Votre question
Fermé

[Résolu] Virus ukash police fédéral

Tags :
  • ukash
  • Virus
  • police fédérale
  • Sécurité
Dernière réponse : dans Sécurité et virus
10 Novembre 2012 20:15:37

Bonsoir, j'ai rencontré le fameux virus ukash
j'ai déjà utilisé Rogue Killer, pouvez-vous m'aider pour la suite svp

voici le rapport avant suppression

RogueKiller V8.2.3 [07/11/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
Website: http://www.sur-la-toile.com/RogueKiller/
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version
Demarrage : Mode sans echec
Utilisateur : Samir [Droits d'admin]
Mode : Recherche -- Date : 10/11/2012 17:04:01

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 6 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Akamai NetSession Interface ("C:\Users\Samir\AppData\Local\Akamai\netsession_win.exe") -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-400989244-742530058-1236259394-1000[...]\Run : Akamai NetSession Interface ("C:\Users\Samir\AppData\Local\Akamai\netsession_win.exe") -> TROUVÉ
[STARTUP][HJNAME] ctfmon.lnk @Samir : C:\ProgramData\lsass.exe -> TROUVÉ
[STARTUP][SUSP PATH] Dropbox.lnk @Samir : C:\Users\Samir\AppData\Roaming\Dropbox\bin\Dropbox.exe -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE] ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: ST9320325AS +++++
--- User ---
[MBR] 7f102c728da54199c42d782a36cc7ec2
[BSP] cbee5df6b23019a3c4e4c5d7710cccb2 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 290204 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: INTENSO USB USB Device +++++
--- User ---
[MBR] 2205d2b11aefd838b3efadc9d74ccd9d
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 1911 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Termine : << RKreport[1]_S_10112012_170401.txt >>
RKreport[1]_S_10112012_170401.txt


voici le rapport après suppression

RogueKiller V8.2.3 [07/11/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
Website: http://www.sur-la-toile.com/RogueKiller/
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version
Demarrage : Mode sans echec
Utilisateur : Samir [Droits d'admin]
Mode : Suppression -- Date : 10/11/2012 17:04:24

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Akamai NetSession Interface ("C:\Users\Samir\AppData\Local\Akamai\netsession_win.exe") -> SUPPRIMÉ
[STARTUP][HJNAME] ctfmon.lnk @Samir : C:\ProgramData\lsass.exe -> SUPPRIMÉ
[STARTUP][SUSP PATH] Dropbox.lnk @Samir : C:\Users\Samir\AppData\Roaming\Dropbox\bin\Dropbox.exe -> SUPPRIMÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE] ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: ST9320325AS +++++
--- User ---
[MBR] 7f102c728da54199c42d782a36cc7ec2
[BSP] cbee5df6b23019a3c4e4c5d7710cccb2 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 290204 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: INTENSO USB USB Device +++++
--- User ---
[MBR] 2205d2b11aefd838b3efadc9d74ccd9d
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 1911 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Termine : << RKreport[2]_D_10112012_170424.txt >>
RKreport[1]_S_10112012_170401.txt ; RKreport[2]_D_10112012_170424.txt

Autres pages sur : resolu virus ukash police federal

a b 8 Sécurité
10 Novembre 2012 22:19:56

Bonjour,

Il faut penser à maintenir son pc à jour pour ne pas avoir ce problème.

  • Télécharge OTL (de Old Timer) sur ton Bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Coche Avec liste blanche sous Registre: approfondi.
  • Fais de même pour celle devant Tous les utilisateurs.

  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut :
    netsvcs
    msconfig
    drivers32
    activex
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\syswow64\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\syswow64\drivers\*.sys /lockedfiles
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt.

  • Rq : Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu dans ta réponse. En ças de problème, voir cette aide à l'utilisation ici.
    Contenus similaires
    a b 8 Sécurité
    11 Novembre 2012 17:18:35

    Re,

    Impossible d'obtenir ton fichier Extras.
    On va s'occuper des adwares qui viennent avec cette infection.

    • Sur cette page AdwCleaner (de Xplode) , clique sur l'image de téléchargement et enregistre le fichier sur ton Bureau.
    • Double-clique sur l'icône AdwCleaner0.exe pour lancer l'installation.
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur. Et sous IE9, le filtre SmartScreen déclenche une alerte, clique sur Actions puis sur Exécuter quand même /!\
    • Sur le menu principal, clique sur Suppression et patiente le temps de l'analyse
    • A la fin, un rapport AdwCleaner[S1].txt s'ouvre. Poste le rapport en pièce jointe dans ta prochaine réponse

  • Rq : le rapport se trouve sous C:\AdwCleaner[S1].txt

    &

    Refais une analyse OTL et poste les rapports.
    12 Novembre 2012 00:37:40

    bonsoir voici le rapport adw cleaner
    # AdwCleaner v2.007 - Rapport créé le 12/11/2012 à 00:19:45
    # Mis à jour le 06/11/2012 par Xplode
    # Système d'exploitation : Windows 7 Home Premium (64 bits)
    # Nom d'utilisateur : Samir - SAMIR-PC
    # Mode de démarrage : Normal
    # Exécuté depuis : C:\Users\Samir\Desktop\adwcleaner.exe
    # Option [Suppression]


    ***** [Services] *****

    Arrêté & Supprimé : Application Updater

    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\Program Files (x86)\Application Updater
    Dossier Supprimé : C:\Program Files (x86)\BMFTV_bar
    Dossier Supprimé : C:\Program Files (x86)\Common Files\spigot
    Dossier Supprimé : C:\Program Files (x86)\Conduit
    Dossier Supprimé : C:\Program Files (x86)\ConduitEngine
    Dossier Supprimé : C:\Program Files (x86)\DVDVideoSoftTB
    Dossier Supprimé : C:\Program Files (x86)\pdfforge Toolbar
    Dossier Supprimé : C:\Program Files (x86)\PHPNukeFR
    Dossier Supprimé : C:\Program Files (x86)\Searchqu Toolbar
    Dossier Supprimé : C:\Program Files (x86)\Windows iLivid Toolbar
    Dossier Supprimé : C:\ProgramData\boost_interprocess
    Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
    Dossier Supprimé : C:\Users\Samir\AppData\Local\Conduit
    Dossier Supprimé : C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cefhbpnokonbkocpbpbglkkbhnfflpel
    Dossier Supprimé : C:\Users\Samir\AppData\Local\Ilivid Player
    Dossier Supprimé : C:\Users\Samir\AppData\LocalLow\BMFTV_bar
    Dossier Supprimé : C:\Users\Samir\AppData\LocalLow\Conduit
    Dossier Supprimé : C:\Users\Samir\AppData\LocalLow\ConduitEngine
    Dossier Supprimé : C:\Users\Samir\AppData\LocalLow\DVDVideoSoftTB
    Dossier Supprimé : C:\Users\Samir\AppData\LocalLow\pdfforge
    Dossier Supprimé : C:\Users\Samir\AppData\LocalLow\PHPNukeFR
    Dossier Supprimé : C:\Users\Samir\AppData\LocalLow\PriceGong
    Dossier Supprimé : C:\Users\Samir\AppData\LocalLow\Search Settings
    Dossier Supprimé : C:\Users\Samir\AppData\LocalLow\searchquband
    Dossier Supprimé : C:\Users\Samir\AppData\LocalLow\Searchqutoolbar
    Fichier Supprimé : C:\Users\Samir\AppData\Local\Temp\Searchqu.ini
    Fichier Supprimé : C:\Users\Samir\AppData\Local\Temp\searchqutoolbar-manifest.xml
    Fichier Supprimé : C:\Users\Samir\AppData\Local\Temp\SetupDataMngr_Searchqu.exe

    ***** [Registre] *****

    Clé Supprimée : HKCU\Software\AppDataLow\Software\BMFTV_bar
    Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
    Clé Supprimée : HKCU\Software\AppDataLow\Software\conduitEngine
    Clé Supprimée : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Clé Supprimée : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
    Clé Supprimée : HKCU\Software\AppDataLow\Software\pdfforge
    Clé Supprimée : HKCU\Software\AppDataLow\Software\PHPNukeFR
    Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
    Clé Supprimée : HKCU\Software\AppDataLow\Software\Search Settings
    Clé Supprimée : HKCU\Software\AppDataLow\Software\searchqutoolbar
    Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
    Clé Supprimée : HKCU\Software\DataMngr
    Clé Supprimée : HKCU\Software\DataMngr_Toolbar
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C491116-C175-45E1-A570-6FB14FEA8B7B}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{53903846-3FB3-467B-A1BB-F3049E1A89A9}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C491116-C175-45E1-A570-6FB14FEA8B7B}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{53903846-3FB3-467B-A1BB-F3049E1A89A9}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6B0775EF-878C-4876-B4B0-18D72E2F5BAE}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EFE1E896-9F5C-471E-93DA-3AF8AB994BD3}
    Clé Supprimée : HKCU\Software\pdfforge
    Clé Supprimée : HKCU\Software\Search Settings
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clé Supprimée : HKLM\Software\Application Updater
    Clé Supprimée : HKLM\Software\BMFTV_bar
    Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
    Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
    Clé Supprimée : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2102473
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT3047156
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
    Clé Supprimée : HKLM\Software\Conduit
    Clé Supprimée : HKLM\Software\conduitEngine
    Clé Supprimée : HKLM\Software\DataMngr
    Clé Supprimée : HKLM\Software\DVDVideoSoftTB
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6B0775EF-878C-4876-B4B0-18D72E2F5BAE}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CC2EA798-7AEE-4E7F-AA25-500C5ECC91EB}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EFE1E896-9F5C-471E-93DA-3AF8AB994BD3}
    Clé Supprimée : HKLM\Software\pdfforge
    Clé Supprimée : HKLM\Software\PHPNukeFR
    Clé Supprimée : HKLM\Software\Search Settings
    Clé Supprimée : HKLM\Software\SearchquMediabarTb
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C491116-C175-45E1-A570-6FB14FEA8B7B}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{53903846-3FB3-467B-A1BB-F3049E1A89A9}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6B0775EF-878C-4876-B4B0-18D72E2F5BAE}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC2EA798-7AEE-4E7F-AA25-500C5ECC91EB}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EFE1E896-9F5C-471E-93DA-3AF8AB994BD3}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cefhbpnokonbkocpbpbglkkbhnfflpel
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B7408FD-221E-4E47-AFE6-22C9C33B293F}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C24BA30-F49D-4E4A-BB85-C704A00EA96C}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69046493-1FF6-4A21-9F8E-2ECA2332B56B}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFDC7335-D974-4919-B000-117F0601EA9B}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC5BF67F-4A2B-431A-B9F5-50592095113F}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD58934E-DC13-4CE1-9573-6F02BCDA5131}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDB4A351-3315-4658-80D0-A2DB270A027C}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C491116-C175-45E1-A570-6FB14FEA8B7B}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53903846-3FB3-467B-A1BB-F3049E1A89A9}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BMFTV_bar Toolbar
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PHPNukeFR Toolbar
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
    Clé Supprimée : HKLM\SOFTWARE\DataMngr
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
    Donnée Supprimée : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll
    Donnée Supprimée : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1C491116-C175-45E1-A570-6FB14FEA8B7B}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1C491116-C175-45E1-A570-6FB14FEA8B7B}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{53903846-3FB3-467B-A1BB-F3049E1A89A9}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1C491116-C175-45E1-A570-6FB14FEA8B7B}]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{53903846-3FB3-467B-A1BB-F3049E1A89A9}]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
    Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{1C491116-C175-45E1-A570-6FB14FEA8B7B}]
    Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{53903846-3FB3-467B-A1BB-F3049E1A89A9}]
    Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
    Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
    Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]

    ***** [Navigateurs] *****

    -\\ Internet Explorer v9.0.8112.16421

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Google Chrome v [Impossible d'obtenir la version]

    Fichier : C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Supprimée [l.8] : homepage = "hxxp://www.searchnu.com/406",
    Supprimée [l.12] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406" ]
    Supprimée [l.1529] : homepage = "hxxp://www.searchnu.com/406",
    Supprimée [l.1746] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406" ]

    *************************

    AdwCleaner[S2].txt - [14877 octets] - [12/11/2012 00:19:45]

    ########## EOF - C:\AdwCleaner[S2].txt - [14938 octets] ##########
    a b 8 Sécurité
    12 Novembre 2012 11:55:22

    Citation :
    Refais une analyse OTL et poste les rapports.

    Tu as oublié les rapports OTL :) 
    12 Novembre 2012 19:26:43

    re voici le rapport extras otl

    OTL Extras logfile created on: 11/11/2012 11:42:21 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Samir\Desktop
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

    3.96 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 55.99% Memory free
    7.92 Gb Paging File | 5.74 Gb Available in Paging File | 72.46% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 283.40 Gb Total Space | 170.72 Gb Free Space | 60.24% Space Free | Partition Type: NTFS

    Computer Name: SAMIR-PC | User Name: Samir | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

    [HKEY_USERS\S-1-5-21-400989244-742530058-1236259394-1000\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{006E3209-1038-4BEC-8C52-84D7BA85D23D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{009ECCBD-0BDD-43B3-BB6A-07B3BCEFEEBD}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{07535B32-D357-4AB1-B57D-91385516930D}" = rport=138 | protocol=17 | dir=out | app=system |
    "{0A7693BB-03C0-4128-B2BF-106B463E7C2D}" = lport=138 | protocol=17 | dir=in | app=system |
    "{0CE9E08E-5855-4324-A262-81AA79924395}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{13DB362D-0B5B-4DDD-914B-18B7EFEDA991}" = rport=445 | protocol=6 | dir=out | app=system |
    "{1D2C0F14-C09F-4BD8-8017-EFD5016093C8}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{240D219B-61FE-4193-9767-F794EDB82815}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{2DFC9C77-B5DA-4CC2-9BFD-0F068F9B0379}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{2FA81B2F-3CB3-4642-902E-E5386D102EBA}" = lport=139 | protocol=6 | dir=in | app=system |
    "{3AD2B44D-6629-44FF-A42D-539BE0A3929B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{624BBA99-0BC2-49C3-AB4E-7F27B3ADC404}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{640984B3-316E-40CB-94EB-B6D74CF516FD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{74620996-4EB9-446F-BE4B-ED876E53834F}" = lport=445 | protocol=6 | dir=in | app=system |
    "{86B1C17F-BF73-446B-9D37-6A4651274FE0}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{86E40D93-6C23-464B-B792-D56956AE3588}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{9DFE602A-EAE6-4176-92BF-91782118120B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{9F07DEB1-087C-458C-BC4D-9623B585773C}" = rport=139 | protocol=6 | dir=out | app=system |
    "{A1CFDCF0-49D9-4546-9FCC-4B1D4770F6DA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{B304F3BF-09E1-436C-96AE-7986695C912B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{C15CE55C-EE79-4ABA-A51D-BD9885D0F126}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{C3953522-A936-48A9-9098-77435051A3A5}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{C50FAF96-344A-43EA-8C21-C52643B8B95C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
    "{CD3DB303-5F84-4180-A152-5B978F1122E4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{D0BC3DA2-DAFD-4D89-B826-48BC52008A4B}" = lport=137 | protocol=17 | dir=in | app=system |
    "{EC2A1089-C26F-4791-B437-102F44BA47A1}" = rport=137 | protocol=17 | dir=out | app=system |
    "{F1C87BE2-1AC5-48A2-AD04-9A70B9219A6B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{F604E80B-3683-4726-9E55-90B9B5C00E7C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0D5B1293-51AC-4FC9-B911-19CB2608D962}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{0F4297CF-0690-4FF4-8C5C-336AC296A253}" = protocol=6 | dir=in | app=c:\users\samir\appdata\roaming\dropbox\bin\dropbox.exe |
    "{10033135-20CF-403A-AA10-61C72AEBE5CC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{1330B0C4-1F47-454B-B155-949723693DF9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{1729AC34-B99E-460B-BEC7-AD574D42DB9F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{1BC8BEBE-6DAE-44C0-BBAF-4C5623084F16}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{27F932D8-83EC-42B9-AAE7-824982DCFAD2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{2C081C8D-2C01-464D-A881-20C115AC4C5A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{31D50F9E-60D5-4B52-8C7B-C037386B94AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{48139EFD-63D6-4EA5-B1F7-486FBDF50EA0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{4C850EF6-2F35-4EA7-92D0-B50BC0978151}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{5D5931A4-7CDE-4D3A-B4EF-8F611038CD02}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{61638F49-8826-49B4-8AA9-1C04B4339F1D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
    "{647E867D-81AF-49A3-9B6A-D053C0C0E9D8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{6676434C-55DE-4395-AA81-9687EE560B8B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{671C5C92-B478-4AC0-995F-B058C518A347}" = protocol=17 | dir=in | app=c:\users\samir\appdata\roaming\dropbox\bin\dropbox.exe |
    "{6F053720-B77E-45B0-AB62-799563BF208D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{7151D409-A9A5-4439-9571-68A8738F7849}" = protocol=17 | dir=in | app=c:\users\samir\music\limewire\limewire.exe |
    "{7602253B-6363-4EF2-AF61-7D0384F1AA8C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{77728B2E-BD5B-4FFC-8991-8086D3E3309B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{7EC46D45-F37A-452B-A268-EB8D7BE2BE50}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{8178C0B5-F949-4008-BB37-02639DBF19A4}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{8586BA21-BF48-42E5-A815-20996DCBAC3F}" = protocol=6 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe |
    "{8B50BC93-8861-4274-A55F-F336C2625FAA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\safenet sentinel\sentinel keys server\sntlkeyssrvr.exe |
    "{8C4CE935-25A2-4850-8C9A-F4819242A202}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
    "{9829B035-6CAB-4D8F-AEF2-1706DB873ACD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{A1EA4432-D7D3-49B6-86AD-16381D3FFFBC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{A8677778-7117-4CB6-B551-087629EE825E}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
    "{B353760C-3F10-4D51-8B98-F399C3BC0FCA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{B7F43258-3FF1-4AF4-8BD3-D19CA62F327E}" = protocol=6 | dir=out | app=system |
    "{B94B583D-3C6E-4441-A37C-DCF704BC4D82}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{C16BBB3B-CCB0-4C20-8EF3-365DF2510AFB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{C58E531D-5E21-45B1-946B-C81400C46A63}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{C9566164-D9D7-4F31-90F6-51CE7218D908}" = protocol=17 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe |
    "{CA38010C-1CC8-4986-AAF5-3A1D743276A8}" = protocol=6 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
    "{CCEAB0E2-E83A-4EF9-8D88-2A3E547D82A2}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\safenet sentinel\sentinel keys server\sntlkeyssrvr.exe |
    "{D0658DE0-801C-4CB7-8966-63779F8F300D}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{DF428355-5101-4EBB-AEB6-83FE175E408D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{E2B75397-AD9D-420B-9AF4-C63C0DA859DE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{EA66054C-73ED-46B8-9EFF-A7449A8F65DE}" = protocol=17 | dir=in | app=c:\program files (x86)\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
    "{F1BCB328-21C5-4236-89DF-033FBC01C27F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{F1D0D6C0-3DA1-46E6-B71D-76FA3456061D}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
    "{FC3A8D80-F3CC-4BF0-8F3B-5CF810EA6013}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
    "{FC749D57-F7C0-4DA1-A3B8-63D632EC2FD8}" = protocol=6 | dir=in | app=c:\users\samir\music\limewire\limewire.exe |
    "TCP Query User{D174E9B4-0A6D-48C3-B9CB-E629E738E022}C:\users\samir\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\samir\appdata\local\akamai\netsession_win.exe |
    "TCP Query User{ECDF3B89-8148-4C45-A735-62D777471978}C:\users\samir\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\samir\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{3418F9B9-6C74-409A-B361-B3E3EC06A211}C:\users\samir\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\samir\appdata\local\akamai\netsession_win.exe |
    "UDP Query User{5B1283DA-0417-4680-8B2C-F09D16431FC4}C:\users\samir\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\samir\appdata\local\akamai\netsession_win.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{144B2F95-E2C6-4317-94E7-0B9B03F133B7}" = Autodesk Inventor 2010
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java(TM) 6 Update 17 (64-bit)
    "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
    "{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
    "{474A8F3F-863A-4FCC-91F0-47A61E06FEC9}" = HP Deskjet 2050 J510 series Basic Device Software
    "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{5783F2D7-8001-040C-0102-0060B0CE6BBA}" = AutoCAD 2010 - Français
    "{5783F2D7-8001-040C-1102-0060B0CE6BBA}" = AutoCAD 2010 Language Pack - Français
    "{5783F2D7-8028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2010
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
    "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
    "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B613A9BB-2B34-4824-A4BE-2427653D59D6}" = iTunes
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
    "{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{EF90F06A-3B2D-48E3-8C7A-1F2210200476}" = Autodesk Inventor Content Center Libraries 2010 (Desktop Content)
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{F763AC14-3F26-4161-9567-11D5260AD4FE}" = Autodesk Inventor 2010 Language Pack - Français
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
    "AutoCAD 2010 - Français" = AutoCAD 2010 - Français
    "Autodesk Inventor 2010" = Autodesk Inventor Professional 2010
    "Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
    "DWG TrueView 2010" = DWG TrueView 2010
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
    "{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
    "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
    "{169917C4-4A77-45F4-B20E-860703FD5E6F}" = pdfforge Toolbar v6.5
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 21
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
    "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
    "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
    "{55D9E026-DCB0-46FF-B60A-68B972228CF6}" = Autodesk Design Review 2010
    "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
    "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
    "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
    "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{69B040CC-E9B1-4769-950E-87786C9E16AD}" = OpenOffice.org 3.2
    "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{75EF954B-6213-4348-841D-A26116D79392}" = Scia Licence utility
    "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{824F20CB-8531-4392-B612-24D61C591A0C}" = Scia Engineer 2010.0
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
    "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
    "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
    "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
    "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
    "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
    "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
    "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
    "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
    "{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}" = Sentinel Protection Installer 7.5.0
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
    "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
    "{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
    "{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{FC279721-37A6-4777-AFD8-7A56681EBA14}" = eXPert PDF 6
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Advanced Audio FX Engine" = Advanced Audio FX Engine
    "Akamai" = Akamai NetSession Interface Service
    "Autodesk Design Review 2010" = Autodesk Design Review 2010
    "avast5" = avast! Free Antivirus
    "BMFTV_bar Toolbar" = BMFTV bar Toolbar
    "conduitEngine" = Conduit Engine
    "Dell Webcam Central" = Dell Webcam Central
    "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
    "DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
    "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
    "Google Chrome" = Google Chrome
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "InstallShield_{75EF954B-6213-4348-841D-A26116D79392}" = Scia Licence utility
    "InstallShield_{824F20CB-8531-4392-B612-24D61C591A0C}" = Scia Engineer 2010.0
    "LimeWire" = LimeWire 5.5.16
    "MSC" = McAfee SecurityCenter
    "Notepad++" = Notepad++
    "PHPNukeFR Toolbar" = PHPNukeFR Toolbar
    "PROPLUS" = Microsoft Office Professional Plus 2007
    "ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
    "RcDesignersLink" = RcDesignersLink
    "Searchqu Toolbar" = Searchqu Toolbar
    "WindLoadEngine" = CADS WindLoadEngine
    "Windows Searchqu Toolbar" = Windows iLivid Toolbar
    "WinLiveSuite" = Windows Live
    "WinRAR archiver" = WinRAR archiver

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-400989244-742530058-1236259394-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Akamai" = Akamai NetSession Interface
    "Dropbox" = Dropbox

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 11/10/2012 11:55:55 AM | Computer Name = Samir-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 11/10/2012 12:12:09 PM | Computer Name = Samir-PC | Source = Application Error | ID = 1000
    Description = Nom de l’application défaillante mchost.exe, version : 4.5.120.0,
    horodatage : 0x4b97a2c2 Nom du module défaillant : ntdll.dll, version : 6.1.7600.16915,
    horodatage : 0x4ec4b137 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000009c524
    ID
    du processus défaillant : 0x1998 Heure de début de l’application défaillante : 0x01cdbf5e21ac1926
    Chemin
    d’accès de l’application défaillante : C:\Program Files\Common Files\McAfee\Core\mchost.exe
    Chemin
    d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : 607a066c-2b51-11e2-a385-a4badbb0c75e

    Error - 11/10/2012 1:04:35 PM | Computer Name = Samir-PC | Source = Bonjour Service | ID = 100
    Description = mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) !=
    mDNS_reentrancy (0)

    Error - 11/10/2012 1:04:35 PM | Computer Name = Samir-PC | Source = Bonjour Service | ID = 100
    Description = mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1)
    != mDNS_reentrancy (0)

    Error - 11/10/2012 1:04:35 PM | Computer Name = Samir-PC | Source = Bonjour Service | ID = 100
    Description = mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) !=
    mDNS_reentrancy (0)

    Error - 11/10/2012 1:04:35 PM | Computer Name = Samir-PC | Source = Bonjour Service | ID = 100
    Description = mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1)
    != mDNS_reentrancy (0)

    Error - 11/10/2012 1:16:50 PM | Computer Name = Samir-PC | Source = EventSystem | ID = 4622
    Description =

    Error - 11/11/2012 4:07:04 AM | Computer Name = Samir-PC | Source = Application Error | ID = 1000
    Description = Nom de l’application défaillante sttray64.exe, version : 1.0.6217.0,
    horodatage : 0x4a490274 Nom du module défaillant : ntdll.dll, version : 6.1.7600.16915,
    horodatage : 0x4ec4b137 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000009c524
    ID
    du processus défaillant : 0xf40 Heure de début de l’application défaillante : 0x01cdbfe37d06e3b6
    Chemin
    d’accès de l’application défaillante : C:\Program Files\IDT\WDM\sttray64.exe Chemin
    d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : c6b980ae-2bd6-11e2-b65c-a4badbb0c75e

    Error - 11/11/2012 5:00:57 AM | Computer Name = Samir-PC | Source = Application Error | ID = 1000
    Description = Nom de l’application défaillante notepad.exe, version : 6.1.7600.16385,
    horodatage : 0x4a5bc9b3 Nom du module défaillant : ntdll.dll, version : 6.1.7600.16915,
    horodatage : 0x4ec4b137 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000009c524
    ID
    du processus défaillant : 0x920 Heure de début de l’application défaillante : 0x01cdbfeb0f6f4981
    Chemin
    d’accès de l’application défaillante : C:\Windows\notepad.exe Chemin d’accès du
    module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : 4db4a3d7-2bde-11e2-b65c-a4badbb0c75e

    Error - 11/11/2012 5:12:21 AM | Computer Name = Samir-PC | Source = EventSystem | ID = 4621
    Description =

    [ Dell Events ]
    Error - 9/28/2012 5:10:18 PM | Computer Name = Samir-PC | Source = DataSafe | ID = 17
    Description = Le processus a été interrompu avant la fin.

    Error - 10/5/2012 5:18:52 PM | Computer Name = Samir-PC | Source = DataSafe | ID = 17
    Description = Le processus a été interrompu avant la fin.

    Error - 10/5/2012 5:18:52 PM | Computer Name = Samir-PC | Source = DataSafe | ID = 17
    Description = Le processus a été interrompu avant la fin.

    Error - 10/13/2012 4:45:02 AM | Computer Name = Samir-PC | Source = DataSafe | ID = 17
    Description = Le processus a été interrompu avant la fin.

    Error - 10/13/2012 4:45:02 AM | Computer Name = Samir-PC | Source = DataSafe | ID = 17
    Description = Le processus a été interrompu avant la fin.

    Error - 10/20/2012 6:11:23 AM | Computer Name = Samir-PC | Source = DataSafe | ID = 17
    Description = Le processus a été interrompu avant la fin.

    Error - 10/20/2012 6:11:23 AM | Computer Name = Samir-PC | Source = DataSafe | ID = 17
    Description = Le processus a été interrompu avant la fin.

    Error - 10/29/2012 11:06:33 AM | Computer Name = Samir-PC | Source = DataSafe | ID = 17
    Description = Le processus a été interrompu avant la fin.

    Error - 10/29/2012 11:06:33 AM | Computer Name = Samir-PC | Source = DataSafe | ID = 17
    Description = Le processus a été interrompu avant la fin.

    Error - 11/5/2012 11:17:36 AM | Computer Name = Samir-PC | Source = DataSafe | ID = 17
    Description = Le processus a été interrompu avant la fin.

    [ Media Center Events ]
    Error - 2/3/2011 7:55:33 AM | Computer Name = Samir-PC | Source = MCUpdate | ID = 0
    Description = 12:55:28 - Erreur de connexion à Internet. 12:55:28 - Impossible
    de contacter le service..

    Error - 2/3/2011 8:55:46 AM | Computer Name = Samir-PC | Source = MCUpdate | ID = 0
    Description = 13:55:42 - Erreur de connexion à Internet. 13:55:42 - Impossible
    de contacter le service..

    Error - 2/3/2011 9:55:51 AM | Computer Name = Samir-PC | Source = MCUpdate | ID = 0
    Description = 14:55:51 - Erreur de connexion à Internet. 14:55:51 - Impossible
    de contacter le service..

    Error - 2/3/2011 9:55:58 AM | Computer Name = Samir-PC | Source = MCUpdate | ID = 0
    Description = 14:55:56 - Erreur de connexion à Internet. 14:55:56 - Impossible
    de contacter le service..

    Error - 2/3/2011 10:58:59 AM | Computer Name = Samir-PC | Source = MCUpdate | ID = 0
    Description = 15:58:59 - Erreur de connexion à Internet. 15:58:59 - Impossible
    de contacter le service..

    Error - 2/3/2011 10:59:06 AM | Computer Name = Samir-PC | Source = MCUpdate | ID = 0
    Description = 15:59:04 - Erreur de connexion à Internet. 15:59:04 - Impossible
    de contacter le service..

    Error - 4/27/2011 2:17:51 AM | Computer Name = Samir-PC | Source = MCUpdate | ID = 0
    Description = 08:17:51 - Erreur de connexion à Internet. 08:17:51 - Impossible
    de contacter le service..

    Error - 4/27/2011 2:18:05 AM | Computer Name = Samir-PC | Source = MCUpdate | ID = 0
    Description = 08:17:57 - Erreur de connexion à Internet. 08:17:57 - Impossible
    de contacter le service..

    Error - 4/27/2011 7:03:05 AM | Computer Name = Samir-PC | Source = MCUpdate | ID = 0
    Description = 13:03:05 - Erreur de connexion à Internet. 13:03:05 - Impossible
    de contacter le service..

    Error - 4/27/2011 7:03:16 AM | Computer Name = Samir-PC | Source = MCUpdate | ID = 0
    Description = 13:03:10 - Erreur de connexion à Internet. 13:03:10 - Impossible
    de contacter le service..

    [ System Events ]
    Error - 11/11/2012 5:14:49 AM | Computer Name = Samir-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation : l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070663 : Mise à jour de sécurité pour Microsoft Office
    2007 suites (KB2596871).

    Error - 11/11/2012 5:14:50 AM | Computer Name = Samir-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation : l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070663 : Mise à jour de sécurité pour Microsoft Office
    PowerPoint 2007 (KB2596912).

    Error - 11/11/2012 5:14:51 AM | Computer Name = Samir-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation : l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070663 : Mise à jour de sécurité pour Microsoft Office
    2007 suites (KB2596672).

    Error - 11/11/2012 5:14:52 AM | Computer Name = Samir-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation : l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070663 : Mise à jour de sécurité pour Microsoft Office
    2007 suites (KB2687441).

    Error - 11/11/2012 5:14:53 AM | Computer Name = Samir-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation : l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070663 : Mise à jour de sécurité pour Microsoft Office
    2007 suites (KB2596744).

    Error - 11/11/2012 5:14:53 AM | Computer Name = Samir-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation : l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070663 : Mise à jour de sécurité pour Microsoft Office
    PowerPoint 2007 (KB2596764).

    Error - 11/11/2012 5:14:54 AM | Computer Name = Samir-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation : l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070663 : Mise à jour de sécurité pour Microsoft Office
    Excel 2007 (KB2597161).

    Error - 11/11/2012 5:14:55 AM | Computer Name = Samir-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Échec de l’installation : l’installation de la mise à jour suivante
    a échoue avec l’erreur 0x80070663 : Mise à jour de sécurité pour Microsoft Office
    2007 suites (KB2596856).

    Error - 11/11/2012 3:34:48 PM | Computer Name = Samir-PC | Source = Service Control Manager | ID = 7000
    Description = Le service FlexNET SCIA n’a pas pu démarrer en raison de l’erreur :
    %%2

    Error - 11/11/2012 3:35:13 PM | Computer Name = Samir-PC | Source = VDS Basic Provider | ID = 33554433
    Description =


    < End of report >
    12 Novembre 2012 19:29:21

    pour ce qui est du deuxième rapport otl il contient trop de caractères pour que je puisse le poster. Comment es-ce que je pourrais te le fournir??
    a b 8 Sécurité
    12 Novembre 2012 20:19:50

    Je t'ai donné une indication :
    Citation :
    Rq : Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu dans ta réponse. En ças de problème, voir cette aide à l'utilisation ici.
    13 Novembre 2012 08:36:41

    re je sais pour l'indication mais j'ai encore réessayé mais lorsque je crée le lien il se crée tjr une erreur.. Je sais pas pourquoi. je vais donc copier le rapport deuxième rapport otl en deux partie pour pouvoir l'inséré dans ma réponse. Dsl mais je suis pas un pro.. voici la première partie du deuxième rapport otl:

    OTL logfile created on: 11/11/2012 11:42:21 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Samir\Desktop
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

    3.96 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 55.99% Memory free
    7.92 Gb Paging File | 5.74 Gb Available in Paging File | 72.46% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 283.40 Gb Total Space | 170.72 Gb Free Space | 60.24% Space Free | Partition Type: NTFS

    Computer Name: SAMIR-PC | User Name: Samir | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/11/08 10:36:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Samir\Desktop\OTL.exe
    PRC - [2012/10/31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    PRC - [2012/10/16 13:02:04 | 001,111,432 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
    PRC - [2012/10/09 15:44:44 | 000,799,112 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
    PRC - [2012/05/14 12:39:49 | 001,816,976 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe
    PRC - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
    PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    PRC - [2011/01/13 20:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
    PRC - [2011/01/13 20:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    PRC - [2011/01/13 20:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
    PRC - [2011/01/13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
    PRC - [2010/06/28 21:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    PRC - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    PRC - [2010/05/20 23:01:30 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    PRC - [2010/05/20 23:01:26 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    PRC - [2009/12/17 18:29:08 | 000,997,888 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\vspdfprsrv.exe
    PRC - [2009/10/15 09:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    PRC - [2009/06/25 02:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    PRC - [2009/06/24 22:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    PRC - [2009/06/05 01:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    PRC - [2009/06/05 01:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2008/07/11 07:05:00 | 000,226,592 | ---- | M] (SafeNet, Inc) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
    PRC - [2008/07/11 01:02:10 | 000,328,992 | ---- | M] (SafeNet, Inc.) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/10/31 23:15:05 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppgooglenaclpluginchrome.dll
    MOD - [2012/10/31 23:15:04 | 012,455,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
    MOD - [2012/10/31 23:15:02 | 004,007,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
    MOD - [2012/10/31 23:13:47 | 000,587,288 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libglesv2.dll
    MOD - [2012/10/31 23:13:46 | 000,123,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libegl.dll
    MOD - [2012/10/31 23:13:35 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avutil-51.dll
    MOD - [2012/10/31 23:13:34 | 000,274,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avformat-54.dll
    MOD - [2012/10/31 23:13:32 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll
    MOD - [2012/06/15 15:18:03 | 014,325,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\517358eb2fd962a942dd1ea6afc5b93e\PresentationFramework.ni.dll
    MOD - [2012/06/15 15:17:45 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
    MOD - [2012/06/15 15:17:36 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
    MOD - [2012/06/15 15:17:27 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll
    MOD - [2012/05/19 15:26:43 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\c366ebd7f33816762268154efc68176d\System.Core.ni.dll
    MOD - [2012/05/14 22:05:26 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc626095c194be137bceb219934b06a7\PresentationFramework.Aero.ni.dll
    MOD - [2012/05/14 22:03:55 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
    MOD - [2012/05/14 22:03:48 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b5b9223f5e18a1089a4fe3a896909d9d\System.Xml.ni.dll
    MOD - [2012/05/14 22:03:43 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
    MOD - [2012/05/14 22:03:41 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
    MOD - [2012/05/14 22:03:34 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
    MOD - [2011/05/26 12:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011/01/13 20:42:02 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
    MOD - [2011/01/13 20:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
    MOD - [2011/01/13 20:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
    MOD - [2011/01/13 20:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
    MOD - [2011/01/13 20:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
    MOD - [2011/01/13 20:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
    MOD - [2011/01/13 20:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
    MOD - [2011/01/13 20:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
    MOD - [2011/01/13 20:37:04 | 000,025,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
    MOD - [2011/01/13 20:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll
    MOD - [2010/05/04 14:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
    MOD - [2009/12/17 18:29:08 | 000,997,888 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\vspdfprsrv.exe
    MOD - [2009/12/17 18:28:40 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\expertpdf4core.bpl
    MOD - [2009/12/17 18:28:36 | 000,731,648 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\vspdfcvt100.bpl
    MOD - [2009/12/17 18:28:28 | 000,435,712 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\visage100.bpl
    MOD - [2009/12/17 18:28:26 | 000,720,384 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\TMSlite100.bpl
    MOD - [2009/12/17 18:28:26 | 000,087,552 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\vsmisc100.bpl
    MOD - [2009/12/17 18:28:26 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\VSDesktop100.bpl
    MOD - [2009/12/17 18:28:24 | 001,856,512 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\te100.bpl
    MOD - [2009/10/15 09:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
    MOD - [2009/08/03 21:19:57 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
    MOD - [2008/10/08 10:11:08 | 000,472,576 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\VirtualTree100.bpl
    MOD - [2008/05/21 17:16:16 | 001,926,656 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\PKIECtrl100.bpl
    MOD - [2008/04/14 16:38:28 | 000,688,128 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\js32.dll
    MOD - [2007/12/28 09:32:44 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\uoolep100.bpl
    MOD - [2003/08/22 04:23:16 | 000,225,792 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF 6\sqlite.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2010/10/16 11:31:50 | 001,030,600 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
    SRV:64bit: - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
    SRV:64bit: - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
    SRV:64bit: - [2010/06/28 21:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
    SRV:64bit: - [2010/05/31 19:32:58 | 000,244,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
    SRV:64bit: - [2010/05/31 19:32:58 | 000,199,032 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
    SRV:64bit: - [2010/05/31 19:32:58 | 000,148,520 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
    SRV:64bit: - [2010/04/15 08:45:10 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
    SRV:64bit: - [2010/03/10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
    SRV:64bit: - [2010/03/10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
    SRV:64bit: - [2010/03/10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
    SRV:64bit: - [2010/03/10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
    SRV:64bit: - [2010/03/10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
    SRV:64bit: - [2010/03/10 09:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
    SRV:64bit: - [2009/07/17 02:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
    SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV:64bit: - [2009/06/29 05:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
    SRV - [2012/11/11 10:07:49 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
    SRV - [2012/10/09 15:44:44 | 000,799,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
    SRV - [2012/03/03 17:48:47 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
    SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
    SRV - [2011/01/13 20:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/06/29 05:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
    SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/06/05 01:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
    SRV - [2008/07/11 07:05:00 | 000,226,592 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
    SRV - [2008/07/11 01:02:10 | 000,328,992 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2012/03/01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2011/03/11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/12/02 09:36:42 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
    DRV:64bit: - [2010/06/28 21:37:56 | 000,051,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
    DRV:64bit: - [2010/06/28 21:37:36 | 000,121,936 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2010/06/28 21:33:17 | 000,028,752 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
    DRV:64bit: - [2010/06/28 21:33:00 | 000,061,008 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2010/06/28 21:32:36 | 000,020,048 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV:64bit: - [2010/05/31 19:32:58 | 000,528,616 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
    DRV:64bit: - [2010/05/31 19:32:58 | 000,440,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
    DRV:64bit: - [2010/05/31 19:32:58 | 000,279,752 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
    DRV:64bit: - [2010/05/31 19:32:58 | 000,189,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
    DRV:64bit: - [2010/05/31 19:32:58 | 000,121,504 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
    DRV:64bit: - [2010/05/31 19:32:58 | 000,093,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
    DRV:64bit: - [2010/05/31 19:32:58 | 000,075,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
    DRV:64bit: - [2010/05/31 19:32:58 | 000,062,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
    DRV:64bit: - [2010/02/24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
    DRV:64bit: - [2009/07/17 02:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
    DRV:64bit: - [2009/07/17 02:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/09 09:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
    DRV:64bit: - [2009/06/29 05:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2009/06/15 19:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
    DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/06/04 11:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009/06/03 04:16:56 | 007,333,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/05/20 04:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2009/05/08 09:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV:64bit: - [2009/02/05 12:54:10 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV:64bit: - [2008/07/11 07:05:00 | 000,145,448 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
    DRV:64bit: - [2008/05/02 09:58:48 | 000,018,432 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
    DRV:64bit: - [2006/11/01 17:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=287&syst...{searchTerms}
    IE:64bit: - HKLM\..\SearchScopes\{D5E9F086-2C8B-424F-9C0C-13C552A2422E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
    IE - HKLM\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\prxtbPHPN.dll (Conduit Ltd.)
    IE - HKLM\..\URLSearchHook: {53903846-3fb3-467b-a1bb-f3049e1a89a9} - C:\Program Files (x86)\BMFTV_bar\prxtbBMFT.dll (Conduit Ltd.)
    IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
    IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE - HKLM\..\SearchScopes\{394B5EE6-9F03-4A3D-97BC-847D7821BD43}: "URL" = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
    IE - HKLM\..\SearchScopes\{3C440680-270B-4C14-A464-9628D82B54C9}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    IE - HKLM\..\SearchScopes\{4A77BDBB-F7CF-4123-8982-CD874C27D512}: "URL" = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=287&syst...{searchTerms}
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3047156


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/4
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 39 75 47 71 3F CB 01 [binary data]
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\prxtbPHPN.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\URLSearchHook: {53903846-3fb3-467b-a1bb-f3049e1a89a9} - C:\Program Files (x86)\BMFTV_bar\prxtbBMFT.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\SearchScopes\{177FE177-FED1-4B74-AA46-37D88D2A1282}: "URL" = http://www.bing.com/search?FORM=DLCBDF&PC=MDDC&q={searchTerms}&src=IE-SearchBox
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\SearchScopes\{394B5EE6-9F03-4A3D-97BC-847D7821BD43}: "URL" = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\SearchScopes\{4A77BDBB-F7CF-4123-8982-CD874C27D512}: "URL" = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\SearchScopes\{920BBD7A-4B50-44D8-9EDA-D8F5FF3FC0D6}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=u...{searchTerms}
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=287&syst...{searchTerms}
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3047156
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)


    [2011/06/19 12:28:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Extensions
    [2011/06/19 12:28:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

    ========== Chrome ==========

    CHR - homepage: http://www.searchnu.com/406
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:o riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
    CHR - homepage: http://www.searchnu.com/406
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
    CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Samir\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
    CHR - Extension: YouTube = C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
    CHR - Extension: BMFTV bar = C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cefhbpnokonbkocpbpbglkkbhnfflpel\2.3.17.1_0\
    CHR - Extension: Recherche Google = C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
    CHR - Extension: Gmail = C:\Users\Samir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

    O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL ()
    O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100828180216.dll (McAfee, Inc.)
    O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
    O2 - BHO: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\prxtbPHPN.dll (Conduit Ltd.)
    O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll ()
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (BMFTV bar Toolbar) - {53903846-3fb3-467b-a1bb-f3049e1a89a9} - C:\Program Files (x86)\BMFTV_bar\prxtbBMFT.dll (Conduit Ltd.)
    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100828180216.dll (McAfee, Inc.)
    O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
    O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
    O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\prxtbPHPN.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (BMFTV bar Toolbar) - {53903846-3fb3-467b-a1bb-f3049e1a89a9} - C:\Program Files (x86)\BMFTV_bar\prxtbBMFT.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\Toolbar\WebBrowser: (PHPNukeFR Toolbar) - {1C491116-C175-45E1-A570-6FB14FEA8B7B} - C:\Program Files (x86)\PHPNukeFR\prxtbPHPN.dll (Conduit Ltd.)
    O3 - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
    O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe (Dell Inc.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe (Dell Inc.)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
    O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
    O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
    O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
    O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files (x86)\Visagesoft\eXPert PDF 6\vspdfprsrv.exe ()
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
    O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - Startup: C:\Users\Samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-wind... (Java Plug-in 1.6.0_17)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-wind... (Java Plug-in 1.6.0_21)
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffic... (WRC Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-wind... (Java Plug-in 1.6.0_21)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-wind... (Java Plug-in 1.6.0_21)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.88.203.3 62.197.111.140
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{340336D7-18D4-4D8D-9EBC-A8DB1F91B1A4}: DhcpNameServer = 109.88.203.3 62.197.111.140
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{507B8B7F-0289-487C-AEEC-E35B1E0F96FE}: NameServer = 195.238.2.21,195.238.2.22
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (Userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/10/16 11:04:37 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
    O33 - MountPoints2\{24002d85-d5d2-11df-baf6-a4badbb0c75e}\Shell - "" = AutoRun
    O33 - MountPoints2\{24002d85-d5d2-11df-baf6-a4badbb0c75e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

    ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX:64bit: {297E1584-FC1B-2535-DE01-E0188F7C353B} - Browser Customizations
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {73550A57-AB82-0D87-AEDD-AF2F407DC636} - Microsoft Windows Media Player 12.0
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {AB124EFB-DB5E-AA2F-8350-B87BEEE97D97} - Browser Customizations
    ActiveX:64bit: {BF7AFB5E-96F5-B8DC-64A2-9EB801E5C310} - Browser Customizations
    ActiveX:64bit: {C0019CBC-F516-6C16-92D2-D93244D5F436} - Microsoft Windows Media Player
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
    ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: {05F78492-230B-A834-A7BD-98B67280ED38} - Microsoft Windows Media Player 12.0
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    13 Novembre 2012 08:38:14

    voici la seconde partie du deuxième rapport otl..

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/11/11 20:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    [2012/11/11 10:10:38 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\RAPPORTS POUR LE VIRUS
    [2012/11/11 09:08:21 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{61D86C1C-9A20-4981-9F7B-9F2072C8FF75}
    [2012/11/10 17:08:56 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{C56BF284-77C2-449B-9F90-21A73223B8C9}
    [2012/11/10 17:03:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\RK_Quarantine
    [2012/11/10 17:03:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Samir\Desktop\OTL.exe
    [2012/11/10 17:03:01 | 010,669,952 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Samir\Desktop\mbam-setup-1.65.1.1000.exe
    [2012/11/10 17:03:01 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Samir\Desktop\tdsskiller.exe
    [2012/11/10 16:42:58 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{A9CB74F1-BE64-43B4-90C8-4C74F3C683D4}
    [2012/11/10 16:39:26 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{4918178C-D2B3-4C10-8D41-7AA5CE18D33E}
    [2012/11/10 16:10:34 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{365579D9-51B3-4869-A8DA-409AB2CF51E1}
    [2012/11/10 15:06:19 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{C57D3AAF-4016-4773-9351-59CA6528BB61}
    [2012/11/09 15:48:20 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{04AE7CAD-4B2E-4433-8630-7A35B3A2F297}
    [2012/11/06 18:44:22 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{52AA3C3C-1C36-46C4-AD7A-54A78920AE66}
    [2012/11/05 22:35:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
    [2012/11/05 22:33:38 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    [2012/11/05 22:33:14 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Dropbox
    [2012/11/05 15:48:58 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{14BD2C61-5F26-429E-AC06-94A5FD1E4FB6}
    [2012/11/04 19:46:33 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{8D0BCC2E-6B0E-4A3E-AC95-1542AE8B1A30}
    [2012/11/02 15:10:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{31820567-E571-4B9F-B608-A18F7C0A3C8C}
    [2012/11/02 09:41:23 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{FB8CB485-86D9-4AB3-8830-616170AC3B02}
    [2012/11/01 15:22:38 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\201210A0
    [2012/11/01 10:22:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{7D7A20D2-A944-4D03-9407-A30D92C614AC}
    [2012/10/31 16:58:56 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\ba3 bis
    [2012/10/31 16:49:44 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{19F9947C-0E6E-4A40-A242-65397B2429B5}
    [2012/10/29 16:05:20 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\3BAC
    [2012/10/29 16:00:02 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{DFEBDF07-6D33-429D-B9AC-DB583794EFB3}
    [2012/10/26 13:53:38 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{8A2A9143-99F0-4560-87D1-21FDF12DA25F}
    [2012/10/25 19:44:59 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{F8B1F4F8-CE51-4E1F-A865-B9E04A08127C}
    [2012/10/24 14:23:55 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\MUSIQUE POUR MAMAN
    [2012/10/24 14:23:53 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\BIBLIOTEQUE AUTOCAD
    [2012/10/24 14:09:19 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{32FB1D47-8B96-4790-8714-6AEF6F7B95A2}
    [2012/10/23 19:19:01 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{6DF37A5B-7FC3-4D6F-B623-84B1CD9F4A9A}
    [2012/10/22 21:04:58 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{56A1E638-47C0-4E12-8637-4921C173C3FE}
    [2012/10/21 11:34:27 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{466C0EE8-1B5E-4EEF-A5EC-E93AABCCBF63}
    [2012/10/21 09:42:23 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\PARTIE BETON DU COUR DE MATERIAUX
    [2012/10/20 23:33:54 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{15B01051-995D-49FB-B64B-969E5AF49A8E}
    [2012/10/20 10:29:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
    [2012/10/20 10:29:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
    [2012/10/20 10:29:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pdfforge Toolbar
    [2012/10/20 10:26:36 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{F0ABC690-708C-4889-818A-D1B93E2FB496}
    [2012/10/19 18:45:45 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{67639378-9A1C-434C-BBB5-B422DB093385}
    [2012/10/18 19:07:38 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{C79463E0-73AA-451D-992D-6CDF258C0851}
    [2012/10/16 13:26:53 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{0A2F400A-1D27-477D-8D71-29C20EB7847F}
    [2012/10/15 17:53:14 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{3A060222-A274-4834-A28A-8798ADA12A62}
    [2012/10/14 13:36:32 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{28D03DA9-A801-40CE-A78C-4F9A022EA8DF}
    [2012/10/13 21:40:06 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{A2E51B94-9599-4212-BC8E-EE9C8C161F91}
    [2012/10/13 09:39:40 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{2F7239B2-5269-4E71-9160-FEE1009F575A}
    [2 C:\Users\Samir\Desktop\*.tmp files -> C:\Users\Samir\Desktop\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/11/11 23:44:09 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/11/11 23:44:09 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/11/11 20:34:50 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/11/11 20:34:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/11/11 20:34:20 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
    [2012/11/11 09:51:06 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/11/11 09:11:23 | 001,549,936 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/11/11 09:11:23 | 000,704,714 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2012/11/11 09:11:23 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/11/11 09:11:23 | 000,130,988 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2012/11/11 09:11:23 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/11/10 18:07:50 | 000,002,376 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2012/11/10 16:39:26 | 083,023,306 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
    [2012/11/10 11:47:56 | 000,360,448 | ---- | M] () -- C:\Users\Samir\Desktop\SXCU.exe
    [2012/11/09 15:43:42 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Samir\Desktop\tdsskiller.exe
    [2012/11/09 15:42:30 | 000,541,569 | ---- | M] () -- C:\Users\Samir\Desktop\adwcleaner.exe
    [2012/11/08 18:54:24 | 010,669,952 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Samir\Desktop\mbam-setup-1.65.1.1000.exe
    [2012/11/08 18:53:12 | 000,662,016 | ---- | M] () -- C:\Users\Samir\Desktop\RogueKiller.exe
    [2012/11/08 10:36:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Samir\Desktop\OTL.exe
    [2012/11/05 22:35:26 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\lsass.exe
    [2012/10/21 09:45:44 | 031,102,640 | ---- | M] () -- C:\Users\Samir\Desktop\chapitre_1-proprietes_physiques_des_sols.rtf
    [2012/10/21 09:44:02 | 009,745,277 | ---- | M] () -- C:\Users\Samir\Desktop\chapitre_0-introduction.rtf
    [2 C:\Users\Samir\Desktop\*.tmp files -> C:\Users\Samir\Desktop\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/11/10 17:03:01 | 000,662,016 | ---- | C] () -- C:\Users\Samir\Desktop\RogueKiller.exe
    [2012/11/10 17:03:01 | 000,541,569 | ---- | C] () -- C:\Users\Samir\Desktop\adwcleaner.exe
    [2012/11/10 17:03:01 | 000,360,448 | ---- | C] () -- C:\Users\Samir\Desktop\SXCU.exe
    [2012/11/05 22:35:27 | 083,023,306 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
    [2012/10/21 09:45:24 | 031,102,640 | ---- | C] () -- C:\Users\Samir\Desktop\chapitre_1-proprietes_physiques_des_sols.rtf
    [2012/10/21 09:43:46 | 009,745,277 | ---- | C] () -- C:\Users\Samir\Desktop\chapitre_0-introduction.rtf
    [2012/03/07 08:48:09 | 000,000,044 | ---- | C] () -- C:\Windows\Esa.INI
    [2010/10/16 10:36:54 | 000,000,017 | ---- | C] () -- C:\Users\Samir\AppData\Local\resmon.resmoncfg

    ========== ZeroAccess Check ==========

    [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== Custom Scans ==========

    < >

    < >

    < >

    < >

    < MD5 for: EXPLORER.EXE >
    [2010/03/17 09:28:46 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
    [2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
    [2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
    [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
    [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
    [2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
    [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
    [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
    [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
    [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
    [2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
    [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
    [2010/03/17 09:28:46 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
    [2010/03/17 09:28:49 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
    [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
    [2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
    [2010/03/17 09:28:49 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
    [2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
    [2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
    [2010/03/17 09:28:49 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
    [2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
    [2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
    [2010/03/17 09:28:46 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
    [2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
    [2010/03/17 09:28:49 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
    [2010/03/17 09:28:46 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

    < MD5 for: USERINIT.EXE >
    [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
    [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
    [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
    [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
    [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
    [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

    < MD5 for: WININIT.EXE >
    [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
    [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
    [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
    [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

    < MD5 for: WINLOGON.EXE >
    [2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
    [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
    [2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
    [2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
    [2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

    < >

    < %SYSTEMDRIVE%\*.exe >
    [2007/11/07 07:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe

    < >

    < %ALLUSERSPROFILE%\Application Data\*. >

    < >

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < >

    < %APPDATA%\*. >
    [2010/08/10 19:52:08 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Adobe
    [2011/10/16 09:04:38 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Apple Computer
    [2010/10/26 20:54:02 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Autodesk
    [2012/11/10 16:18:16 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Creative
    [2010/08/15 21:13:19 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\CyberLink
    [2011/05/10 21:48:41 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Dev-Cpp
    [2012/11/10 16:42:34 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Dropbox
    [2011/09/24 10:48:05 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\DVDVideoSoft
    [2011/09/24 10:47:28 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers
    [2012/11/04 21:24:35 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\EurekaLog
    [2010/10/12 18:19:03 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\eXPert PDF 6
    [2010/08/10 19:40:01 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Identities
    [2011/11/24 19:01:56 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\LimeWire
    [2010/08/10 19:52:09 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Macromedia
    [2010/08/19 09:13:16 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Macrovision
    [2009/07/14 08:44:38 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Media Center Programs
    [2012/02/15 16:08:42 | 000,000,000 | --SD | M] -- C:\Users\Samir\AppData\Roaming\Microsoft
    [2011/06/19 12:28:43 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Mozilla
    [2012/02/13 14:49:13 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Notepad++
    [2010/09/17 19:08:42 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\OpenOffice.org
    [2012/06/04 22:18:09 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\ProtectDISC
    [2010/10/30 19:46:40 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Reallusion
    [2010/08/10 19:40:39 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Roxio
    [2010/12/02 21:11:30 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\WinRAR

    < >

    < %APPDATA%\*.exe /s >
    [2012/10/18 23:33:50 | 026,643,352 | ---- | M] (Dropbox, Inc.) -- C:\Users\Samir\AppData\Roaming\Dropbox\bin\Dropbox.exe
    [2012/10/18 23:34:02 | 000,181,800 | ---- | M] (Dropbox, Inc.) -- C:\Users\Samir\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
    [2012/10/18 23:33:52 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\Samir\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
    [2011/06/19 12:28:34 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Users\Samir\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe
    [2011/06/19 12:28:36 | 000,196,608 | ---- | M] (Mozilla Foundation) -- C:\Users\Samir\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe
    [2011/06/19 12:28:36 | 000,014,848 | ---- | M] () -- C:\Users\Samir\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe
    [2011/06/19 12:28:36 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Users\Samir\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe
    [2011/06/19 12:28:36 | 000,266,240 | ---- | M] (Mozilla Foundation) -- C:\Users\Samir\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe
    [2011/06/19 12:28:36 | 000,018,432 | ---- | M] () -- C:\Users\Samir\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe
    [2011/06/19 12:28:36 | 000,014,336 | ---- | M] () -- C:\Users\Samir\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe
    [2011/06/19 12:28:37 | 000,073,728 | ---- | M] (Mozilla Foundation) -- C:\Users\Samir\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
    [2011/06/19 12:28:37 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Users\Samir\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
    [2010/10/16 11:24:37 | 000,010,134 | R--- | M] () -- C:\Users\Samir\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

    < >

    < %systemroot%\*. /mp /s >

    < >

    < %systemroot%\system32\*.dll /lockedfiles >

    < >

    < %systemroot%\syswow64\*.dll /lockedfiles >

    < >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < >

    < %systemroot%\syswow64\drivers\*.sys /lockedfiles >

    < >

    < hklm\software\clients\startmenuinternet|command /rs >
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/10/31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/10/31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/10/31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/10/31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/02/18 09:17:02 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/02/18 09:17:02 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/02/18 09:17:02 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/08/24 08:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/08/24 08:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation)

    < >

    < hklm\software\clients\startmenuinternet|command /64 /rs >
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/10/31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/10/31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/10/31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/10/31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/02/18 09:17:01 | 000,089,088 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/02/18 09:17:01 | 000,089,088 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/02/18 09:17:01 | 000,089,088 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/08/24 08:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/08/24 08:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation)

    < >

    < End of report >
    a b 8 Sécurité
    13 Novembre 2012 14:00:05

    C'est un peu galère à lire. Tu as essayé avec le site cjoint.fr par exemple ? tu as quoi comme erreur ? Fais ceci en attendant :

    • Télécharge SX Check&Update (de igor 51) sur ton Bureau.
      /!\ Désactive ton anti-virus et ferme toutes applications en cours /!\
      (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

    • Double-clique sur SXC&U.exe situé sur ton Bureau pour le lancer.
    • Au menu principal, clique sur le bouton Update Flash et installe la nouvelle version Flash Player pour tous les navigateurs.
    • Ensuite, clique sur le bouton Update Java et Adobe Reader pour installer la dernière version proposée.
      /!\ Lors des installations, pense à décocher les cases d'installation pour des toolbars et autres /!\
    • Au menu principal, choisis l'option Rapport.
    • Poste le rapport qui s'affiche à ton écran.
    a b 8 Sécurité
    13 Novembre 2012 18:28:08

    Oui ça marche :) 

    Désinstalle Java(TM) 6 Update 17 (64-bit) & Java(TM) 6 Update 21. Installe la dernière version :
    http://www.java.com/fr/download/

    Avec tous tes navigateurs, rends-toi sur cette page : http://get.adobe.com/fr/flashplayer/

    Avec cjoint cela fonctionne mais je veux une nouvelle analyse OTL, pour voir ce qu'il reste.
    13 Novembre 2012 20:48:12

    je me suis rendu sur le site http://www.java.com/fr/download/
    avec google chrome et internet explorer mais il ne se passe rien. qu'es-ce qui devrait se passer au fait? Merci
    a b 8 Sécurité
    13 Novembre 2012 22:41:59

    Ah enfin :D 

    • Relance OTL.exe
    • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
      (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
      /!\ Attention, utilisateur d'Avast!, ne lancez pas OTL en mode sandbox /!\
    • Copie-colle l'ensemble du texte ci-dessous dans le cadre Personnalisation d'OTL en bas à gauche :

      :OTL
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
      IE - HKLM\..\SearchScopes\{394B5EE6-9F03-4A3D-97BC-847D7821BD43}: "URL" = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
      IE - HKLM\..\SearchScopes\{4A77BDBB-F7CF-4123-8982-CD874C27D512}: "URL" = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
      IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
      IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\SearchScopes\{394B5EE6-9F03-4A3D-97BC-847D7821BD43}: "URL" = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
      IE - HKU\S-1-5-21-400989244-742530058-1236259394-1000\..\SearchScopes\{4A77BDBB-F7CF-4123-8982-CD874C27D512}: "URL" = http://downloads.phpnuke.org/fr/index.php?rvs=hompag
      O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
      O4 - HKLM..\Run: [] File not found
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
      O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - File not found
      O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - File not found
      O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
      O33 - MountPoints2\{24002d85-d5d2-11df-baf6-a4badbb0c75e}\Shell - "" = AutoRun
      O33 - MountPoints2\{24002d85-d5d2-11df-baf6-a4badbb0c75e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
      [2012/11/13 20:27:03 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{C938D08E-7FD4-496A-83E9-905CD325E6A9}
      [2012/11/13 08:26:31 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{DEF3DE33-B67D-4C83-ABBE-2A1FAED74A0E}
      [2012/11/12 19:23:47 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{91822385-5840-47AF-ADEF-7001A5A2A0CB}
      [2012/11/12 00:08:58 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{92A94EC9-E766-4C24-9977-7CC505163F5E}
      [2012/11/11 09:08:21 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{61D86C1C-9A20-4981-9F7B-9F2072C8FF75}
      [2012/11/10 17:08:56 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{C56BF284-77C2-449B-9F90-21A73223B8C9}
      [2012/11/10 16:42:58 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{A9CB74F1-BE64-43B4-90C8-4C74F3C683D4}
      [2012/11/10 16:39:26 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{4918178C-D2B3-4C10-8D41-7AA5CE18D33E}
      [2012/11/10 16:10:34 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{365579D9-51B3-4869-A8DA-409AB2CF51E1}
      [2012/11/10 15:06:19 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{C57D3AAF-4016-4773-9351-59CA6528BB61}
      [2012/11/09 15:48:20 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{04AE7CAD-4B2E-4433-8630-7A35B3A2F297}
      [2012/11/06 18:44:22 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{52AA3C3C-1C36-46C4-AD7A-54A78920AE66}
      [2012/11/05 15:48:58 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{14BD2C61-5F26-429E-AC06-94A5FD1E4FB6}
      [2012/11/04 19:46:33 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{8D0BCC2E-6B0E-4A3E-AC95-1542AE8B1A30}
      [2012/11/02 15:10:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{31820567-E571-4B9F-B608-A18F7C0A3C8C}
      [2012/11/02 09:41:23 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{FB8CB485-86D9-4AB3-8830-616170AC3B02}
      [2012/11/01 10:22:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{7D7A20D2-A944-4D03-9407-A30D92C614AC}
      [2012/10/31 16:49:44 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{19F9947C-0E6E-4A40-A242-65397B2429B5}
      [2012/10/29 16:00:02 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{DFEBDF07-6D33-429D-B9AC-DB583794EFB3}
      [2012/10/26 13:53:38 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{8A2A9143-99F0-4560-87D1-21FDF12DA25F}
      [2012/10/25 19:44:59 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{F8B1F4F8-CE51-4E1F-A865-B9E04A08127C}
      [2012/10/24 14:09:19 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{32FB1D47-8B96-4790-8714-6AEF6F7B95A2}
      [2012/10/23 19:19:01 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{6DF37A5B-7FC3-4D6F-B623-84B1CD9F4A9A}
      [2012/10/22 21:04:58 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{56A1E638-47C0-4E12-8637-4921C173C3FE}
      [2012/10/21 11:34:27 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{466C0EE8-1B5E-4EEF-A5EC-E93AABCCBF63}
      [2012/10/20 23:33:54 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{15B01051-995D-49FB-B64B-969E5AF49A8E}
      [2012/10/20 10:26:36 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{F0ABC690-708C-4889-818A-D1B93E2FB496}
      [2012/10/19 18:45:45 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{67639378-9A1C-434C-BBB5-B422DB093385}
      [2012/10/18 19:07:38 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{C79463E0-73AA-451D-992D-6CDF258C0851}
      [2012/10/16 13:26:53 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{0A2F400A-1D27-477D-8D71-29C20EB7847F}
      [2012/10/15 17:53:14 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\{3A060222-A274-4834-A28A-8798ADA12A62}

      :Commands
      [emptytemp]

    • Puis clique sur le bouton Correction en haut à gauche.
    • Le pc va redémarrer (si ce n'est pas le cas, fais-le manuellement).
    • Poste le rapport de suppression s'il apparait.

  • Note : le rapport est enregistré sous format .log, il convient de changer cette extension en .txt si tu veux le déposer sur des sites en ligne. S'il n'apparait pas, il se trouve ici : C:\_OTL, sous la forme xxxxxxxx_xxxx.log où x sont la date et l'heure.
    /!\ Ce script est exclusivement réservé à l'utilisateur actuel du sujet, vous ne devez en aucun cas l'utiliser de votre propre chef sur un autre pc, sous risque d'endommager le système /!\

    &

    • Télécharge SX Check&Update (de igor 51) sur ton Bureau.
      /!\ Désactive ton anti-virus et ferme toutes applications en cours /!\
      (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

    • Double-clique sur SXC&U.exe situé sur ton Bureau pour le lancer.
    • Au menu principal, clique sur le bouton Update Flash et installe la nouvelle version Flash Player pour tous les navigateurs.
    • Ensuite, clique sur le bouton Update Java et Adobe Reader pour installer la dernière version proposée.
      /!\ Lors des installations, pense à décocher les cases d'installation pour des toolbars et autres /!\
    • Au menu principal, choisis l'option Rapport.
    • Poste le rapport qui s'affiche à ton écran.


  • &

    On va s'occuper de supprimer les logiciels de désinfection maintenant :
    • Sur cette page DelFix (de Xplode) , clique sur bouton de téléchargement et enregistre le fichier sur ton Bureau.
    • Lance le programme puis clique sur Suppression puis poste le rapport.
    • Relance le logiciel puis clique sur Désinstallation.


  • Ta restauration du système contient des restes de ton infection, il faut donc la vider.
    Tu trouveras une aide dans le lien suivant pour Windows Vista/7 :
    http://www.inforumatique.fr/forum/post82670.html#p82670

    /!\ Pour ne plus avoir ce genre de problème, il est capital de respecter les règles du dossier Prévention & Protection /!\

    Pour finir, tu peux si tu le souhaites valider une meilleure réponse. Cette option disponible ou non en fonction du type de sujet marquera automatique le sujet comme résolu.
    a b 8 Sécurité
    14 Novembre 2012 18:56:15

    Le rapport SXC&U ? Tu as tout qui est indiqué dans le dossier prévention que je t'ai donné dans ma procédure :) 
    14 Novembre 2012 21:38:49

    lorsque je clik sur update flash dans sxc u il ne se passe rien. Lorsque je clik sur update java il me dit que java est à jour et qd je clik qur update adobe reader il est ecrit que reader n'est pas instaler... Voici comeme le rapport:
    http://cjoint.com/?BKovMDjaJ5c
    15 Novembre 2012 16:30:10

    non. Un grand merci pour ton aide et ta patience
    a b 8 Sécurité
    15 Novembre 2012 17:29:24

    Je ferme donc le sujet. Bonne continuation :) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS