {0FB6492F-7FED-4446-9863-992806E1C419} - C:\Program Files\iGraal\iGraalButton.dll ()
    O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL (Nuclear Coffee Software)
    O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL (Nuclear Coffee Software)
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - File not found
    O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - File not found
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: espoiretvie.fr ([www] http in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\Windows\System32\BTXPPanel.dll (Broadcom Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{229ce720-fd71-11df-8594-001921e72ff4}\Shell - "" = AutoRun
    O33 - MountPoints2\{229ce720-fd71-11df-8594-001921e72ff4}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/05/26 18:33:23 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{5208A2B1-FB68-44C2-91F9-4E8A45974570}
    [2011/05/26 18:32:14 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [2011/05/25 21:32:25 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Roaming\thecleaner
    [2011/05/25 21:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Cleaner
    [2011/05/25 21:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\The Cleaner
    [2011/05/25 21:30:01 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\Desktop\TC7-MP
    [2011/05/25 21:03:50 | 000,000,000 | ---D | C] -- C:\Navilog1
    [2011/05/25 21:03:10 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\Desktop\Navilog
    [2011/05/25 20:46:04 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Roaming\Reviversoft
    [2011/05/25 20:45:06 | 000,016,704 | ---- | C] (ReviverSoft) -- C:\Windows\System32\roboot.exe
    [2011/05/25 19:39:22 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Roaming\Malwarebytes
    [2011/05/25 19:39:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2011/05/25 19:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/05/25 19:39:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2011/05/25 19:39:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2011/05/25 19:39:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/05/25 19:38:14 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\Desktop\malware
    [2011/05/25 19:08:16 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{40C716EF-C18C-4935-B67F-BB9F60543C72}
    [2011/05/25 07:07:34 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{AA09550E-6EF1-4C36-9DF8-C2CCD18771A8}
    [2011/05/24 18:35:39 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{00F5E0E1-3739-4C7C-A2B8-7F37AA7FFC6C}
    [2011/05/23 22:29:53 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{F89DCE60-CBE0-4311-B05F-C58346A3C9F6}
    [2011/05/22 15:41:25 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{702114D0-812D-4A7D-BFA7-62486AB72C21}
    [2011/05/21 23:22:17 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{453A5EDB-2B31-4E8A-9731-564461FCDC64}
    [2011/05/21 11:21:32 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{8911B31A-C6C5-4C32-9ABA-49B0BDED2C4E}
    [2011/05/20 20:33:32 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\Desktop\Mili
    [2011/05/20 19:16:07 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{50D347DF-0895-455E-AE10-A4F684691608}
    [2011/05/19 18:32:35 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{EF60D7B2-184C-4335-84FD-62689191E67F}
    [2011/05/19 06:33:43 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
    [2011/05/19 06:30:50 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{F53CC52E-516A-4857-8DAE-54C9351A4240}
    [2011/05/18 17:48:46 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{7FECC8A1-8EE9-45B9-A27F-25BBB0938C24}
    [2011/05/17 18:31:24 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{7156576C-CF01-42E5-98D9-C1F9B300E0ED}
    [2011/05/16 22:25:57 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{FDF126F4-59E6-404F-B4E7-DB1B0E98784F}
    [2011/05/15 19:19:44 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{AF772DDE-4CBE-469C-AEE4-67405C0F3DD3}
    [2011/05/14 21:57:45 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{A629A851-0740-421B-A4C3-D629D876D06E}
    [2011/05/13 18:45:48 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{55B0AD5E-B4CA-4A0C-AB98-4C6E81EEE810}
    [2011/05/13 06:44:44 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{804CA1FC-70F1-42AF-91AB-625CBB9DBC61}
    [2011/05/12 21:37:05 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\Documents\My Extracted Files
    [2011/05/12 21:36:32 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Roaming\BitZipper
    [2011/05/12 21:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitZipper
    [2011/05/12 21:36:27 | 000,000,000 | ---D | C] -- C:\Program Files\BitZipper
    [2011/05/12 18:41:12 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
    [2011/05/12 18:41:12 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2011/05/12 18:41:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2011/05/12 18:41:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2011/05/12 18:41:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
    [2011/05/12 18:41:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2011/05/12 18:41:10 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2011/05/12 18:41:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2011/05/12 18:41:09 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
    [2011/05/12 18:41:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2011/05/12 18:41:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
    [2011/05/12 18:41:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
    [2011/05/12 18:41:08 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2011/05/12 18:41:08 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2011/05/12 18:41:08 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2011/05/12 18:41:07 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
    [2011/05/12 18:41:07 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2011/05/12 18:41:07 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2011/05/12 18:41:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2011/05/12 18:41:07 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2011/05/12 18:41:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2011/05/12 18:41:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2011/05/12 18:41:06 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2011/05/12 18:41:06 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2011/05/12 18:41:05 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2011/05/12 18:41:05 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2011/05/12 18:41:05 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2011/05/12 18:41:05 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
    [2011/05/12 18:41:05 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
    [2011/05/12 18:41:05 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
    [2011/05/12 18:41:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
    [2011/05/12 18:41:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
    [2011/05/12 18:41:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2011/05/12 18:41:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
    [2011/05/12 18:41:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
    [2011/05/12 18:41:03 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2011/05/12 18:41:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2011/05/12 18:41:03 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2011/05/12 18:41:03 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
    [2011/05/12 18:29:53 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{D2A9ECFD-EABF-4D6F-B2C5-956B966229CA}
    [2011/05/11 19:12:09 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2011/05/11 19:12:08 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2011/05/11 19:06:17 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{B39A6AB6-6AE9-49BC-BA4A-38E3003F745E}
    [2011/05/11 07:05:18 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{60761CDD-B292-45BD-857E-23B3F0272D2E}
    [2011/05/10 19:04:23 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{41FF8F39-3F24-4C38-B2DB-4F82E2C4DBE6}
    [2011/05/10 06:23:53 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{2E6AE633-6314-4A6D-81A4-BA09610360CA}
    [2011/05/09 18:23:00 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{6497561A-2E68-4F18-9428-BAE30AC4F5E0}
    [2011/05/08 20:41:13 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{CB3EE2EA-13F6-4792-BA32-2C9552C61CF3}
    [2011/05/08 08:35:46 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{E871434B-247D-4468-9F15-31C7BE558C8E}
    [2011/05/07 20:27:35 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{823CFFE7-4D77-4D2A-B82F-DC9C0C78ED78}
    [2011/05/07 08:26:45 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{4DE05304-0B56-4FF5-9DF5-D2D5CB66B493}
    [2011/05/06 19:51:18 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\Desktop\Nouveau dossier (2)
    [2011/05/06 18:19:58 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{2B33B0C0-64F6-4C5E-A9F1-CF8FE498BAED}
    [2011/05/05 19:21:01 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{8E04A2A9-D683-4AA8-BE59-759ECE43F391}
    [2011/05/05 07:00:42 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{A1322943-F3FD-4338-A35F-740B1400119B}
    [2011/05/04 18:59:50 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{25FFA9ED-A686-45D9-8526-DF179631D8BB}
    [2011/05/04 06:58:48 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{0A24687C-30B3-488C-801B-DB777C56A0FB}
    [2011/05/03 18:26:41 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{61174B17-3F25-4954-A5B8-B122A74E0385}
    [2011/05/02 20:51:42 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{F9FD77B1-FB8A-4100-9DFC-A34E07F6D235}
    [2011/05/01 20:14:22 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{B0E48866-423D-42B5-8DD1-6F74F5EAEE79}
    [2011/04/30 22:23:31 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{2FE9474E-460E-4D65-879E-A2E41E541B0A}
    [2011/04/29 18:34:54 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{155011E1-42C9-493C-B858-26F0D9B858F4}
    [2011/04/29 06:29:15 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{D17E65F8-983F-4D70-8B9C-11D8BA1102C4}
    [2011/04/28 18:27:05 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{0E363206-B17A-4446-8430-70B34BED8E93}
    [2011/04/27 19:17:36 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{7DFF4A21-3C2D-4A1D-81BC-9A68B14B6BAB}
    [2011/04/27 07:16:01 | 000,000,000 | ---D | C] -- C:\Users\ChrysMat\AppData\Local\{E89CC070-740C-449C-A5DD-FDC95EE82F32}
    [2010/03/07 02:39:47 | 001,105,920 | ---- | C] ( ) -- C:\Windows\System32\lxdxserv.dll
    [2010/03/07 02:39:47 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdxusb1.dll
    [2010/03/07 02:39:47 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdxpmui.dll
    [2010/03/07 02:39:47 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdxlmpm.dll
    [2010/03/07 02:39:47 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDXhcp.dll
    [2010/03/07 02:39:47 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdxinpa.dll
    [2010/03/07 02:39:47 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdxiesc.dll
    [2010/03/07 02:39:47 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdxprox.dll
    [2010/03/07 02:39:46 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdxhbn3.dll
    [2010/03/07 02:39:46 | 000,320,168 | ---- | C] ( ) -- C:\Windows\System32\lxdxih.exe
    [2010/03/07 02:39:45 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdxcomc.dll
    [2010/03/07 02:39:45 | 000,594,600 | ---- | C] ( ) -- C:\Windows\System32\lxdxcoms.exe
    [2010/03/07 02:39:45 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdxcomm.dll
    [2010/03/07 02:39:45 | 000,365,224 | ---- | C] ( ) -- C:\Windows\System32\lxdxcfg.exe
    [2009/07/14 01:41:28 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Users\ChrysMat\AppData\Roaming\ddoserver.exe
    [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/05/26 22:51:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2176948049-950684853-2905115394-1001UA.job
    [2011/05/26 22:19:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/05/26 22:19:40 | 2616,893,440 | -HS- | M] () -- C:\hiberfil.sys
    [2011/05/26 18:32:14 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [2011/05/26 00:44:31 | 000,012,280 | ---- | M] () -- C:\Users\ChrysMat\Desktop\Fotolia.jpg
    [2011/05/25 21:32:12 | 000,000,952 | ---- | M] () -- C:\Users\ChrysMat\Application Data\Microsoft\Internet Explorer\Quick Launch\The Cleaner 2011.lnk
    [2011/05/25 21:32:12 | 000,000,928 | ---- | M] () -- C:\Users\Public\Desktop\The Cleaner 2011.lnk
    [2011/05/25 19:39:25 | 000,000,000 | ---- | M] () -- C:\Users\ChrysMat\Documents\log.bcp
    [2011/05/25 19:39:12 | 000,001,091 | ---- | M] () -- C:\Users\ChrysMat\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
    [2011/05/25 19:39:12 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/05/21 12:00:00 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\PerfectOptimizer_home.job
    [2011/05/21 03:02:24 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/05/21 03:02:24 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/05/21 02:08:59 | 000,179,859 | ---- | M] () -- C:\Users\ChrysMat\Desktop\markfarina.png
    [2011/05/21 01:44:28 | 000,399,673 | ---- | M] () -- C:\Users\ChrysMat\Desktop\summeroflove.png
    [2011/05/21 01:14:40 | 000,001,456 | ---- | M] () -- C:\Users\ChrysMat\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs
    [2011/05/20 20:23:55 | 000,209,383 | ---- | M] () -- C:\Users\ChrysMat\Desktop\square.png
    [2011/05/20 20:16:29 | 000,451,472 | ---- | M] () -- C:\Users\ChrysMat\Desktop\london.png
    [2011/05/20 00:50:29 | 000,054,626 | ---- | M] () -- C:\Users\ChrysMat\Desktop\logo.png
    [2011/05/19 06:51:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2176948049-950684853-2905115394-1001Core.job
    [2011/05/17 14:51:06 | 000,016,704 | ---- | M] (ReviverSoft) -- C:\Windows\System32\roboot.exe
    [2011/05/13 06:42:03 | 000,001,423 | ---- | M] () -- C:\Users\ChrysMat\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2011/05/12 21:36:31 | 000,001,001 | ---- | M] () -- C:\Users\ChrysMat\Application Data\Microsoft\Internet Explorer\Quick Launch\BitZipper.lnk
    [2011/05/12 21:36:31 | 000,000,977 | ---- | M] () -- C:\Users\ChrysMat\Desktop\BitZipper.lnk
    [2011/05/12 18:41:12 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
    [2011/05/12 18:41:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2011/05/12 18:41:11 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2011/05/12 18:41:10 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2011/05/12 18:41:10 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
    [2011/05/12 18:41:10 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2011/05/12 18:41:10 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2011/05/12 18:41:09 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2011/05/12 18:41:09 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
    [2011/05/12 18:41:09 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2011/05/12 18:41:09 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
    [2011/05/12 18:41:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
    [2011/05/12 18:41:08 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
    [2011/05/12 18:41:08 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2011/05/12 18:41:08 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2011/05/12 18:41:08 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2011/05/12 18:41:07 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2011/05/12 18:41:07 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2011/05/12 18:41:07 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2011/05/12 18:41:07 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2011/05/12 18:41:07 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2011/05/12 18:41:07 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
    [2011/05/12 18:41:07 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2011/05/12 18:41:06 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2011/05/12 18:41:06 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2011/05/12 18:41:05 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2011/05/12 18:41:05 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2011/05/12 18:41:05 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2011/05/12 18:41:05 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
    [2011/05/12 18:41:05 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
    [2011/05/12 18:41:05 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
    [2011/05/12 18:41:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
    [2011/05/12 18:41:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
    [2011/05/12 18:41:04 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2011/05/12 18:41:04 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
    [2011/05/12 18:41:04 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
    [2011/05/12 18:41:03 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2011/05/12 18:41:03 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2011/05/12 18:41:03 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2011/05/12 18:41:03 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
    [2011/05/02 01:33:27 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2011/05/02 01:33:27 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2011/05/02 01:33:27 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2011/05/02 01:33:27 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2011/05/01 08:30:12 | 000,014,336 | ---- | M] () -- C:\Users\ChrysMat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/05/26 00:44:56 | 000,012,280 | ---- | C] () -- C:\Users\ChrysMat\Desktop\Fotolia.jpg
    [2011/05/25 21:32:12 | 000,000,952 | ---- | C] () -- C:\Users\ChrysMat\Application Data\Microsoft\Internet Explorer\Quick Launch\The Cleaner 2011.lnk
    [2011/05/25 21:32:12 | 000,000,928 | ---- | C] () -- C:\Users\Public\Desktop\The Cleaner 2011.lnk
    [2011/05/25 19:39:25 | 000,000,000 | ---- | C] () -- C:\Users\ChrysMat\Documents\log.bcp
    [2011/05/25 19:39:12 | 000,001,091 | ---- | C] () -- C:\Users\ChrysMat\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
    [2011/05/25 19:39:12 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011/05/21 02:09:07 | 000,179,859 | ---- | C] () -- C:\Users\ChrysMat\Desktop\markfarina.png
    [2011/05/21 01:44:35 | 000,399,673 | ---- | C] () -- C:\Users\ChrysMat\Desktop\summeroflove.png
    [2011/05/20 20:42:29 | 000,001,456 | ---- | C] () -- C:\Users\ChrysMat\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs
    [2011/05/20 20:23:58 | 000,209,383 | ---- | C] () -- C:\Users\ChrysMat\Desktop\square.png
    [2011/05/20 20:16:40 | 000,451,472 | ---- | C] () -- C:\Users\ChrysMat\Desktop\london.png
    [2011/05/20 00:50:36 | 000,054,626 | ---- | C] () -- C:\Users\ChrysMat\Desktop\logo.png
    [2011/05/12 21:36:31 | 000,001,001 | ---- | C] () -- C:\Users\ChrysMat\Application Data\Microsoft\Internet Explorer\Quick Launch\BitZipper.lnk
    [2011/05/12 21:36:31 | 000,000,977 | ---- | C] () -- C:\Users\ChrysMat\Desktop\BitZipper.lnk
    [2011/05/12 18:41:07 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
    [2010/11/17 00:21:27 | 000,014,336 | ---- | C] () -- C:\Users\ChrysMat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/10/29 23:07:19 | 000,013,052 | ---- | C] () -- C:\Users\ChrysMat\AppData\Local\Images.fl
    [2010/08/24 16:11:30 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
    [2010/08/04 20:01:03 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010/08/01 01:41:54 | 000,000,031 | ---- | C] () -- C:\Windows\System32\AsDays.ini
    [2010/07/31 13:55:53 | 000,044,544 | ---- | C] () -- C:\Windows\System32\GIF89.DLL
    [2010/07/31 13:55:51 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
    [2010/07/14 13:46:37 | 000,004,938 | ---- | C] () -- C:\ProgramData\ypkpiykb.yyr
    [2010/07/14 13:46:24 | 000,000,036 | ---- | C] () -- C:\Windows\IniFile1.ini
    [2010/04/11 20:15:57 | 000,561,152 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
    [2010/04/11 20:15:57 | 000,159,744 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
    [2010/04/11 20:15:57 | 000,135,168 | ---- | C] () -- C:\Windows\System32\DVDIFOFilter.dll
    [2010/04/11 19:32:04 | 000,005,017 | ---- | C] () -- C:\ProgramData\kivjpthq.ecv
    [2010/04/11 18:26:38 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
    [2010/03/08 00:11:51 | 000,000,137 | ---- | C] () -- C:\Users\ChrysMat\AppData\Roaming\default.rss
    [2010/03/07 23:40:48 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
    [2010/03/07 02:43:58 | 000,360,448 | ---- | C] () -- C:\Windows\System32\lxdxcoin.dll
    [2010/03/07 02:43:45 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdxvs.dll
    [2010/03/07 02:41:55 | 000,782,336 | ---- | C] () -- C:\Windows\System32\lxdxdrs.dll
    [2010/03/07 02:41:55 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxdxcaps.dll
    [2010/03/07 02:41:55 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdxcnv4.dll
    [2010/03/07 02:41:38 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL
    [2010/03/07 02:41:37 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL
    [2010/03/07 02:41:17 | 000,053,248 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll
    [2010/03/07 02:41:17 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL
    [2010/03/07 02:40:01 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdxrwrd.ini
    [2010/03/07 02:39:47 | 000,348,160 | ---- | C] () -- C:\Windows\System32\LXDXinst.dll
    [2010/03/07 02:39:46 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdxgrd.dll
    [2010/03/07 00:57:11 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
    [2009/08/01 10:28:14 | 000,704,242 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
    [2009/08/01 10:28:14 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
    [2009/08/01 10:28:14 | 000,130,548 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
    [2009/08/01 10:28:14 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
    [2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/14 06:33:53 | 004,059,784 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
    [2009/07/14 04:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat
    [2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
    [2009/07/14 04:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
    [2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
    [2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
    [2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
    [2009/07/14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
    [2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
    [2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
    [2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
    [2005/12/21 12:36:46 | 000,009,728 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
    [2004/10/01 16:01:22 | 000,086,016 | ---- | C] () -- C:\Windows\System32\btprn2k.dll
    [2001/11/14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

    ========== LOP Check ==========

    [2010/10/26 04:08:58 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Ableton
    [2010/03/07 19:32:59 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\AVG7
    [2011/05/25 20:00:39 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Azureus
    [2010/08/01 01:45:18 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Bidgood Svcs
    [2011/05/12 21:36:32 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\BitZipper
    [2010/08/24 19:50:12 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Broad Intelligence
    [2011/04/19 00:07:31 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\DVDVideoSoft
    [2010/12/06 23:00:19 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\DVDVideoSoftIEHelpers
    [2011/05/13 00:34:48 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\FileZilla
    [2010/07/31 13:56:34 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\FreeBurner
    [2010/04/11 18:26:55 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\FreeVideoConverter
    [2010/03/07 20:09:06 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Grisoft
    [2010/04/10 21:00:22 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Lexmark Productivity Studio
    [2010/05/28 22:03:50 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\n-Track Software Data
    [2010/05/29 03:00:39 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\n-Track Studio6
    [2010/12/01 21:23:26 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Nokia
    [2010/12/01 21:23:27 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Nokia Ovi Suite
    [2010/04/06 19:28:37 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Opera
    [2010/12/01 21:17:00 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\PC Suite
    [2011/05/26 22:21:23 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Raptr
    [2011/05/25 20:46:04 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Reviversoft
    [2011/05/11 21:24:02 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Smilebox
    [2010/08/24 18:15:52 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Spyware Terminator
    [2011/05/25 21:32:25 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\thecleaner
    [2010/11/26 22:43:25 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\TuneUpMedia
    [2010/06/30 12:51:58 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\Uniblue
    [2010/11/22 16:11:24 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\VSO
    [2011/03/08 13:03:23 | 000,000,000 | ---D | M] -- C:\Users\ChrysMat\AppData\Roaming\WeecastPlayer.A27AB7741756020517D10FDBA9AD7A2F55F5F984.1
    [2011/05/21 12:00:00 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\PerfectOptimizer_home.job
    [2011/05/17 18:28:49 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 143 bytes -> C:\Users\ChrysMat\AppData\Roaming\default.rss:o ECustomProperty

    < End of report >
    m
    0
    l
    a c 267 8 Sécurité
    26 Mai 2011 23:14:18

    Citation :
    C:\Users\ChrysMat\AppData\Roaming\ddoserver.exe

    --> Je ne connais pas ce fichier, c'est peut-être un virus. Scanne-le sur VirusTotal et poste le rapport d'analyse :
    http://www.virustotal.com/
    m
    0
    l
    26 Mai 2011 23:25:12

    je ne sais pas si c'est ça le rapport d'analyse...

    3 VT Community user(s) with a total of 35 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
    File name: ddoserver.exe
    Submission date: 2011-05-26 21:11:18 (UTC)
    Current status: finished
    Result: 0/ 41 (0.0%)
    VT Community

    goodware
    Safety score: 100.0%
    Compact
    Print results
    Antivirus Version Last Update Result
    AhnLab-V3 2011.05.27.00 2011.05.26 -
    AntiVir 7.11.8.151 2011.05.26 -
    Antiy-AVL 2.0.3.7 2011.05.26 -
    Avast 4.8.1351.0 2011.05.26 -
    Avast5 5.0.677.0 2011.05.26 -
    AVG 10.0.0.1190 2011.05.26 -
    BitDefender 7.2 2011.05.26 -
    CAT-QuickHeal 11.00 2011.05.26 -
    ClamAV 0.97.0.0 2011.05.26 -
    Commtouch 5.3.2.6 2011.05.26 -
    Comodo 8849 2011.05.26 -
    DrWeb 5.0.2.03300 2011.05.26 -
    eSafe 7.0.17.0 2011.05.26 -
    eTrust-Vet 36.1.8349 2011.05.26 -
    F-Prot 4.6.2.117 2011.05.26 -
    F-Secure 9.0.16440.0 2011.05.26 -
    Fortinet 4.2.257.0 2011.05.26 -
    GData 22 2011.05.26 -
    Ikarus T3.1.1.104.0 2011.05.26 -
    Jiangmin 13.0.900 2011.05.26 -
    K7AntiVirus 9.104.4726 2011.05.26 -
    Kaspersky 9.0.0.837 2011.05.26 -
    McAfee 5.400.0.1158 2011.05.26 -
    McAfee-GW-Edition 2010.1D 2011.05.26 -
    Microsoft 1.6903 2011.05.26 -
    NOD32 6156 2011.05.26 -
    nProtect 2011-05-26.01 2011.05.26 -
    Panda 10.0.3.5 2011.05.26 -
    PCTools 7.0.3.5 2011.05.19 -
    Prevx 3.0 2011.05.26 -
    Rising 23.59.02.05 2011.05.25 -
    Sophos 4.65.0 2011.05.26 -
    SUPERAntiSpyware 4.40.0.1006 2011.05.26 -
    Symantec 20111.1.0.186 2011.05.26 -
    TheHacker 6.7.0.1.209 2011.05.26 -
    TrendMicro 9.200.0.1012 2011.05.26 -
    TrendMicro-HouseCall 9.200.0.1012 2011.05.26 -
    VBA32 3.12.16.0 2011.05.26 -
    VIPRE 9398 2011.05.26 -
    ViRobot 2011.5.26.4480 2011.05.26 -
    VirusBuster 13.6.372.0 2011.05.26 -
    Additional informationShow all
    MD5 : 4884da7754823b44ccc2b2106f21146e
    SHA1 : 7bf8f58d8d8d5dedcee34185622a4b64702efb8e
    SHA256: 20f7530727ff461de43af16a42d60f12cd5c79a808e8dbeb8ab98159bd325ece
    ssdeep: 12288:YyZ2iDqST7vdO81Jrn7CyAITNWHeGL7GOKtR:3VVT7FO87rn7CWWodz
    File size : 776192 bytes
    First seen: 2009-09-18 23:00:46
    Last seen : 2011-05-26 21:11:18
    TrID:
    Win32 Executable Generic (42.3%)
    Win32 Dynamic Link Library (generic) (37.6%)
    Generic Win/DOS Executable (9.9%)
    DOS Executable Generic (9.9%)
    Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
    sigcheck:
    publisher....: Microsoft Corporation
    copyright....: (c) Microsoft Corporation. All rights reserved.
    product......: Microsoft_ Windows_ Operating System
    description..: Windows Calculator
    original name: CALC.EXE
    internal name: CALC
    file version.: 6.1.7600.16385 (win7_rtm.090713-1255)
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    PEInfo: PE structure information

    [[ basic data ]]
    entrypointaddress: 0x9768
    timedatestamp....: 0x4A5BC622 (Mon Jul 13 23:41:22 2009)
    machinetype......: 0x14c (I386)

    [[ 4 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0x52C81, 0x52E00, 6.41, d406805a4b0b0ea43815f3b8d9611a02
    .data, 0x54000, 0x40C0, 0x4200, 1.23, fc36fbbe2ea8cc46d03a1a35974567af
    .rsrc, 0x59000, 0x62790, 0x62800, 7.54, 5b8f896a411f1848fcdb163602888c74
    .reloc, 0xBC000, 0x3B24, 0x3C00, 6.75, 1ec3e3a57afe7c9f4078feaeeebd588c

    [[ 16 import(s) ]]
    SHELL32.dll: SHGetSpecialFolderPathW, SHGetFolderPathW, ShellAboutW, -, ShellExecuteExW
    SHLWAPI.dll: -
    gdiplus.dll: GdipDrawLineI, GdipDrawArcI, GdipFillRectangleI, GdipCloneBrush, GdipCloneImage, GdipCreateBitmapFromHBITMAP, GdipCreateFromHDC, GdipDrawImageRectI, GdipSetInterpolationMode, GdipSetPageUnit, GdipCreateSolidFill, GdipCreateBitmapFromScan0, GdipDisposeImage, GdipDeleteGraphics, GdipDeletePen, GdipCreatePen1, GdipDeleteBrush, GdipAlloc, GdipFree, GdiplusStartup, GdiplusShutdown, GdipGetImageGraphicsContext, GdipSetSmoothingMode, GdipCloneBitmapAreaI, GdipCreateHBITMAPFromBitmap
    ADVAPI32.dll: RegEnumKeyExW, RegOpenKeyExW, RegQueryInfoKeyW, RegGetValueW, RegEnumValueW, RegDeleteKeyW, RegQueryValueExW, RegSetValueExW, OpenSCManagerW, OpenServiceW, QueryServiceConfigW, CloseServiceHandle, RegCreateKeyExW, RegCloseKey, EventWrite, EventUnregister, EventRegister
    OLEAUT32.dll: -, -, -, -, -, -
    UxTheme.dll: IsThemeActive
    ole32.dll: CoInitialize, CoUninitialize, CoCreateInstance
    COMCTL32.dll: ImageList_Destroy, ImageList_Add, ImageList_Create, -, CreatePropertySheetPageW, PropertySheetW, -, -, -
    ntdll.dll: WinSqmAddToStreamEx, WinSqmIncrementDWORD, WinSqmAddToStream, NtQueryLicenseValue, RtlInitUnicodeString
    KERNEL32.dll: lstrlenA, WideCharToMultiByte, GetStartupInfoA, OutputDebugStringA, SetUnhandledExceptionFilter, GetModuleHandleA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetVersionExA, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, GetCurrentProcessId, SizeofResource, LockResource, LoadResource, FindResourceW, FindResourceExW, GetModuleHandleW, GetSystemTime, SetEvent, CloseHandle, WaitForSingleObject, CreateThread, CreateEventW, ResetEvent, lstrcmpW, GlobalAlloc, GlobalUnlock, GlobalLock, GlobalSize, MulDiv, GlobalFindAtomW, GetLastError, InterlockedDecrement, MultiByteToWideChar, GetLocalTime, GetLocaleInfoW, GetDateFormatW, InterlockedIncrement, WritePrivateProfileStringW, GetPrivateProfileStringW, lstrcmpiW, GetLocaleInfoEx, GetProcAddress, LoadLibraryW, FreeLibrary, DelayLoadFailureHook, InterlockedCompareExchange, LoadLibraryExA, HeapFree, HeapAlloc, GetProcessHeap, GetVersionExW, InterlockedExchange, FreeLibraryAndExitThread, GetFileAttributesW, Wow64RevertWow64FsRedirection, Wow64DisableWow64FsRedirection, IsWow64Process, GetCurrentProcess, GetModuleFileNameW, LocalFree, LocalReAlloc, LocalAlloc, GetProfileStringW, lstrlenW, CompareStringW, ApplicationRecoveryInProgress, Sleep, ApplicationRecoveryFinished, RegisterApplicationRecoveryCallback, RegisterApplicationRestart, CompareFileTime, SystemTimeToFileTime, GetTempFileNameW, FileTimeToSystemTime, DeleteFileW, CreateFileW, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, HeapDestroy, HeapReAlloc, HeapSize, RaiseException
    USER32.dll: GetSysColor, SetClassLongW, GetClassLongW, DrawMenuBar, SetMenuItemInfoW, AppendMenuW, RemoveMenu, GetSubMenu, GetWindowLongW, InsertMenuItemW, SetWindowLongW, IsWindowEnabled, PostMessageW, CharNextA, SetClipboardData, EmptyClipboard, CloseClipboard, GetClipboardData, OpenClipboard, GetMenuState, IsClipboardFormatAvailable, DefWindowProcW, InvalidateRect, PostQuitMessage, GetFocus, DispatchMessageW, TranslateMessage, GetMessageExtraInfo, TranslateAcceleratorW, GetMessageW, SetForegroundWindow, SetWindowPlacement, RegisterClassExW, DrawTextW, ReleaseDC, GetDC, GetSystemMetrics, EnumChildWindows, SetPropW, GetMenu, CheckRadioButton, UpdateWindow, SendDlgItemMessageW, IsDlgButtonChecked, MoveWindow, GetDlgItemInt, SetDlgItemInt, CheckMenuItem, GetNextDlgTabItem, OffsetRect, GetMonitorInfoW, MonitorFromWindow, CopyRect, IntersectRect, EnumDisplayMonitors, EqualRect, MonitorFromRect, GetClassWord, EnumDesktopWindows, GetProcessDefaultLayout, CreateDialogParamW, TrackPopupMenu, CreatePopupMenu, GetAncestor, FindWindowW, EndDialog, EnableMenuItem, DestroyWindow, MapWindowPoints, GetClassNameW, GetDlgItem, GetWindowRect, SetWindowPos, SendMessageW, LoadCursorW, SetCursor, GetKeyState, IsDialogMessageW, LoadAcceleratorsW, GetWindowTextLengthW, GetWindowTextW, EnableWindow, SetFocus, LoadStringW, SetWindowTextW, GetParent, GetClientRect, ShowWindow, GetWindowPlacement, LoadImageW, UnregisterClassA, FillRect, CheckMenuRadioItem, CreateWindowExW, MessageBeep, SystemParametersInfoW, DialogBoxParamW
    RPCRT4.dll: UuidCreate, UuidToStringW, RpcStringFreeW
    WINMM.dll: timeGetTime
    VERSION.dll: GetFileVersionInfoExW, GetFileVersionInfoSizeExW, VerQueryValueW
    GDI32.dll: EqualRgn, CreateDIBSection, DeleteObject, DeleteDC, GetTextExtentPointW, CreateFontIndirectW, CreateCompatibleDC, GetDeviceCaps, GetRgnBox, CreateSolidBrush, GetTextMetricsW, GetTextExtentPoint32W, GetObjectW, LineTo, MoveToEx, ExtCreatePen, CreateCompatibleBitmap, CreateRectRgn, CreateRectRgnIndirect, SetRectRgn, CombineRgn, SelectObject, CreatePatternBrush, SetTextColor, SetBkMode, GetStockObject, SetBkColor
    msvcrt.dll: wcsncmp, _wcsnicmp, iswdigit, _wcslwr_s, iswalpha, __0bad_cast@@QAE@ABV0@@Z, __1bad_cast@@UAE@XZ, localeconv, memchr, strcspn, sprintf_s, _strtoi64, _strtoui64, _wcsdup, _i64tow_s, _wtoi64, wcsrchr, wcstoul, isalpha, time, difftime, memmove, _callnewh, __pctype_func, ___lc_codepage_func, ___lc_handle_func, _itow_s, ___mb_cur_max_func, setlocale, __crtGetStringTypeW, __crtLCMapStringW, __mb_cur_max, tolower, isspace, abort, isalnum, __getmainargs, _cexit, _exit, _XcptFilter, _ismbblead, _acmdln, _initterm, _amsg_exit, __setusermatherr, __p__commode, __p__fmode, __set_app_type, __1type_info@@UAE@XZ, _unlock, __dllonexit, _lock, _onexit, _terminate@@YAXXZ, __uncaught_exception, _except_handler4_common, _controlfp, _wtoi, _itoa, calloc, wcschr, _wcsicmp, _vsnwprintf, memcpy, wcscat_s, wcstol, wcscpy_s, exit, mbstowcs_s, toupper, isxdigit, isdigit, _ftol2_sse, memset, _ftol2, malloc, _purecall, free, __0exception@@QAE@XZ, _CxxThrowException, __0exception@@QAE@ABV0@@Z, __1exception@@UAE@XZ, _what@exception@@UBEPBDXZ, __0exception@@QAE@ABQBD@Z, memmove_s, memcpy_s, __CxxFrameHandler3, _errno, _wcsrev
    ExifTool:
    file metadata
    CharacterSet: Unicode
    CodeSize: 339456
    CompanyName: Microsoft Corporation
    EntryPoint: 0x9768
    FileDescription: Windows Calculator
    FileFlagsMask: 0x003f
    FileOS: Windows NT 32-bit
    FileSize: 758 kB
    FileSubtype: 0
    FileType: Win32 EXE
    FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
    FileVersionNumber: 6.1.7600.16385
    ImageVersion: 6.1
    InitializedDataSize: 435712
    InternalName: CALC
    LanguageCode: English (U.S.)
    LegalCopyright: Microsoft Corporation. All rights reserved.
    LinkerVersion: 9.0
    MIMEType: application/octet-stream
    MachineType: Intel 386 or later, and compatibles
    OSVersion: 6.1
    ObjectFileType: Executable application
    OriginalFilename: CALC.EXE
    PEType: PE32
    ProductName: Microsoft Windows Operating System
    ProductVersion: 6.1.7600.16385
    ProductVersionNumber: 6.1.7600.16385
    Subsystem: Windows GUI
    SubsystemVersion: 6.1
    TimeStamp: 2009:07:14 01:41:22+02:00
    UninitializedDataSize: 0
    m
    0
    l
    a c 267 8 Sécurité
    27 Mai 2011 01:10:46

    Tu peux envoyer le fichier ici s'il te plaît :
    http://upload.malekal.com/

    J'ai une question un peu bizarre à te poser, as-tu la calculatrice qui s'ouvre quand la session s'ouvre ?
    m
    0
    l
    27 Mai 2011 07:03:06

    Bonjour,
    l'upload est fait.
    En effet j'ai bien la calculatrice qui s'ouvre depuis quelques jours et je ne connais pas la raison.
    m
    0
    l
    a c 267 8 Sécurité
    27 Mai 2011 12:17:11

    C'est bizarre :D 


  • Désinstalle Vuze Remote Toolbar si tu ne t'en sers pas.

  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    O4 - HKCU\..\Run: [MSN] C:\Users\ChrysMat\AppData\Roaming\ddoserver.exe (Microsoft Corporation)
    [2011/05/25 20:45:06 | 000,016,704 | ---- | C] (ReviverSoft) -- C:\Windows\System32\roboot.exe
    [2009/07/14 01:41:28 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Users\ChrysMat\AppData\Roaming\ddoserver.exe

    :commands
    [emptytemp]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.
    m
    0
    l
    4 Juin 2011 09:58:24

    Bonjour,

    Je n'ai pas réussi à désintaller Vuze Remote Toolbar j'ai un message qui s'affiche : could not open INSTALL.LOG.file
    m
    0
    l
    4 Juin 2011 10:10:18

    Ci-dessous le rapport


    All processes killed
    ========== OTL ==========
    Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
    C:\Users\ChrysMat\AppData\Roaming\ddoserver.exe moved successfully.
    C:\Windows\System32\roboot.exe moved successfully.
    File C:\Users\ChrysMat\AppData\Roaming\ddoserver.exe not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: ChrysMat
    ->Temp folder emptied: 95645510 bytes
    ->Temporary Internet Files folder emptied: 24145751 bytes
    ->Java cache emptied: 2052853 bytes
    ->FireFox cache emptied: 98227010 bytes
    ->Google Chrome cache emptied: 334149484 bytes
    ->Opera cache emptied: 683410 bytes
    ->Flash cache emptied: 2894222 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 56466 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 56466 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 670032 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 542988 bytes
    RecycleBin emptied: 6387 bytes

    Total Files Cleaned = 533,00 mb


    OTL by OldTimer - Version 3.2.22.3 log created on 06042011_100504

    Files\Folders moved on Reboot...
    File\Folder C:\Users\ChrysMat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X5NCGLG0\w4_default[1].htm not found!
    File\Folder C:\Users\ChrysMat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QZMNNFOI\01[1].htm not found!
    File\Folder C:\Users\ChrysMat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QZMNNFOI\ADSAdClient31[2].htm not found!
    C:\Users\ChrysMat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KMHMJFK3\Sync[1].htm moved successfully.
    C:\Users\ChrysMat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HADSEHU5\Include[1].htm moved successfully.

    Registry entries deleted on Reboot...
    m
    0
    l

    Meilleure solution

    a c 267 8 Sécurité
    4 Juin 2011 12:06:14

    Pour finir :


    1/

  • Télécharge DelFix sur ton Bureau.
  • Clique droit sur DelFix et choisis Exécuter en tant qu'administrateur.
  • Clique sur le bouton Suppression.
  • Poste le rapport (C:\DelFixSuppr.txt).
  • Supprime DelFix.


    2/

  • Télécharge et installe CCleaner.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de supprimer les points de restauration.


    ==Prévention==

    Java n'est pas à jour :
    http://www.malekal.com/2010/11/15/maintenir-java-adobe-...

    Voici un dossier sur la prévention et sécurité sur Internet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    ;) 
    partage
    5 Juin 2011 19:28:07

    Bonsoir,

    Ci-dessous le rapport :
    # DelFix v8.0 - Rapport créé le 05/06/2011 à 19:26
    # Mis à jour le 01/06/11 à 13h par Xplode
    # Système d'exploitation : Windows 7 Ultimate (32 bits) [version 6.1.7600]
    # Nom d'utilisateur : ChrysMat - CHRYSMAT-PC (Administrateur)
    # Exécuté depuis : C:\Users\ChrysMat\Downloads\DelFix.exe
    # Option [Suppression]


    ~~~~~~ Dossier(s) ~~~~~~

    Supprimé : C:\_OTL
    Supprimé : C:\Navilog1

    ~~~~~~ Fichier(s) ~~~~~~

    Supprimé : C:\cleannavi.txt
    Supprimé : C:\Users\ChrysMat\Downloads\Extras.Txt
    Supprimé : C:\Users\ChrysMat\Downloads\Navilog1.zip
    Supprimé : C:\Users\ChrysMat\Downloads\OTL.exe
    Supprimé : C:\Users\ChrysMat\Downloads\OTL.Txt

    ~~~~~~ Registre ~~~~~~

    Clé Supprimée : HKLM\Software\OldTimer Tools

    ~~~~~~ Autre ~~~~~~

    -> Prefetch vidé

    ########## EOF - "C:\DelFixSuppr.txt" - [883 octets] ##########
    m
    0
    l
    a c 267 8 Sécurité
    5 Juin 2011 23:51:41

    C'est OK.
    m
    0
    l
    8 Juin 2011 22:09:48

    Bonsoir,

    Merci bcp pour ton aide et ta patience.
    Je me suis inscrite par hasard mais je ne le regrette.
    Mon pc fonctionne du tonnerre :) 
    Je vais arrêter de télécharger n'importe quoi...
    m
    0
    l
    20 Juin 2011 11:23:25

    Meilleure réponse sélectionnée par chryslaure.
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS