Se connecter / S'enregistrer
Votre question

j ai un virus

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Décembre 2011 11:12:19

j ai un virus qui envoit des " plans cul " a tous mes contact sur msn . AVAST ne me le detecte pas

Autres pages sur : virus

a b 8 Sécurité
18 Décembre 2011 11:19:32

Bonjour,

Merci de penser à la politesse.


__________________


Pour le bon déroulement de la désinfection :


  • Utilise le moins possible ton PC pendant la procédure, afin de faciliter la désinfection.

  • Suis les procédures données, mais ne tente rien par toi-même : si il y a un souci pendant une procédure, fais-m'en part plutôt que de cliquer au hasard et provoquer une panne sur ton système.

  • Si tu suis déjà une procédure sur un autre forum, merci de le signaler, il est important de ne suivre qu'une seule désinfection à la fois.

  • Même si les symptômes de l'infection ont disparu, le PC n'est pas forcément clean : attends bien que l'on t'ait dit que le PC est désinfecté avant de l'utiliser à nouveau.

  • Même si les désinfections sont faites par des personnes ayant des connaissances approfondies dans la désinfection, il est toujours possible que ton PC plante. Pense à bien sauvegarder tes données ;) 

    __________________


    Si tu es prêt(e), allons-y :

    Diagnostic :

  • Télécharge OTL (de OldTimer) sur ton Bureau.

  • Si tu es sous XP, double-clique dessus pour le lancer, si tu es sous Vista/7, fais un clic droit dessus et fais Exécuter en tant qu'administrateur pour le lancer.

  • Une fenêtre apparaît.

  • Coche la case : Tous les utilisateurs

  • Coche les cases correspondant à la Recherche LOP et à la Recherche Purity (En bleu vers le bas de la fenêtre).

  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.

    netsvcs
    msconfig
    drivers32
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    %systemroot%\System32\config\*.sav
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.dll /lockedfiles
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    iexplore.exe
    /md5stop
    CREATERESTOREPOINT


  • Enfin, clique sur le bouton Analyse. Pendant la durée du scanne, ne touche à rien. Le scan prendra quelques temps.

  • A la fin du scan, deux rapports s'ouvriront : OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.


  • Pour les rapports, qui ont tendance à être trop longs pour le forum, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    18 Décembre 2011 23:02:30

    bonjour merci pour ton aide

    j ai analysee mon pc mais je ne sais pas comment faire pour t envoyer les rapport sur " le service de rapport "

    Contenus similaires
    a b 8 Sécurité
    19 Décembre 2011 11:38:57

    Salut,

    Poste les rapports directement dans ta prochaine réponse dans ce cas.
    20 Décembre 2011 12:47:52

    salut
    voici les rapports

    OTL Extras logfile created on: 12/18/2011 10:15:28 PM - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\DOMINIQUE\Desktop\Nouveau dossier
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4.00 Gb Total Physical Memory | 2.76 Gb Available Physical Memory | 69.07% Memory free
    8.00 Gb Paging File | 5.90 Gb Available in Paging File | 73.79% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 919.27 Gb Total Space | 870.02 Gb Free Space | 94.64% Space Free | Partition Type: NTFS
    Drive D: | 12.14 Gb Total Space | 1.49 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

    Computer Name: DOMINIQUE-HP | User Name: DOMINIQUE | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .cmd [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .cpl [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .inf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .ini [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .url [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .js [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .jse [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .pif [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .reg [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .txt [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .vbe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .vbs [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .wsf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .wsh [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

    [HKEY_USERS\S-1-5-21-3144334433-2972360633-199062389-1000\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- Reg Error: Key error.
    batfile [open] -- Reg Error: Key error.
    batfile [print] -- Reg Error: Key error.
    chm.file [open] -- Reg Error: Key error.
    cmdfile [edit] -- Reg Error: Key error.
    cmdfile [open] -- Reg Error: Key error.
    cmdfile [print] -- Reg Error: Key error.
    comfile [open] -- Reg Error: Key error.
    cplfile [cplopen] -- Reg Error: Key error.
    exefile [open] -- Reg Error: Key error.
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- Reg Error: Key error.
    htafile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- Reg Error: Key error.
    htmlfile [opennew] -- Reg Error: Key error.
    htmlfile [print] -- Reg Error: Key error.
    http [open] -- Reg Error: Key error.
    https [open] -- Reg Error: Key error.
    inffile [install] -- Reg Error: Key error.
    inffile [open] -- Reg Error: Key error.
    inffile [print] -- Reg Error: Key error.
    inifile [open] -- Reg Error: Key error.
    inifile [print] -- Reg Error: Key error.
    InternetShortcut [open] -- Reg Error: Key error.
    InternetShortcut [print] -- Reg Error: Key error.
    jsfile [edit] -- Reg Error: Key error.
    jsfile [open] -- Reg Error: Key error.
    jsfile [print] -- Reg Error: Key error.
    jsefile [edit] -- Reg Error: Key error.
    jsefile [open] -- Reg Error: Key error.
    jsefile [print] -- Reg Error: Key error.
    piffile [open] -- Reg Error: Key error.
    regfile [edit] -- Reg Error: Key error.
    regfile [open] -- Reg Error: Key error.
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- Reg Error: Key error.
    scrfile [config] -- Reg Error: Key error.
    scrfile [install] -- Reg Error: Key error.
    scrfile [open] -- Reg Error: Key error.
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- Reg Error: Key error.
    txtfile [print] -- Reg Error: Key error.
    txtfile [printto] -- Reg Error: Key error.
    vbefile [edit] -- Reg Error: Key error.
    vbefile [open] -- Reg Error: Key error.
    vbefile [print] -- Reg Error: Key error.
    vbsfile [edit] -- Reg Error: Key error.
    vbsfile [open] -- Reg Error: Key error.
    vbsfile [print] -- Reg Error: Key error.
    wsffile [edit] -- Reg Error: Key error.
    wsffile [open] -- Reg Error: Key error.
    wsffile [print] -- Reg Error: Key error.
    wshfile [open] -- Reg Error: Key error.
    Unknown [openas] -- Reg Error: Key error.
    Folder [open] -- Reg Error: Key error.
    Folder [explore] -- Reg Error: Key error.
    Drive [find] -- Reg Error: Key error.
    Applications\iexplore.exe [open] -- Reg Error: Key error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
    "{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
    "{3001791D-2CA6-6FE3-BE0F-8EA7522B32D4}" = ATI Catalyst Install Manager
    "{3184267F-B0D9-0657-D705-0C700B481A18}" = ccc-utility64
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}" = ATI Stream SDK v2 Developer
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
    "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
    "{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
    "{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
    "{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "NVIDIA Drivers" = NVIDIA Drivers

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-3144334433-2972360633-199062389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Notification de cadeaux MSN" = Notification de cadeaux MSN

    ========== Last 10 Event Log Errors ==========

    Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

    < End of report >


    OTL logfile created on: 12/18/2011 10:15:28 PM - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\DOMINIQUE\Desktop\Nouveau dossier
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4.00 Gb Total Physical Memory | 2.76 Gb Available Physical Memory | 69.07% Memory free
    8.00 Gb Paging File | 5.90 Gb Available in Paging File | 73.79% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 919.27 Gb Total Space | 870.02 Gb Free Space | 94.64% Space Free | Partition Type: NTFS
    Drive D: | 12.14 Gb Total Space | 1.49 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

    Computer Name: DOMINIQUE-HP | User Name: DOMINIQUE | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/12/18 22:13:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\DOMINIQUE\Desktop\Nouveau dossier\OTL.exe
    PRC - [2011/12/02 08:03:01 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
    PRC - [2011/11/28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2011/11/10 07:10:56 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    PRC - [2011/10/06 11:46:29 | 001,679,760 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files (x86)\Bandoo\BndCore.exe
    PRC - [2011/09/27 18:41:45 | 001,700,752 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
    PRC - [2011/09/06 17:57:41 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Users\DOMINIQUE\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    PRC - [2008/11/20 18:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


    ========== Modules (No Company Name) ==========


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV:64bit: - [2011/02/17 06:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
    SRV:64bit: - [2010/11/23 18:21:52 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2010/10/11 10:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
    SRV:64bit: - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010/03/05 01:25:36 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
    SRV:64bit: - [2010/03/05 01:25:34 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))
    SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2011/10/06 11:46:28 | 002,051,472 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files (x86)\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
    SRV - [2011/06/21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
    SRV - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
    SRV - [2011/02/01 09:49:44 | 001,127,448 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
    SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
    SRV - [2010/03/18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/11/28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
    DRV:64bit: - [2011/11/28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2011/11/28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
    DRV:64bit: - [2011/11/28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
    DRV:64bit: - [2011/11/28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2011/11/28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV:64bit: - [2011/05/13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/23 18:53:44 | 007,886,848 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2010/11/23 17:46:42 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2010/09/24 16:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
    DRV:64bit: - [2010/03/04 12:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
    DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK/3
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPDSK/3
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK/3
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPDSK/3



    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-3144334433-2972360633-199062389-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK/3
    IE - HKU\S-1-5-21-3144334433-2972360633-199062389-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKU\S-1-5-21-3144334433-2972360633-199062389-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
    FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: File not found

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ffox@bandoo.com: C:\Users\DOMINIQUE\AppData\Roaming\Mozilla\Firefox\\extensions\ffox@bandoo.com [2011/10/12 06:32:57 | 000,000,000 | ---D | M]

    [2011/10/12 06:32:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DOMINIQUE\AppData\Roaming\mozilla\Firefox\extensions
    [2011/10/12 06:32:57 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Users\DOMINIQUE\AppData\Roaming\mozilla\Firefox\extensions\ffox@bandoo.com

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:o riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll
    CHR - plugin: Bandoo (Enabled) = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp\1.0.0.0_0\ChromePlugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: YouTube = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
    CHR - Extension: Recherche Google = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
    CHR - Extension: Bandoo = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp\1.0.0.0_0\
    CHR - Extension: avast! WebRep = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
    CHR - Extension: Gmail = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

    O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2:64bit: - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\BrowserConnection.dll (Bandoo Media, inc)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc)
    O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
    O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKU\S-1-5-21-3144334433-2972360633-199062389-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKU\S-1-5-21-3144334433-2972360633-199062389-1000\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
    O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc)
    O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
    O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-3144334433-2972360633-199062389-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - Startup: C:\Users\DOMINIQUE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk = C:\Users\DOMINIQUE\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
    O7 - HKU\S-1-5-21-3144334433-2972360633-199062389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
    O7 - HKU\S-1-5-21-3144334433-2972360633-199062389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
    O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-wind... (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-wind... (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-wind... (Java Plug-in 1.6.0_29)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{692BFA06-0669-418A-BD6D-0EC408DC1524}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\ipp - No CLSID value found
    O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll (Bandoo Media, inc)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll) -C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll) -C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll (Bandoo Media, inc)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    O37 - HKLM\...exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found



    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

    CREATERESTOREPOINT
    Error creating restore point.

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/12/18 22:12:28 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\Desktop\Nouveau dossier
    [2011/12/17 20:09:15 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{BA31B0FF-4F0B-491F-B8C3-A7527A055125}
    [2011/12/17 20:09:03 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{44363CA2-37B4-4FDD-BBED-6DBF38228578}
    [2011/12/17 00:37:24 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
    [2011/12/16 12:56:58 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{0B701EED-5981-4F99-95FC-CBB54D326139}
    [2011/12/16 12:56:40 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{10C77CE3-9A3A-4D67-8E07-FBD45D669BDD}
    [2011/12/15 06:41:29 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{B866D94D-F84B-48E3-B6C4-67F0D801AE7D}
    [2011/12/15 06:41:17 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{E3501CFD-1462-4CAC-AC8C-9A8C74E065C6}
    [2011/12/15 03:01:28 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2011/12/15 03:01:28 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2011/12/15 03:01:27 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2011/12/15 03:01:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2011/12/15 03:01:26 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2011/12/15 03:01:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2011/12/15 03:01:24 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2011/12/15 03:01:24 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2011/12/15 03:01:24 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2011/12/15 03:01:24 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2011/12/15 03:01:23 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2011/12/14 11:10:38 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{BBB65C45-C416-4A07-ADDB-E77E037687D2}
    [2011/12/14 11:10:21 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{7DB9199C-5F6C-4A28-AAEE-6383F1DBD80E}
    [2011/12/14 08:54:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
    [2011/12/14 08:54:36 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
    [2011/12/14 08:54:36 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
    [2011/12/13 16:15:26 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{C4CF6830-81D2-4619-84C0-B3E39A73D090}
    [2011/12/13 16:15:14 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{1D61764C-1F0C-41B5-A083-AA19E5AD9656}
    [2011/12/12 08:48:57 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{79042FEB-5BC8-4C6F-B4CF-E80F2D5E9D33}
    [2011/12/12 08:48:40 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{58E18C22-99D6-4C73-A7DC-1FDB63342AA1}
    [2011/12/11 18:42:00 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{75393CB2-BEFB-46ED-978A-9A63F55BB766}
    [2011/12/11 10:46:36 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{0AA354F5-ED85-4E30-B404-19982985D212}
    [2011/12/11 09:36:12 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{5C790280-B1B9-4623-AF1A-1AAA94031367}
    [2011/12/11 09:35:59 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{8A4C4052-B7BD-43CF-887C-AAE5F3344A72}
    [2011/12/08 23:56:45 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{8DDCD28E-E41F-4ABC-89A9-81C62EF12FC6}
    [2011/12/08 23:56:27 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{AF0D2421-222E-4164-BFC9-BD0D4A9BE950}
    [2011/12/07 08:30:46 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{DDEB0A8A-6B65-4456-A9E8-F4AAC5A54BF4}
    [2011/12/07 08:30:35 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{DD157FC1-3D76-4E08-8F97-8D9B6394CF2B}
    [2011/12/06 11:24:11 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{B01C60A6-E78B-47CE-A68A-B87BAF9BC03C}
    [2011/12/06 11:23:59 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{90B7FA4D-7C90-48CF-B6F7-DB80779630E7}
    [2011/12/06 10:02:07 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{5A7DAF7D-DCBA-4343-892F-27E9A38580B7}
    [2011/12/06 10:01:49 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{263F3C85-39B1-44F3-B5C4-64FE7A93B41F}
    [2011/12/05 10:31:07 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{191222B3-EAE0-4686-948C-90D2784DA0C9}
    [2011/12/05 10:30:54 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{61C8A5A4-36A3-43B8-BA63-D2FE47E52EC7}
    [2011/12/04 19:17:29 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{0EF6648B-D6E1-4A47-9ADE-50806FBB6B43}
    [2011/12/04 19:17:11 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{F2DEE0FC-D667-46FD-8892-186ACA1E47D8}
    [2011/12/03 14:30:21 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{F138DF4A-546E-440D-BA1B-F64250F78659}
    [2011/12/03 14:30:09 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{CBEB098A-B0DE-43C1-9368-419F683CC012}
    [2011/12/02 08:02:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
    [2011/12/02 08:02:46 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{44F376BD-E1FF-4BE8-B366-13FF85607ECA}
    [2011/12/02 08:02:34 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{940B8B46-DC1B-4978-B9EB-F2C7A5369864}
    [2011/12/01 11:02:25 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{B03B1200-55B8-4328-8B4B-036498FBB7B3}
    [2011/12/01 11:02:04 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{6F5442AC-025D-4075-B006-F829A71E22AC}
    [2011/11/29 06:20:06 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{CF643E93-DFFE-4B4D-B295-C90565279C3B}
    [2011/11/29 06:19:47 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{15847F67-3031-4151-903C-D78FDF35479B}
    [2011/11/28 11:48:54 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{B6DCCC17-B839-4590-A90A-2CA928D4B288}
    [2011/11/28 11:48:34 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{8B79488E-9FD6-4FDE-B927-0A8ED0EEE628}
    [2011/11/27 23:48:19 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{4C0B9585-D5F3-4CD3-B460-78C9FCC8F6EC}
    [2011/11/27 23:48:00 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{9A4DB55D-B2EB-4435-8BF9-CECB9FAA13E3}
    [2011/11/27 11:56:21 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
    [2011/11/27 11:56:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
    [2011/11/27 11:56:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
    [2011/11/27 11:47:31 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{2FF8D098-FF64-40B0-98BC-D9252807BDC0}
    [2011/11/27 11:47:11 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{BAACF3DA-C07A-4F87-8C66-D45882C5A703}
    [2011/11/26 22:11:03 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{A5B67448-81CC-4241-A686-D920174A264D}
    [2011/11/26 22:10:50 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{1B7B7B0A-6306-4350-B53B-D5EA85FC5300}
    [2011/11/25 07:58:42 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{E731285E-A2AE-4F2A-9822-7913389C0EDC}
    [2011/11/25 07:58:30 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{BC343B9B-C955-4EC8-95EB-B0A2A9EC1464}
    [2011/11/24 19:58:16 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{47E0E55F-E43C-491F-9263-3F02DBFBD4D8}
    [2011/11/24 19:58:03 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{D8FA88E8-5A9F-40C4-896A-6CD8E4B8CDDA}
    [2011/11/24 06:13:16 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{EBA8772B-3943-4060-9D71-953B12AA5371}
    [2011/11/24 06:12:58 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{CCDC338D-7414-4190-B32E-4738428A8F14}
    [2011/11/23 17:09:31 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{4F3C17EE-14E1-4081-9BDF-20B7640D673A}
    [2011/11/23 17:09:11 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{BDF02ED4-C6F9-441D-9389-64B76C2981BE}
    [2011/11/23 05:08:57 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{0E313B98-DB0D-4BD5-B999-DA88444CAB32}
    [2011/11/23 05:08:45 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{8AC34CA7-5CF7-4605-8844-72082F5D888A}
    [2011/11/22 11:35:44 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{8BF0EF34-99AE-4B8F-945C-E5070348E8ED}
    [2011/11/22 11:35:26 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{AB3EEF72-257B-4ED0-B724-115CA8EEE351}
    [2011/11/21 23:34:58 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{4BFF1EBD-A489-4FC0-BAF9-C6E2C4261752}
    [2011/11/21 23:34:40 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{AED644B7-DFED-4DA9-8CDF-1654C8C91E31}
    [2011/11/21 11:34:24 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{AF503920-B8E6-4FB6-8D4D-BBB02DCC465B}
    [2011/11/21 11:34:05 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{E1E0AA00-18AE-4FC0-A1FB-63ABFDE5797E}
    [2011/11/20 11:25:07 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{EDFECD8C-5CBF-4D09-BC02-40FD3DC746C7}
    [2011/11/20 11:24:51 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{24B3A473-3672-4AA0-8437-1586F3DADB1A}

    ========== Files - Modified Within 30 Days ==========

    [2011/12/18 21:52:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/12/18 15:52:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/12/18 12:48:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/12/17 05:53:36 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2011/12/16 20:34:54 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDOMINIQUE.job
    [2011/12/16 19:52:22 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDOMINIQUE-HP$.job
    [2011/12/15 03:27:10 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/12/15 03:27:10 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/12/15 03:24:02 | 001,661,710 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2011/12/15 03:24:02 | 000,745,056 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2011/12/15 03:24:02 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2011/12/15 03:24:02 | 000,148,574 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2011/12/15 03:24:02 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2011/12/15 03:19:45 | 000,285,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2011/12/15 03:19:27 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
    [2011/12/09 10:07:36 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
    [2011/12/02 08:03:01 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2011/11/28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2011/11/28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
    [2011/11/28 19:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
    [2011/11/28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
    [2011/11/28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
    [2011/11/28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
    [2011/11/28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
    [2011/11/28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
    [2011/11/28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

    ========== Files Created - No Company Name ==========

    [2011/09/21 07:35:03 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
    [2011/09/07 02:35:38 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
    [2011/08/09 08:46:06 | 000,000,196 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
    [2011/08/09 08:27:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2011/08/09 08:23:17 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
    [2011/03/04 05:04:58 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
    [2011/02/11 18:15:43 | 001,638,640 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 22:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
    [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
    [1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\MSRTEDIT.DLL

    ========== LOP Check ==========

    [2011/10/12 06:33:14 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Bandoo
    [2011/09/07 16:07:03 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\EleFun Desktops
    [2011/09/30 06:23:54 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\funkitron
    [2011/10/01 11:50:31 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Namco
    [2011/09/23 18:58:10 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\WinBatch
    [2011/09/16 13:49:29 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Windows Live Writer
    [2011/09/07 09:02:54 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\_MDLogs
    [2009/07/14 06:08:49 | 000,018,972 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %APPDATA%\*. >
    [2011/09/06 17:54:49 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Adobe
    [2011/09/06 17:54:40 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\ATI
    [2011/10/12 06:33:14 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Bandoo
    [2011/09/07 16:07:03 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\EleFun Desktops
    [2011/09/30 06:23:54 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\funkitron
    [2011/09/06 22:09:40 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Google
    [2011/09/23 18:42:22 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Hewlett-Packard
    [2011/12/16 20:33:24 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\HP Support Assistant
    [2011/09/23 19:01:03 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\hpqLog
    [2011/12/17 00:45:07 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\HpUpdate
    [2011/09/06 17:53:20 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Identities
    [2011/08/09 08:53:36 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Macromedia
    [2010/11/21 08:16:41 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Media Center Programs
    [2011/11/04 15:22:20 | 000,000,000 | --SD | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Microsoft
    [2011/09/21 07:31:25 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Microsoft Web Folders
    [2011/09/12 20:10:08 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Mozilla
    [2011/10/01 11:50:31 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Namco
    [2011/09/21 06:19:02 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Skype
    [2011/09/23 18:58:10 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\WinBatch
    [2011/09/16 13:49:29 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\Windows Live Writer
    [2011/09/07 09:02:54 | 000,000,000 | ---D | M] -- C:\Users\DOMINIQUE\AppData\Roaming\_MDLogs

    < %APPDATA%\*.exe /s >
    [2011/09/07 16:07:06 | 001,155,708 | ---- | M] () -- C:\Users\DOMINIQUE\AppData\Roaming\EleFun Desktops\tropicwaterfall_wallpaper\flash.exe
    [2011/09/07 16:07:06 | 001,609,732 | ---- | M] (EleFun Multimedia) -- C:\Users\DOMINIQUE\AppData\Roaming\EleFun Desktops\tropicwaterfall_wallpaper\swfplayer.exe
    [2011/09/07 16:07:06 | 000,151,552 | ---- | M] () -- C:\Users\DOMINIQUE\AppData\Roaming\EleFun Desktops\tropicwaterfall_wallpaper\sysinfo.exe
    [2008/04/08 14:01:12 | 004,920,998 | ---- | M] () -- C:\Users\DOMINIQUE\AppData\Roaming\EleFun Desktops\tropicwaterfall_wallpaper\Tropic Waterfall.exe
    [2011/09/17 14:33:36 | 000,225,280 | ---- | M] () -- C:\Users\DOMINIQUE\AppData\Roaming\EleFun Desktops\tropicwaterfall_wallpaper\Tropic Waterfall_installer.exe
    [2011/09/17 14:33:36 | 000,151,624 | ---- | M] () -- C:\Users\DOMINIQUE\AppData\Roaming\EleFun Desktops\tropicwaterfall_wallpaper\uninstall.exe
    [2011/09/07 16:07:06 | 000,098,304 | ---- | M] () -- C:\Users\DOMINIQUE\AppData\Roaming\EleFun Desktops\tropicwaterfall_wallpaper\wallpaper.exe
    [2011/12/10 15:00:55 | 000,330,943 | ---- | M] () -- C:\Users\DOMINIQUE\AppData\Roaming\Hewlett-Packard\HP LinkUp\Updater\HPLinkUP-V2.01.026ToV2.01.028.exe
    [2011/08/09 08:53:32 | 000,038,784 | ---- | M] () -- C:\Users\DOMINIQUE\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
    [2011/09/06 17:57:41 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Users\DOMINIQUE\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    [2011/09/06 17:57:41 | 000,086,576 | ---- | M] (Microsoft Corporation) -- C:\Users\DOMINIQUE\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
    [2011/09/06 17:57:41 | 000,132,672 | ---- | M] (Microsoft Corporation) -- C:\Users\DOMINIQUE\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe

    < %SYSTEMDRIVE%\*.* >
    [2011/02/11 18:00:42 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
    [2011/12/15 03:19:27 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
    [2011/08/09 10:10:45 | 000,000,000 | RHS- | M] () -- C:\OS
    [2011/12/15 03:19:27 | 4294,238,208 | -HS- | M] () -- C:\pagefile.sys

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\system32\*.dll /lockedfiles >


    < MD5 for: EXPLORER.EXE >
    [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
    [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
    [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
    [2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
    [2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
    [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
    [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
    [2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

    < MD5 for: IEXPLORE.EXE >
    [2010/11/21 04:24:43 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
    [2011/09/11 21:12:40 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
    [2011/09/11 21:12:40 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_17a944edb4ca4c7a\iexplore.exe
    [2010/11/21 04:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
    [2011/09/11 21:12:39 | 000,754,480 | ---- | M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A -- C:\Program Files\Internet Explorer\iexplore.exe
    [2011/09/11 21:12:39 | 000,754,480 | ---- | M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_0d549a9b80698a7f\iexplore.exe

    < MD5 for: SVCHOST.EXE >
    [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
    [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
    [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
    [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

    < MD5 for: USERINIT.EXE >
    [2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
    [2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
    [2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
    [2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

    < MD5 for: WINLOGON.EXE >
    [2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
    [2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

    < End of report >
    a b 8 Sécurité
    20 Décembre 2011 12:55:01

    Re,

    Ton problème vient de Bandoo.

    Scan AdwCleaner


    • Télécharge AdwCleaner (de Xplode) sur ton bureau.

    • Double-clique sur l'icône AdwCleaner0.exe pour lancer le programme. (Sous Vista et 7, il faut faire un clic droit dessus, puis exécuter en tant qu'administrateur.)


      Déconnecte-toi et ferme toutes applications en cours


    • Sur le menu principal, clique sur Recherche et patiente le temps de l'analyse

    • A la fin du scan, un rapport AdwCleaner[R].txt s'ouvre. Poste le rapport dans ta prochaine réponse.


  • Le rapport se trouve ici : C:\AdwCleaner[R].txt

    20 Décembre 2011 16:13:51

    re
    voici le rapport !
    # AdwCleaner v1.402 - Rapport créé le 20/12/2011 à 16:12:08
    # Mis à jour le 11/12/11 à 19h par Xplode
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d'utilisateur : DOMINIQUE - DOMINIQUE-HP (Administrateur)
    # Exécuté depuis : C:\Users\DOMINIQUE\Desktop\Nouveau dossier\adwcleaner.exe
    # Option [Recherche]


    ***** [Services] *****

    Présent : Bandoo Coordinator

    ***** [Fichiers / Dossiers] *****

    Dossier Présent : C:\ProgramData\Bandoo
    Dossier Présent : C:\Users\DOMINIQUE\AppData\Roaming\Bandoo
    Dossier Présent : C:\Users\DOMINIQUE\AppData\LocalLow\Bandoo
    Dossier Présent : C:\Users\DOMINIQUE\AppData\LocalLow\Toolbar4
    Dossier Présent : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
    Dossier Présent : C:\Program Files (x86)\Bandoo
    Dossier Présent : C:\Program Files (x86)\Windows Searchqu Toolbar

    ***** [Registre] *****

  • Clé Présente : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar
  • Clé Présente : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar.1
  • Clé Présente : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620
  • Clé Présente : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620.3
  • Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620
  • Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620.1
    Clé Présente : HKCU\Software\DataMngr_Toolbar
    Clé Présente : HKLM\SOFTWARE\bandoo
    Clé Présente : HKLM\SOFTWARE\SearchquMediabarTb
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin
    Clé Présente : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin.1
    Clé Présente : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
    Clé Présente : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
    Clé Présente : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
    Clé Présente : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
    Clé Présente : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
    Clé Présente : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
    Clé Présente : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
    Clé Présente : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Clé Présente : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Clé Présente : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
    Clé Présente : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
    Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
    Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079a25-328f-4bd4-be04-00955acaa0a7}]
    Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]

    ***** [Registre (x64)] *****

    Clé Présente : HKCU\Software\DataMngr_Toolbar
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
    Clé Présente : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
    Clé Présente : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin
    Clé Présente : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin.1
    Clé Présente : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
    Clé Présente : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
    Clé Présente : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
    Clé Présente : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
    Clé Présente : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
    Clé Présente : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
    Clé Présente : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
    Clé Présente : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Clé Présente : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Clé Présente : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Clé Présente : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Clé Présente : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
    Clé Présente : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}
    Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
    Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}

    ***** [Navigateurs] *****

    -\\ Internet Explorer v9.0.8112.16421

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Google Chrome v0.0.0.0

    Fichier : C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] Le fichier ne contient aucune entrée illégitime.

    *************************

    AdwCleaner[R1].txt - [21461 octets] - [20/12/2011 16:11:12]
    AdwCleaner[R2].txt - [21593 octets] - [20/12/2011 16:12:08]

    ########## EOF - C:\AdwCleaner[R2].txt - [21722 octets] ##########
    a b 8 Sécurité
    20 Décembre 2011 18:04:19

    Yop,

    On continue :

    1)

    Nettoyage AdwCleaner


    • Relance AdwCleaner. (Sous Vista et 7, il faut faire un clic droit dessus, puis exécuter en tant qu'administrateur.)


      Déconnecte-toi et ferme toutes applications en cours


    • Sur le menu principal, clique sur Suppression et patiente le temps de l'analyse

    • A la fin du scan, un rapport AdwCleaner[R].txt s'ouvre. Poste le rapport dans ta prochaine réponse.


  • Le rapport se trouve ici : C:\AdwCleaner[R].txt

    2)

    Refais un scan OTL sans personnalisation, et poste l'unique rapport qui apparaîtra.
    20 Décembre 2011 21:09:39

    re

    # AdwCleaner v1.402 - Rapport créé le 20/12/2011 à 21:01:13
    # Mis à jour le 11/12/11 à 19h par Xplode
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d'utilisateur : DOMINIQUE - DOMINIQUE-HP (Administrateur)
    # Exécuté depuis : C:\Users\DOMINIQUE\Desktop\Nouveau dossier\adwcleaner.exe
    # Option [Suppression]


    ***** [Services] *****

    Arrêté & Supprimé : : Bandoo Coordinator

    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\ProgramData\Bandoo
    Dossier Supprimé : C:\Users\DOMINIQUE\AppData\Roaming\Bandoo
    Dossier Supprimé : C:\Users\DOMINIQUE\AppData\LocalLow\Bandoo
    Dossier Supprimé : C:\Users\DOMINIQUE\AppData\LocalLow\Toolbar4
    Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
    Dossier Supprimé : C:\Program Files (x86)\Bandoo
    Dossier Supprimé : C:\Program Files (x86)\Windows Searchqu Toolbar

    ***** [Registre] *****

  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar
  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar.1
  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620
  • Clé Supprimée : HKLM\SOFTWARE\Classes\TBSB01620.TBSB01620.3
  • Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620
  • Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.TBSB01620.1
    Clé Supprimée : HKCU\Software\DataMngr_Toolbar
    Clé Supprimée : HKLM\SOFTWARE\bandoo
    Clé Supprimée : HKLM\SOFTWARE\SearchquMediabarTb
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.BandooCoordinator.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.CoordinatorUI.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.hxxpAsyncResult.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCoordinator.PlugInNotifier.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin
    Clé Supprimée : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
    Clé Supprimée : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
    Clé Supprimée : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
    Clé Supprimée : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
    Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Clé Supprimée : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
    Clé Supprimée : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4da7-A3C2-B8D28AAD114B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079a25-328f-4bd4-be04-00955acaa0a7}]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]

    ***** [Registre (x64)] *****

    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}

    ***** [Navigateurs] *****

    -\\ Internet Explorer v9.0.8112.16421

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Google Chrome v0.0.0.0

    Fichier : C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] Le fichier ne contient aucune entrée illégitime.

    *************************

    AdwCleaner[R1].txt - [21461 octets] - [20/12/2011 16:11:12]
    AdwCleaner[R2].txt - [21522 octets] - [20/12/2011 16:12:08]
    AdwCleaner[S1].txt - [16251 octets] - [20/12/2011 21:01:13]

    *************************

    Dossier Temporaire : 17 dossier(s)et 166 fichier(s) supprimés

    ########## EOF - C:\AdwCleaner[S1].txt - [16474 octets] ##########
    20 Décembre 2011 21:26:13

    re

    OTL logfile created on: 12/20/2011 9:11:27 PM - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\DOMINIQUE\Desktop\Nouveau dossier
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4.00 Gb Total Physical Memory | 2.37 Gb Available Physical Memory | 59.37% Memory free
    8.00 Gb Paging File | 6.04 Gb Available in Paging File | 75.50% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 919.27 Gb Total Space | 869.94 Gb Free Space | 94.63% Space Free | Partition Type: NTFS
    Drive D: | 12.14 Gb Total Space | 1.49 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

    Computer Name: DOMINIQUE-HP | User Name: DOMINIQUE | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/12/18 22:13:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\DOMINIQUE\Desktop\Nouveau dossier\OTL.exe
    PRC - [2011/12/02 08:03:01 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
    PRC - [2011/11/28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2011/11/10 07:10:56 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    PRC - [2011/09/06 17:57:41 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Users\DOMINIQUE\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
    PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    PRC - [2008/11/20 18:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


    ========== Modules (No Company Name) ==========


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/11/28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV:64bit: - [2011/02/17 06:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
    SRV:64bit: - [2010/11/23 18:21:52 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2010/10/11 10:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
    SRV:64bit: - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010/03/05 01:25:36 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
    SRV:64bit: - [2010/03/05 01:25:34 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))
    SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2011/06/21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
    SRV - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
    SRV - [2011/02/01 09:49:44 | 001,127,448 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
    SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
    SRV - [2010/03/18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/11/28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
    DRV:64bit: - [2011/11/28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2011/11/28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
    DRV:64bit: - [2011/11/28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
    DRV:64bit: - [2011/11/28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2011/11/28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV:64bit: - [2011/05/13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/23 18:53:44 | 007,886,848 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2010/11/23 17:46:42 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2010/09/24 16:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
    DRV:64bit: - [2010/03/04 12:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
    DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK/3
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPDSK/3
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK/3
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPDSK/3

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPDSK/3
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ffox@bandoo.com: C:\Users\DOMINIQUE\AppData\Roaming\Mozilla\Firefox\\extensions\ffox@bandoo.com [2011/10/12 06:32:57 | 000,000,000 | ---D | M]

    [2011/10/12 06:32:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DOMINIQUE\AppData\Roaming\mozilla\Firefox\extensions
    [2011/10/12 06:32:57 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Users\DOMINIQUE\AppData\Roaming\mozilla\Firefox\extensions\ffox@bandoo.com

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:o riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll
    CHR - plugin: Bandoo (Enabled) = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp\1.0.0.0_0\ChromePlugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: YouTube = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
    CHR - Extension: Recherche Google = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
    CHR - Extension: Bandoo = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp\1.0.0.0_0\
    CHR - Extension: avast! WebRep = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
    CHR - Extension: Gmail = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\

    O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
    O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
    O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - Startup: C:\Users\DOMINIQUE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk = C:\Users\DOMINIQUE\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
    O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-wind... (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-wind... (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-wind... (Java Plug-in 1.6.0_29)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{692BFA06-0669-418A-BD6D-0EC408DC1524}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\ipp - No CLSID value found
    O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll (Bandoo Media, inc)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (c:\progra~2\search~1\search~1\datamngr.dll) -c:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (c:\progra~2\search~1\search~1\iebho.dll) -c:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (c:\progra~2\bandoo\bndhook.dll) - File not found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    O37 - HKLM\...exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/12/20 21:06:00 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{3261BBAC-B33C-41B3-91B7-529DB9914E11}
    [2011/12/18 22:12:28 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\Desktop\Nouveau dossier
    [2011/12/17 20:09:15 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{BA31B0FF-4F0B-491F-B8C3-A7527A055125}
    [2011/12/17 20:09:03 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{44363CA2-37B4-4FDD-BBED-6DBF38228578}
    [2011/12/17 00:37:24 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
    [2011/12/16 12:56:58 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{0B701EED-5981-4F99-95FC-CBB54D326139}
    [2011/12/16 12:56:40 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{10C77CE3-9A3A-4D67-8E07-FBD45D669BDD}
    [2011/12/15 06:41:29 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{B866D94D-F84B-48E3-B6C4-67F0D801AE7D}
    [2011/12/15 06:41:17 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{E3501CFD-1462-4CAC-AC8C-9A8C74E065C6}
    [2011/12/15 03:01:28 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2011/12/15 03:01:28 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2011/12/15 03:01:27 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2011/12/15 03:01:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2011/12/15 03:01:26 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2011/12/15 03:01:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2011/12/15 03:01:24 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2011/12/15 03:01:24 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2011/12/15 03:01:24 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2011/12/15 03:01:24 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2011/12/15 03:01:23 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2011/12/14 11:10:38 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{BBB65C45-C416-4A07-ADDB-E77E037687D2}
    [2011/12/14 11:10:21 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{7DB9199C-5F6C-4A28-AAEE-6383F1DBD80E}
    [2011/12/14 08:54:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
    [2011/12/14 08:54:36 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
    [2011/12/14 08:54:36 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
    [2011/12/13 16:15:26 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{C4CF6830-81D2-4619-84C0-B3E39A73D090}
    [2011/12/13 16:15:14 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{1D61764C-1F0C-41B5-A083-AA19E5AD9656}
    [2011/12/12 08:48:57 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{79042FEB-5BC8-4C6F-B4CF-E80F2D5E9D33}
    [2011/12/12 08:48:40 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{58E18C22-99D6-4C73-A7DC-1FDB63342AA1}
    [2011/12/11 18:42:00 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{75393CB2-BEFB-46ED-978A-9A63F55BB766}
    [2011/12/11 10:46:36 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{0AA354F5-ED85-4E30-B404-19982985D212}
    [2011/12/11 09:36:12 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{5C790280-B1B9-4623-AF1A-1AAA94031367}
    [2011/12/11 09:35:59 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{8A4C4052-B7BD-43CF-887C-AAE5F3344A72}
    [2011/12/08 23:56:45 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{8DDCD28E-E41F-4ABC-89A9-81C62EF12FC6}
    [2011/12/08 23:56:27 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{AF0D2421-222E-4164-BFC9-BD0D4A9BE950}
    [2011/12/07 08:30:46 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{DDEB0A8A-6B65-4456-A9E8-F4AAC5A54BF4}
    [2011/12/07 08:30:35 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{DD157FC1-3D76-4E08-8F97-8D9B6394CF2B}
    [2011/12/06 11:24:11 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{B01C60A6-E78B-47CE-A68A-B87BAF9BC03C}
    [2011/12/06 11:23:59 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{90B7FA4D-7C90-48CF-B6F7-DB80779630E7}
    [2011/12/06 10:02:07 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{5A7DAF7D-DCBA-4343-892F-27E9A38580B7}
    [2011/12/06 10:01:49 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{263F3C85-39B1-44F3-B5C4-64FE7A93B41F}
    [2011/12/05 10:31:07 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{191222B3-EAE0-4686-948C-90D2784DA0C9}
    [2011/12/05 10:30:54 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{61C8A5A4-36A3-43B8-BA63-D2FE47E52EC7}
    [2011/12/04 19:17:29 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{0EF6648B-D6E1-4A47-9ADE-50806FBB6B43}
    [2011/12/04 19:17:11 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{F2DEE0FC-D667-46FD-8892-186ACA1E47D8}
    [2011/12/03 14:30:21 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{F138DF4A-546E-440D-BA1B-F64250F78659}
    [2011/12/03 14:30:09 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{CBEB098A-B0DE-43C1-9368-419F683CC012}
    [2011/12/02 08:02:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
    [2011/12/02 08:02:46 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{44F376BD-E1FF-4BE8-B366-13FF85607ECA}
    [2011/12/02 08:02:34 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{940B8B46-DC1B-4978-B9EB-F2C7A5369864}
    [2011/12/01 11:02:25 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{B03B1200-55B8-4328-8B4B-036498FBB7B3}
    [2011/12/01 11:02:04 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{6F5442AC-025D-4075-B006-F829A71E22AC}
    [2011/11/29 06:20:06 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{CF643E93-DFFE-4B4D-B295-C90565279C3B}
    [2011/11/29 06:19:47 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{15847F67-3031-4151-903C-D78FDF35479B}
    [2011/11/28 11:48:54 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{B6DCCC17-B839-4590-A90A-2CA928D4B288}
    [2011/11/28 11:48:34 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{8B79488E-9FD6-4FDE-B927-0A8ED0EEE628}
    [2011/11/27 23:48:19 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{4C0B9585-D5F3-4CD3-B460-78C9FCC8F6EC}
    [2011/11/27 23:48:00 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{9A4DB55D-B2EB-4435-8BF9-CECB9FAA13E3}
    [2011/11/27 11:56:21 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
    [2011/11/27 11:56:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
    [2011/11/27 11:56:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
    [2011/11/27 11:47:31 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{2FF8D098-FF64-40B0-98BC-D9252807BDC0}
    [2011/11/27 11:47:11 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{BAACF3DA-C07A-4F87-8C66-D45882C5A703}
    [2011/11/26 22:11:03 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{A5B67448-81CC-4241-A686-D920174A264D}
    [2011/11/26 22:10:50 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{1B7B7B0A-6306-4350-B53B-D5EA85FC5300}
    [2011/11/25 07:58:42 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{E731285E-A2AE-4F2A-9822-7913389C0EDC}
    [2011/11/25 07:58:30 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{BC343B9B-C955-4EC8-95EB-B0A2A9EC1464}
    [2011/11/24 19:58:16 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{47E0E55F-E43C-491F-9263-3F02DBFBD4D8}
    [2011/11/24 19:58:03 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{D8FA88E8-5A9F-40C4-896A-6CD8E4B8CDDA}
    [2011/11/24 06:13:16 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{EBA8772B-3943-4060-9D71-953B12AA5371}
    [2011/11/24 06:12:58 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{CCDC338D-7414-4190-B32E-4738428A8F14}
    [2011/11/23 17:09:31 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{4F3C17EE-14E1-4081-9BDF-20B7640D673A}
    [2011/11/23 17:09:11 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{BDF02ED4-C6F9-441D-9389-64B76C2981BE}
    [2011/11/23 05:08:57 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{0E313B98-DB0D-4BD5-B999-DA88444CAB32}
    [2011/11/23 05:08:45 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{8AC34CA7-5CF7-4605-8844-72082F5D888A}
    [2011/11/22 11:35:44 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{8BF0EF34-99AE-4B8F-945C-E5070348E8ED}
    [2011/11/22 11:35:26 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{AB3EEF72-257B-4ED0-B724-115CA8EEE351}
    [2011/11/21 23:34:58 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{4BFF1EBD-A489-4FC0-BAF9-C6E2C4261752}
    [2011/11/21 23:34:40 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{AED644B7-DFED-4DA9-8CDF-1654C8C91E31}
    [2011/11/21 11:34:24 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{AF503920-B8E6-4FB6-8D4D-BBB02DCC465B}
    [2011/11/21 11:34:05 | 000,000,000 | ---D | C] -- C:\Users\DOMINIQUE\AppData\Local\{E1E0AA00-18AE-4FC0-A1FB-63ABFDE5797E}

    ========== Files - Modified Within 30 Days ==========

    [2011/12/20 21:11:21 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/12/20 21:11:21 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/12/20 21:09:17 | 001,661,710 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2011/12/20 21:09:17 | 000,745,056 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2011/12/20 21:09:17 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2011/12/20 21:09:17 | 000,148,574 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2011/12/20 21:09:17 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2011/12/20 21:05:40 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/12/20 21:04:11 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDOMINIQUE-HP$.job
    [2011/12/20 21:04:11 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDOMINIQUE.job
    [2011/12/20 21:04:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/12/20 21:03:58 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
    [2011/12/20 20:52:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/12/17 05:53:36 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2011/12/15 03:19:45 | 000,285,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2011/12/09 10:07:36 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
    [2011/12/02 08:03:01 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2011/11/28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2011/11/28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
    [2011/11/28 19:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
    [2011/11/28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
    [2011/11/28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
    [2011/11/28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
    [2011/11/28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
    [2011/11/28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
    [2011/11/28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

    ========== Files Created - No Company Name ==========

    [2011/09/21 07:35:03 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
    [2011/09/07 02:35:38 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
    [2011/08/09 08:46:06 | 000,000,196 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
    [2011/08/09 08:27:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2011/08/09 08:23:17 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
    [2011/03/04 05:04:58 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
    [2011/02/11 18:15:43 | 001,638,640 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 22:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
    [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
    [1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\MSRTEDIT.DLL

    < End of report >
    OTL Extras logfile created on: 12/20/2011 9:18:52 PM - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\DOMINIQUE\Desktop\Nouveau dossier
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4.00 Gb Total Physical Memory | 2.46 Gb Available Physical Memory | 61.42% Memory free
    8.00 Gb Paging File | 6.07 Gb Available in Paging File | 75.85% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 919.27 Gb Total Space | 869.94 Gb Free Space | 94.63% Space Free | Partition Type: NTFS
    Drive D: | 12.14 Gb Total Space | 1.49 Gb Free Space | 12.24% Space Free | Partition Type: NTFS

    Computer Name: DOMINIQUE-HP | User Name: DOMINIQUE | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .cmd [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .cpl [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .inf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .ini [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .url [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .js [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .jse [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .pif [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .reg [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .txt [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .vbe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .vbs [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .wsf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
    .wsh [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- Reg Error: Key error.
    batfile [open] -- Reg Error: Key error.
    batfile [print] -- Reg Error: Key error.
    chm.file [open] -- Reg Error: Key error.
    cmdfile [edit] -- Reg Error: Key error.
    cmdfile [open] -- Reg Error: Key error.
    cmdfile [print] -- Reg Error: Key error.
    comfile [open] -- Reg Error: Key error.
    cplfile [cplopen] -- Reg Error: Key error.
    exefile [open] -- Reg Error: Key error.
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- Reg Error: Key error.
    htafile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- Reg Error: Key error.
    htmlfile [opennew] -- Reg Error: Key error.
    htmlfile [print] -- Reg Error: Key error.
    http [open] -- Reg Error: Key error.
    https [open] -- Reg Error: Key error.
    inffile [install] -- Reg Error: Key error.
    inffile [open] -- Reg Error: Key error.
    inffile [print] -- Reg Error: Key error.
    inifile [open] -- Reg Error: Key error.
    inifile [print] -- Reg Error: Key error.
    InternetShortcut [open] -- Reg Error: Key error.
    InternetShortcut [print] -- Reg Error: Key error.
    jsfile [edit] -- Reg Error: Key error.
    jsfile [open] -- Reg Error: Key error.
    jsfile [print] -- Reg Error: Key error.
    jsefile [edit] -- Reg Error: Key error.
    jsefile [open] -- Reg Error: Key error.
    jsefile [print] -- Reg Error: Key error.
    piffile [open] -- Reg Error: Key error.
    regfile [edit] -- Reg Error: Key error.
    regfile [open] -- Reg Error: Key error.
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- Reg Error: Key error.
    scrfile [config] -- Reg Error: Key error.
    scrfile [install] -- Reg Error: Key error.
    scrfile [open] -- Reg Error: Key error.
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- Reg Error: Key error.
    txtfile [print] -- Reg Error: Key error.
    txtfile [printto] -- Reg Error: Key error.
    vbefile [edit] -- Reg Error: Key error.
    vbefile [open] -- Reg Error: Key error.
    vbefile [print] -- Reg Error: Key error.
    vbsfile [edit] -- Reg Error: Key error.
    vbsfile [open] -- Reg Error: Key error.
    vbsfile [print] -- Reg Error: Key error.
    wsffile [edit] -- Reg Error: Key error.
    wsffile [open] -- Reg Error: Key error.
    wsffile [print] -- Reg Error: Key error.
    wshfile [open] -- Reg Error: Key error.
    Unknown [openas] -- Reg Error: Key error.
    Folder [open] -- Reg Error: Key error.
    Folder [explore] -- Reg Error: Key error.
    Drive [find] -- Reg Error: Key error.
    Applications\iexplore.exe [open] -- Reg Error: Key error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
    "{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
    "{3001791D-2CA6-6FE3-BE0F-8EA7522B32D4}" = ATI Catalyst Install Manager
    "{3184267F-B0D9-0657-D705-0C700B481A18}" = ccc-utility64
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}" = ATI Stream SDK v2 Developer
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
    "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
    "{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
    "{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
    "{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "NVIDIA Drivers" = NVIDIA Drivers

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0000040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
    "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
    "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0E59637F-DA32-E400-92F6-3E84DB1DFB8D}" = CCC Help Portuguese
    "{13FED2DC-8185-351F-72B2-C1CAB3A8860B}" = CCC Help Turkish
    "{16FC3056-90C0-4757-8A68-64D8DA846ADA}" = Remote Graphics Receiver
    "{1826A2E3-22EE-ACC6-BB3A-80EEFF23167A}" = CCC Help Danish
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1A66A9AD-7BC1-8E9C-25EE-A5C2B07FA59E}" = CCC Help Finnish
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 29
    "{28CD5009-54CA-ED14-6A17-47803585FF5F}" = Catalyst Control Center Localization All
    "{28D1AF2F-9574-DABC-BA08-72F3356960D2}" = CCC Help Polish
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2A41AD80-C9C8-3CD0-2BEA-05731A9483DF}" = ccc-core-static
    "{2C9CA30C-E2B7-0D3A-291D-4808973E6F8C}" = CCC Help Italian
    "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
    "{2F4C493B-28D8-5054-13E9-91F05903887B}" = CCC Help Dutch
    "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{38069E07-617C-8074-4F67-BAFFFBB7E7FA}" = CCC Help Spanish
    "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
    "{3D4C2961-3353-4C56-B0B8-82AC1923695F}" = Catalyst Control Center - Branding
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
    "{465210C4-595A-BD80-44E8-E0457D9D8432}" = Zinio Reader 4
    "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
    "{49DA021B-1C01-36D0-ABDF-3B9BED567EED}" = CCC Help Chinese Traditional
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4BDC0530-445B-47F2-36A0-758DE8903B44}" = CCC Help German
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{5208F7DB-9DAA-E5CA-EEC3-1B004D66A8EB}" = CCC Help Chinese Standard
    "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{58F095F8-3F66-528A-0BF6-DF1A7B304EC0}" = CCC Help Korean
    "{5E38ABC5-71C2-04D8-62F0-C44B53E7DED8}" = Catalyst Control Center Graphics Previews Vista
    "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
    "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
    "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
    "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{751D221F-7C37-C83F-1973-A1F92A0F4DF6}" = HydraVision
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
    "{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{912CED74-88D3-4C5B-ACB0-132318649765}" = PressReader
    "{913E7600-FA3A-B125-1EA6-391D59C258F6}" = CCC Help Czech
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{959DFE5E-B55F-4A0A-9E71-2970C98C3164}" = CCC Help Russian
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9AEDD629-A40E-5EB1-2E70-E84DDE915C16}" = CCC Help Norwegian
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar
    "{A8DBF55D-73C0-4E37-A10E-365BFBB14119}" = Battlefield 2 : L’Intégrale
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
    "{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
    "{AEDDD2D4-0BE7-71D9-2091-9F8AA4A4806D}" = Catalyst Control Center InstallProxy
    "{B31D9B68-A844-191A-C652-4EA715A8CD92}" = CCC Help French
    "{B3435D6A-B061-D8E5-C9AD-2D63C823C50C}" = CCC Help Swedish
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
    "{BE05B1E6-3C47-32DC-113B-7DB85FD6BE75}" = CCC Help Hungarian
    "{C1AD9241-3ADD-483F-914D-071F3E50855A}" = HP LinkUp
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C6FD5FE2-3635-0C15-6D3C-95FCAA51A3CE}" = CCC Help Greek
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D9742D19-38EE-B2BE-5902-44130C4008FA}" = CCC Help Japanese
    "{DBF625A1-9F84-1533-E08E-D1EBBE5001DD}" = Catalyst Control Center Graphics Previews Common
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DE6E96CA-AD23-BBD7-4304-B6D4EA0F1933}" = CCC Help Thai
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E141B1E0-BA8A-750F-4106-FC6AAB8950E0}" = CCC Help English
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "Adobe AIR" = Adobe AIR
    "avast" = avast! Free Antivirus
    "EasyBits Magic Desktop" = Magic Desktop
    "Google Chrome" = Google Chrome
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "MusicStationNetstaller" = MusicStation
    "PDF Complete" = PDF Complete Special Edition
    "SearchCore for Browsers" = SearchCore for Browsers
    "Searchqu 101 MediaBar" = Windows Searchqu Toolbar
    "WildTangent hp Master Uninstall" = HP Games
    "WinLiveSuite" = Windows Live
    "WT087330" = Bounce Symphony
    "WT087361" = FATE
    "WT087393" = Mah Jong Medley
    "WT087394" = Penguins!
    "WT087396" = Polar Bowler
    "WT087490" = Jewel Quest Solitaire
    "WT087510" = Slingo Deluxe
    "WT087513" = Virtual Villagers - The Secret City
    "WT087519" = Wedding Dash
    "WT087536" = Diner Dash 2 Restaurant Rescue
    "WT089308" = Blasterball 3
    "WT089328" = Farm Frenzy
    "WT089359" = Cake Mania
    "WT089362" = Agatha Christie - Peril at End House
    "WT089453" = Bejeweled 2 Deluxe
    "WT089454" = Chuzzle Deluxe
    "WT089455" = Zuma Deluxe
    "WT089458" = Plants vs. Zombies - Game of the Year
    "WT089460" = Mystery P.I. - The London Caper
    "WT089484" = Namco All-Stars PAC-MAN
    "WT089492" = Crazy Chicken Kart 2
    "WT089493" = Fishdom
    "WT089497" = Big Rig Europe
    "ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Notification de cadeaux MSN" = Notification de cadeaux MSN

    ========== Last 10 Event Log Errors ==========

    Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

    < End of report >
    a b 8 Sécurité
    21 Décembre 2011 13:47:07

    Bonjour,

    On continue, y a du boulot :

    1)


    • Désinstalle Spybot Search&Destroy via le panneau de configuration avant de poursuivre, car il est entièrement périmé et risque de gêner la fin de la désinfection.


  • 2)

    Fix OTL :

    • Relance OTL.exe.

    • Copie exactement le texte ci-dessous :

      :OTL
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ffox@bandoo.com: C:\Users\DOMINIQUE\AppData\Roaming\Mozilla\Firefox\\extensions\ffox@bandoo.com [2011/10/12 06:32:57 | 000,000,000 | ---D | M]
      [2011/10/12 06:32:57 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Users\DOMINIQUE\AppData\Roaming\mozilla\Firefox\extensions\ffox@bandoo.com
      CHR - plugin: Bandoo (Enabled) = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp\1.0.0.0_0\ChromePlugin.dll
      CHR - Extension: Bandoo = C:\Users\DOMINIQUE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dloejdefkancmfajekobpfoacecnhpgp\1.0.0.0_0\
      O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
      O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
      O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
      O4 - Startup: C:\Users\DOMINIQUE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk = C:\Users\DOMINIQUE\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll (Bandoo Media, inc)
      O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll (Bandoo Media, inc)
      O20 - AppInit_DLLs: (c:\progra~2\search~1\search~1\datamngr.dll) -c:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll (Bandoo Media, inc)
      O20 - AppInit_DLLs: (c:\progra~2\search~1\search~1\iebho.dll) -c:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll (Bandoo Media, inc)
      O20 - AppInit_DLLs: (c:\progra~2\bandoo\bndhook.dll) - File not found

      :Commands
      [purity]
      [emptytemp]
      [emptyflash]
      [createrestorepoint]


    • Colle-le dans le cadre Personnalisation en bas à gauche.

    • Clique sur le bouton Correction en haut à gauche.

    • Si le pc te demande de redémarrer, confirme l'opération.

    • Un rapport après le redémarrage va apparaître, copie/colle-le dans ta prochaine réponse.


  • 3)

    Analyse en ligne


    • Va dans Démarrer > Panneau de configuration > Option des dossiers (en affichage classique) > Onglet Affichage puis coche "afficher les fichiers et dossiers cachés". Valide.

    • Va sur le site Virustotal , un site qui analyse des fichiers avec tous les antivirus présents sur le marché.

    • Clique sur Choisissez un fichier .

    • Dans la fenêtre qui s'ouvre alors, en bas, il est marqué Nom du fichier . Mets alors
      C:\Windows\SysWow64\ezsidmv.dat
      (copie et colle avec Ctrl+V)

    • Appuie sur Ouvrir , puis clique sur Envoyer le fichier .

    • Attends quelques secondes. Si c'est marqué que le fichier a déjà été analysé, clique sur Reanalyser le fichier maintenant .

    • Ton fichier est alors analysé. Attends bien que ce soit marqué Situation actuelle : terminé .

    • Sélectionne le tableau (avec les anti-virus, la version, la dernière mise à jour, le résultat), et Colle-le dans ta prochaine réponse stp .

    • Fais de même pour le fichier
      C:\Windows\SysWow64\ezdigsgn.dat


  • Restaure l'affichage des dossiers en décochant "afficher les fichiers et dossiers cachés" (pour ce faire procéder comme précédemment)

    4)

    Analyse et suppression des logiciels malveillants

    • Télécharge Malwarebytes' Anti-Malware (MBAM) (de Marcin Kleczynski et Bruce Harriss).

    • Installe-le, puis mets bien à jour le programme à la fin de l'installation.

    • Une fois l'opération terminée, MBAM se lance. Vérifie que la case Examen rapide est bien cochée, puis appuye sur Rechercher (encadré en rouge dans l'image ci-dessous )



    • A la fin de l'analyse, un message va s'afficher :
      L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
      ou bien :
      L'examen s'est terminé normalement. Aucun élément nuisible n'a été détecté.


    • Clique sur OK pour continuer. Si MBAM n'a rien trouvé, fais-le moi savoir et quitte le programme.

    • Si il a trouvé des malwares (donc si tu obtiens le message "Afficher les résultats' pour afficher tous les objets trouvés"), continue :

      Ferme toutes les applications en cours (à part MBAM)

    • Clique sur Afficher les résultats.

    • Coche toutes les cases et clique sur Supprimer la sélection. Ainsi, les malwares vont être mis en quarantaine.

    • Un rapport va s'afficher. Colle ce rapport dans ta prochaine réponse stp ;) 


  • Pour t'aider : Tuto sur MBAM

    5)

    Rencontres-tu encore des problèmes (messages qui s'envoient automatiquement à tes contacts,...) ?
    22 Décembre 2011 07:48:52

    salut,



    je n obtien pas de rapport quand je fais la correction il me demande de redemarrer je fais ok mais le pc ne redemarre pas
    a b 8 Sécurité
    22 Décembre 2011 11:25:20

    Hello,

    Redémarre manuellement dans ce cas.

    ATTENTION : si ton ordi reste figé sur un écran noir lors du démarrage, au début du démarrage, presse la touche F8 plusieurs fois jusqu' à avoir des options de démarrage avancées : choisis alors la Dernière configuration valide connue (ou la Dernière bonne configuration connue pour Windows 2000 et XP). Ton PC devrait démarrer correctement.

    Pour t'aider : Tuto sur le démarrage de Windows

    :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS