Se connecter / S'enregistrer
Votre question

Pobléme avec la page googol

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Janvier 2013 19:43:11

Bonjour à vous,
Jai un problème avec mon ordi, quand j'ouvre firefox et que je cherche à ouvrir une page ,
j'ai une autre page qui s'affiche et qui défille toujour la même:p arked.com captcha vérification, on me demande un mot de passe, je ne peux plus aller surfé.
Merci.
Problème Résolu

Autres pages sur : pobleme page googol

16 Janvier 2013 22:57:15

lol je deplace dans la section virus :) 
m
0
l
a c 547 8 Sécurité
17 Janvier 2013 10:30:27

Bonjour,

Tu peux te connecter avec un autre navigateur ou tu retrouves ceci sur tout les navigateurs ? (Internet Explorer, etc ...)

Pour voir ensuite :

(si tu ne peux télécharger sur ce pc, fais-le d'un autre pc et transfère l'outil sur le pc bloqué)

Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Coche en haut la case devant "Tous les utilisateurs"
  • Coche "Avec liste blanche" sous "Registre: approfondi"
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.

    netsvcs
    msconfig
    drivers32
    activex
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    kernel32.dll
    services.exe
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\syswow64\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\syswow64\drivers\*.sys /lockedfiles
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT


  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt.

  • Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu dans ta réponse.
    Une aide à l'utilisation ici


    Note : Les rapports sont aussi enregistrés sur le bureau
    m
    0
    l
    17 Janvier 2013 13:58:41

    Bonjour,
    bin je dois alors le formater?
    Merci

    m
    0
    l
    17 Janvier 2013 14:04:04

    Bonjour,
    J'ai changer de moteur de recherche pour safari et je peux aller sur le net, sa fonctionne mais ca bloque de temp à autre,
    Esque que je dois le formater pour retirer ce virus,
    Merci.
    hyunkel30 a dit :
    Bonjour,


    Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Coche en haut la case devant "Tous les utilisateurs"
  • Coche "Avec liste blanche" sous "Registre: approfondi"
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.

    netsvcs
    msconfig
    drivers32
    activex
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    kernel32.dll
    services.exe
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\syswow64\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\syswow64\drivers\*.sys /lockedfiles
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT


  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt.

  • Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu dans ta réponse.
    Une aide à l'utilisation ici


    Note : Les rapports sont aussi enregistrés sur le bureau


    m
    0
    l
    a c 547 8 Sécurité
    17 Janvier 2013 14:13:10

    Re,

    Je t'ai fournis une procédure pour que je puisse diagnostiquer, je ne t'ai absolument pas demander de formater ton pc non ?

    Alors effectue la procédure et fournis-moi les rapports demandé.

    :jap: 
    m
    0
    l
    17 Janvier 2013 14:58:08

    Bonjour, j'ai effectuer se que tu m'a demander voici le rappoert
    Merci.

    OTL Extras logfile created on: 17/01/2013 14:30:26 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sodel\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,86 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 46,60% Memory free
    7,71 Gb Paging File | 5,14 Gb Available in Paging File | 66,70% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 455,15 Gb Total Space | 312,10 Gb Free Space | 68,57% Space Free | Partition Type: NTFS

    Computer Name: DOUDOU | User Name: sodel | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

    [HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{04DC25B7-C96A-4FC3-B0A9-954CF393F541}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{0D45E8ED-9059-4B11-B531-6FEA800BA2EB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{10AA8F76-EA29-4079-8FAA-3459F432844C}" = lport=3888 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
    "{17A515C7-C9FC-4307-BBE8-4A6C29202A76}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{197C4204-6EF1-4A26-8AC5-2F45B65BF784}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{1C20221F-C230-41DE-B43F-4FD8800AAACE}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{2FB0C25C-F61E-49CC-8A87-5A3583E39704}" = lport=3880 | protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
    "{322C2633-4F40-48CA-ABDC-CC5139A7C439}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
    "{570776F8-57E6-4203-8316-0EC7CF65FDD6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{8D976E5A-53AD-4EC5-B5CF-010068CF733A}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{8F01EDD6-8A17-4475-A125-DCF9F26DBC68}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{96304D11-B090-4D42-8336-77E7234C7DDD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{A7DBE224-E9EA-4EC4-86B3-1716E9ED79AD}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{AB5EF8A0-EC49-4FAC-9F14-AA63267F04E1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{AE31C21B-03A4-432D-9827-7380966A96CC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{BA1C00FF-13C9-455D-B950-800121B16E20}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{DBE54230-46C4-4C75-B538-420364B86362}" = lport=3888 | protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio creations\vaio movie story\vmstory.exe |
    "{E6B54CCD-1026-428C-B558-5C1F060156B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E9265D14-463A-4ECF-943F-570B4B4A0B18}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{035ACC77-83D8-4D2C-AB2F-394424EF14E0}" = protocol=6 | dir=out | app=system |
    "{081FB7B3-000E-4489-9F3D-1313BB4BAE60}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
    "{13C2D30E-E116-4824-8CD4-AC1DA445EB46}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio transfer support\vaiotransfer.exe |
    "{16B9ED22-B710-4C18-81C3-3A33EEDF036F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{1D129B14-EAE5-435F-B25E-579B237819EB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{22F75532-10BC-4A09-9D7F-FE3CDA4BE6A3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{24C34798-D385-4604-8325-A93CD5FEA153}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{2B7E315B-1481-4D72-B97D-32C780FA2EF6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{2F4683F9-0AAD-4586-AC92-ECB15955D986}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe |
    "{3A74D2A4-697D-483D-A7D2-4FD5397AF16A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{466ED1FE-F652-4BA2-8DD0-622CF1329220}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio transfer support\vaiotransfer.exe |
    "{4A0A1D5B-33CB-411E-B4B0-90C998D67323}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{60D553FD-47EE-4CF6-AB20-E8CA7BB01E10}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{623335BB-24B5-4BD9-A75D-A50F4D0C5524}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{6E2DD6BC-2548-4F03-A615-F3F13E808FC3}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
    "{753B50B8-516F-4867-A9AD-99EC13F16D9E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{773CB0DA-DD28-40EB-A481-5256630F2D9B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{8DA4832F-C940-4EC2-A148-170ABA104CE0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{A4CDCA27-0B3C-433E-954B-4B5982DE379E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{AA6CBBDB-AE27-4ACE-B86C-FC112013BB15}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{B29A094A-15AD-4E3E-8D56-3820CF026765}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{BC650434-4A4A-4204-B9F5-74C55E229325}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{C84EE90B-3169-444B-99AF-C7AA99349ECF}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{E39C0A1D-755B-4C7D-949C-9C7B37794380}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{E4318CBA-DB2B-4230-94E4-E399416861AC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{E519D15D-DB97-4AB3-B596-0D21530851CC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{E53D915E-FA13-4B9E-B414-34F1BCC2097C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{F2849ED9-C09D-472D-991A-D134A0FD780A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "TCP Query User{14F2C1A0-69B8-4078-8D0D-CD42FC7AE10C}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
    "TCP Query User{5E7B79B1-C51D-402E-AFCA-A91A9CFBF05A}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "UDP Query User{8EA2DC27-FF1B-4AA0-962F-68C8205382D6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "UDP Query User{F9FAFD8E-FDA2-4EF6-A2C5-BEF0028B5BA0}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
    "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
    "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
    "{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PlayMemories Home Plug-in
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{1C6B6716-84AC-412A-A296-247D41EBB7FB}" = Setup_msm_VCMS_x64
    "{259FD439-13B0-0136-D0A0-FA89BB05831D}" = ccc-utility64
    "{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
    "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5BC83141-83DD-07BE-C940-04B385540F04}" = ATI Catalyst Install Manager
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6B7DE186-374B-4873-AEC1-7464DA337DD6}" = VU5x64
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{725D5BA4-E9FA-452B-8CF5-D7E5F8055C71}" = VAIO Content Metadata Intelligent Network Service Manager
    "{7ECD4ACB-E1B6-425B-B8AA-5761A59B77E0}" = Setup_VEP_x64_Contain_SSDB
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{8FE3CF66-4484-4D39-B47D-DEBBA173619D}" = VAIO Content Metadata Manager Settings
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{97C58294-36D8-4594-8A49-7AB4AE096504}" = VAIO Content Metadata XML Interface Library
    "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
    "{A39AE3AE-9808-39D2-AB7B-FF5F0335095E}" = Microsoft .NET Framework 4 Extended FRA Language Pack
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{BAD9A7B0-FA18-4247-A6F5-BDCF64B40C4C}" = VAIO Personalization Manager
    "{BFBE6E95-5724-47EC-85A0-74D436AD938F}" = Windows Live Family Safety
    "{C69A835B-67A5-4542-AD24-FE36E3140BA9}" = Setup_msm_VOFS_x64
    "{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
    "{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
    "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}" = VAIO Care
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
    "{F8B40DB4-FD07-4368-AA57-34F2B0839683}" = VAIO Content Metadata Intelligent Analyzing Manager
    "2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB" = Package de pilotes Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
    "3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
    "930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
    "CCleaner" = CCleaner
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
    "Microsoft Security Client" = Microsoft Security Essentials
    "SynTPDeinstKey" = Synaptics Pointing Device Driver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works
    "{0489D044-6386-4BDF-9F98-577D60CF79DD}" = VAIO Entertainment Platform
    "{04EAE65A-CDCF-480F-B754-5C3A9364239C}" = Paramètres des fonctions d'origine VAIO
    "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
    "{06C05B90-2127-4933-8ABA-61833BDE13FA}" = Paramètres de contrôle du contenu VAIO
    "{07B7598E-1FB8-1A95-7A30-F534A55726B4}" = CCC Help Czech
    "{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
    "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{13EC74A6-4707-4D26-B9B9-E173403F3B08}" = Quick Web Access
    "{159E5135-4BEA-52B7-8CDC-823F1ED6D8A5}" = CCC Help Spanish
    "{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = bProtector for Windows
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{2110ECBD-BF15-4673-8852-8C68DDEB26AC}" = Media Gallery
    "{265F0D95-A883-7162-0458-B78085B6B693}" = Catalyst Control Center Graphics Light
    "{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 38
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
    "{35111E7A-03B9-25EC-F434-A1CD976907FC}" = CCC Help Chinese Traditional
    "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{427E8AD0-A4B1-D225-836E-CCB6068B490A}" = CCC Help French
    "{44D25B45-5C0E-2187-6739-E2FA0E8AFE1D}" = CCC Help Portuguese
    "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A221E47-E361-45C3-886A-7B2D7AD0E5AA}" = SOHLib Merge Module
    "{4E6DF745-C99E-909F-BCF0-B7C24A51E56E}" = CCC Help Japanese
    "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
    "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
    "{5736590B-36C7-4881-5EBE-F9B390F00774}" = Catalyst Control Center Core Implementation
    "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = Outil de restauration de données VAIO
    "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
    "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
    "{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = Prise en charge du transfert VAIO
    "{61F569A3-1647-B6F4-08C8-40A011831827}" = CCC Help English
    "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
    "{64D114CE-4234-45C2-B60A-2B07D5A48F72}" = Microsoft Works 7.0
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6A3F204B-323C-7E32-F890-A7308768728D}" = CCC Help Russian
    "{6AA8FB9F-A36E-4232-A1ED-86B2A177C35E}" = PlayMemories Home/PMB VAIO Edition Plug-in 3D Theme Data
    "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
    "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
    "{7002773F-2A53-E9F2-E161-DB3DDA0F05BE}" = CCC Help Hungarian
    "{70991E0A-1108-437E-BA7D-085702C670C0}" =
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
    "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
    "{76DECE17-BCF5-9640-2854-3CA049834A40}" = CCC Help Chinese Standard
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7A63F0C4-6B2B-694C-ED72-D0670612BC29}" = CCC Help Swedish
    "{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
    "{803E4FA5-A940-4420-B89D-A8BC2E160247}" = Gestion de l’alimentation de VAIO
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
    "{88001121-87E2-2104-F9F5-ECC15DFCA1E0}" = Catalyst Control Center Graphics Full Existing
    "{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = OLYMPUS ib
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
    "{8EB34C0B-AF54-F265-844C-3E6FA9AE2FCD}" = CCC Help German
    "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
    "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
    "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
    "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
    "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
    "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
    "{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
    "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{935B5086-C002-0FBC-0723-5741D2478EE7}" = Catalyst Control Center InstallProxy
    "{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = Internet 3G+ Bouygues Telecom
    "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
    "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9C73041C-AB71-995D-EEC7-B4E940F93F36}" = CCC Help Finnish
    "{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
    "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
    "{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
    "{A6B90666-2A1F-49E8-A40E-27EAAD11C096}" = Sony Home Network Library
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
    "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
    "{A8D53A4E-77A1-E23E-A396-6D9C86A2F273}" = Catalyst Control Center Graphics Full New
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
    "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
    "{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
    "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
    "{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
    "{BFF37C6E-D735-4487-390C-271E030AA62C}" = CCC Help Italian
    "{C2E171F6-9B58-4CE1-7B8B-B69FA04EBAB8}" = Catalyst Control Center Graphics Previews Vista
    "{C459D829-0FF0-C210-B2BF-83DB63FC1D61}" = CCC Help Korean
    "{C5529BC1-C2BF-44E8-B62A-01913D70081C}" = Catalyst Control Center - Branding
    "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
    "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
    "{C83B7CBB-C736-BF46-9832-7A9D07E9D94C}" = CCC Help Polish
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D49989B0-7BC2-F7F1-8017-3257F617347A}" = Catalyst Control Center Graphics Previews Common
    "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
    "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
    "{D6DEC295-88A0-5CFA-0B29-C8FDF091FFD3}" = CCC Help Dutch
    "{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
    "{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
    "{DF693121-40C0-3020-D655-612E51616423}" = CCC Help Danish
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{EBDDC3CC-343A-C0DD-79BA-8A12D0A2CA10}" = CCC Help Turkish
    "{ECF0D151-BCA0-8E6D-62DB-5D44DB4A3836}" = CCC Help Thai
    "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F1B95046-E9DA-CFEC-42A8-C8224646AA32}" = ccc-core-static
    "{F30FE437-0E45-D409-F629-5D86960A6591}" = CCC Help Norwegian
    "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
    "{F5CC9A13-6C57-4948-75A8-3A2C92A3183B}" = Catalyst Control Center Localization All
    "{F67C14C0-D73E-C55B-E132-B1904A1A709C}" = CCC Help Greek
    "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
    "{F7E8DD1D-9BFD-38BB-86A5-BEF313B00C51}" = Catalyst Control Center InstallProxy
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
    "{F9395F3D-4198-476C-8C41-63D0B5B51E35}" = PlayMemories Home/PMB VAIO Edition Plug-in Ver.2.2 Upgrade Program
    "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
    "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Google Chrome" = Google Chrome
    "InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
    "InstallShield_{6AA8FB9F-A36E-4232-A1ED-86B2A177C35E}" = PlayMemories Home/PMB VAIO Edition Plug-in 3D Theme Data
    "InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
    "InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}" = OLYMPUS ib
    "InstallShield_{F9395F3D-4198-476C-8C41-63D0B5B51E35}" = VAIO - PlayMemories Home Plug-in
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
    "MarketingTools" = VAIO Marketing Tools
    "Mozilla Firefox 18.0 (x86 fr)" = Mozilla Firefox 18.0 (x86 fr)
    "PROPLUS" = Microsoft Office Professional Plus 2007
    "Reverso Toolbar" = Reverso Toolbar
    "splashtop" = Quick Web Access
    "VAIO Premium Partners" = VAIO Premium Partners
    "VAIO screensaver" = VAIO screensaver
    "WinLiveSuite" = Windows Live
    "Yahoo! Companion" = Yahoo! Toolbar

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{79A765E1-C399-405B-85AF-466F52E918B0}" = système de mise à jour de Ask Toolbar Updater
    "IadahToolbar" = Iadah Toolbar

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 19/01/2012 06:09:17 | Computer Name = doudou | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ».
    Assembly
    dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 31/01/2012 20:09:20 | Computer Name = doudou | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « c:\program files
    (x86)\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste
    ou de stratégie « c:\program files (x86)\spybot - search & destroy\DelZip179.dll »
    à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity »
    n’est pas valide.

    Error - 31/01/2012 20:09:31 | Computer Name = doudou | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ».
    Assembly
    dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 03/02/2012 16:09:22 | Computer Name = doudou | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « c:\program files
    (x86)\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste
    ou de stratégie « c:\program files (x86)\spybot - search & destroy\DelZip179.dll »
    à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity »
    n’est pas valide.

    Error - 03/02/2012 16:09:34 | Computer Name = doudou | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ».
    Assembly
    dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error - 05/02/2012 07:31:09 | Computer Name = doudou | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Échec de l’extraction de la liste racine tierce depuis le fichier
    CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update...;
    avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
    la vérification par rapport à l’horloge système en cours ou le tampon daté dans
    le fichier signé. .

    Error - 05/02/2012 07:31:09 | Computer Name = doudou | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Échec de l’extraction de la liste racine tierce depuis le fichier
    CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update...;
    avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
    la vérification par rapport à l’horloge système en cours ou le tampon daté dans
    le fichier signé. .

    Error - 05/02/2012 07:31:24 | Computer Name = doudou | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Échec de l’extraction de la liste racine tierce depuis le fichier
    CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update...;
    avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
    la vérification par rapport à l’horloge système en cours ou le tampon daté dans
    le fichier signé. .

    Error - 06/02/2012 07:15:58 | Computer Name = doudou | Source = SideBySide | ID = 16842815
    Description = La création du contexte d’activation a échoué pour « c:\program files
    (x86)\spybot - search & destroy\DelZip179.dll ». Erreur dans le fichier de manifeste
    ou de stratégie « c:\program files (x86)\spybot - search & destroy\DelZip179.dll »
    à la ligne 8. La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity »
    n’est pas valide.

    Error - 06/02/2012 07:16:10 | Computer Name = doudou | Source = SideBySide | ID = 16842785
    Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ».
    Assembly
    dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
    introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

    [ Media Center Events ]
    Error - 08/07/2011 05:30:14 | Computer Name = doudou | Source = MCUpdate | ID = 0
    Description = 11:30:14 - Échec de la récupération de Directory (Erreur : Impossible
    de se connecter au serveur distant)

    Error - 08/07/2011 05:32:11 | Computer Name = doudou | Source = MCUpdate | ID = 0
    Description = 11:31:42 - Échec de la récupération de ClientUpdate (Erreur : La connexion
    sous-jacente a été fermée : Impossible d'établir une relation de confiance pour
    le canal sécurisé SSL/TLS.)

    Error - 30/07/2011 13:30:59 | Computer Name = doudou | Source = MCUpdate | ID = 0
    Description = 19:30:59 - Erreur de connexion à Internet. 19:30:59 - Impossible
    de contacter le service..

    Error - 30/07/2011 13:31:19 | Computer Name = doudou | Source = MCUpdate | ID = 0
    Description = 19:31:08 - Erreur de connexion à Internet. 19:31:08 - Impossible
    de contacter le service..

    Error - 12/08/2011 07:10:28 | Computer Name = doudou | Source = MCUpdate | ID = 0
    Description = 13:10:28 - Erreur de connexion à Internet. 13:10:28 - Impossible
    de contacter le service..

    Error - 12/08/2011 07:10:43 | Computer Name = doudou | Source = MCUpdate | ID = 0
    Description = 13:10:33 - Erreur de connexion à Internet. 13:10:33 - Impossible
    de contacter le service..

    Error - 30/08/2011 05:35:07 | Computer Name = doudou | Source = MCUpdate | ID = 0
    Description = 11:35:07 - Erreur de connexion à Internet. 11:35:07 - Impossible
    de contacter le service..

    Error - 30/08/2011 05:35:17 | Computer Name = doudou | Source = MCUpdate | ID = 0
    Description = 11:35:13 - Erreur de connexion à Internet. 11:35:13 - Impossible
    de contacter le service..

    Error - 04/09/2011 17:24:57 | Computer Name = doudou | Source = MCUpdate | ID = 0
    Description = 23:24:57 - Erreur de connexion à Internet. 23:24:57 - Impossible
    de contacter le service..

    Error - 10/09/2011 11:12:09 | Computer Name = doudou | Source = MCUpdate | ID = 0
    Description = 17:12:05 - Erreur de connexion à Internet. 17:12:05 - Impossible
    de contacter le service..

    [ OSession Events ]
    Error - 16/11/2010 07:10:37 | Computer Name = doudou | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
    seconds with 0 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 13/01/2013 04:52:01 | Computer Name = doudou | Source = Service Control Manager | ID = 7023
    Description = Le service Serveur s’est arrêté avec l’erreur : %%14

    Error - 13/01/2013 13:17:16 | Computer Name = doudou | Source = Service Control Manager | ID = 7009
    Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
    l’attente de la connexion du service Roxio Upnp Server 10.

    Error - 15/01/2013 06:12:10 | Computer Name = doudou | Source = Service Control Manager | ID = 7009
    Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
    l’attente de la connexion du service Roxio Upnp Server 10.

    Error - 15/01/2013 06:30:28 | Computer Name = doudou | Source = Microsoft Antimalware | ID = 2004
    Description = %%860 a rencontré une erreur lors de la tentative de chargement des
    signatures et va essayer de revenir à un jeu de signatures correct. Signatures essayées :
    %%824 Code d'erreur : 0x80070002 Description de l'erreur : Le fichier spécifié est
    introuvable. Version des signatures : 1.141.3833.0;1.141.3833.0 Version du moteur :
    1.1.9002.0

    Error - 15/01/2013 06:30:59 | Computer Name = doudou | Source = Service Control Manager | ID = 7009
    Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
    l’attente de la connexion du service Roxio Upnp Server 10.

    Error - 16/01/2013 06:40:52 | Computer Name = doudou | Source = Service Control Manager | ID = 7009
    Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
    l’attente de la connexion du service Roxio Upnp Server 10.

    Error - 16/01/2013 06:43:21 | Computer Name = doudou | Source = Service Control Manager | ID = 7024
    Description = Le service Windows Search s’est arrêté avec l’erreur service particulière
    %%-1073473535.

    Error - 16/01/2013 06:43:21 | Computer Name = doudou | Source = Service Control Manager | ID = 7031
    Description = Le service Windows Search s’est terminé de manière inattendue. Ceci
    s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000
    millisecondes : Redémarrer le service.

    Error - 16/01/2013 13:44:24 | Computer Name = doudou | Source = Service Control Manager | ID = 7009
    Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
    l’attente de la connexion du service Roxio Upnp Server 10.

    Error - 17/01/2013 06:31:29 | Computer Name = doudou | Source = Service Control Manager | ID = 7009
    Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
    l’attente de la connexion du service Roxio Upnp Server 10.


    < End of report >
    voici ce que j'ai recu
    Merci

    hyunkel30 a dit :
    Re,

    Je t'ai fournis une procédure pour que je puisse diagnostiquer, je ne t'ai absolument pas demander de formater ton pc non ?

    Alors effectue la procédure et fournis-moi les rapports demandé.

    :jap: 


    m
    0
    l
    a c 547 8 Sécurité
    17 Janvier 2013 15:40:10

    Re,

    Il manque le rapport OTL.txt, et de plus, je t'avais demandé pour plus de facilité et lisibilité de les héberger :

  • Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu dans ta réponse.
    Une aide à l'utilisation ici


    Donc merci d'héberger comme le montre le tutoriel le rapport OTL.txt qui doit ce trouver sur ton bureau et Extra.txt que tu viens de me fournir.

    :jap: 
    m
    0
    l
    17 Janvier 2013 18:59:23

    Bonsoir,
    Oh c'est pas facil j'ai éssayer de mêtre le raport comme tu me la demandé dans service de raport en ligne,mais dès que je fait envoyer internet se déconecte. j'arive pas c'est dur dur...j'ai fait plusieurs fois sans résulta, ....
    Merci


    hyunkel30 a dit :
    Re,

    Il manque le rapport OTL.txt, et de plus, je t'avais demandé pour plus de facilité et lisibilité de les héberger :

  • Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu dans ta réponse.
    Une aide à l'utilisation ici


    Donc merci d'héberger comme le montre le tutoriel le rapport OTL.txt qui doit ce trouver sur ton bureau et Extra.txt que tu viens de me fournir.

    :jap: 


    m
    0
    l
    a c 547 8 Sécurité
    17 Janvier 2013 19:32:57

    Re,

    à ce moment là, tu copies les deux rapports sur un clé usb par exemple, et tu transfères sur un autre pc pour effectuer la manœuvre pour les héberger.

    Sans le second rapport OTL.txt, je ne peux rien faire pour le moment.

    :jap: 
    m
    0
    l
    17 Janvier 2013 19:36:32

    OH merci je vais de ce pas voir sur un autre ordi ....
    hyunkel30 a dit :
    Re,

    à ce moment là, tu copies les deux rapports sur un clé usb par exemple, et tu transfères sur un autre pc pour effectuer la manœuvre pour les héberger.

    Sans le second rapport OTL.txt, je ne peux rien faire pour le moment.

    :jap: 


    m
    0
    l
    17 Janvier 2013 19:42:06

    Oh j'ai demander à une amie d'utiliser son pc et mêttre ma clé usb et les fichiers, elle me demande si son pc ne sera pas viruler du faite que je rentre mes donnés.
    Merci
    m
    0
    l
    a c 547 8 Sécurité
    17 Janvier 2013 21:26:06

    Re,

    Je n'ai pas vu le rapport OTL.txt donc je ne peux l’assurer à 100% selon le type d'infection, si ton problème en est bien une d'infection.
    Mais vu les symptômes, je ne pense pas que cela soit un ver transmissible via support amovibles.

    Pour éviter les risque, une fois la clé usb connectée, ne fais pas un double-clic pour l'ouvrir, mais un clic-droit dessus -> "ouvrir"

    :jap: 

    m
    0
    l
    18 Janvier 2013 12:45:24

    Bonjour,
    Alors j'ai mis les documents sur la clé usb, oh j'ai ouver le lien pour le déposer comme tu l'indique, mais voila dès que je fait envoyer j'ai le même problème sur l'ordi de mon amie il me dit EREUR et la page se ferme et se déconect, c'est délir ,
    Merci de ta patience, on va y arrivé.
    m
    0
    l
    18 Janvier 2013 14:32:02

    je pense que oui..j'ai éssayer plusieur fois en prenant en compte tes instructions, voila ce que dit quand je fait envoyer: error programe c:/program files(x86) safari exe
    m
    0
    l
    a c 547 8 Sécurité
    18 Janvier 2013 16:05:17

    Re,

    Mais là, ce que tu me dis, c'est que tu essaye de poster l'exécutable du navigateur safari ... pas le fichier OTL.txt ...

    Franchement, je comprends pas ce que tu fais ...
    Une fois sur la page d'upload :
    http://security-x.fr/up/

    Il n'y a qu'à cliquer sur "parcourir", choisir le fichier texte à envoyer, donc OTL.txt, puis valider et cliquer sur "envoi" ... si tu ne peux pas faire cela, je comprend rien moi ...

    Ou alors il me faut plus d'informations !
    M'expliquer en détails ce que tu fais par exemple.
    m
    0
    l
    18 Janvier 2013 18:00:19

    Bin je clic sur le lien: rapport en ligne, que tu m'indique audessu, je choisi le fichier OTL;TXT qui et sur mon bureau et je fait envoyer et la ca beug.
    m
    0
    l
    18 Janvier 2013 18:18:25

    Re et je fais la même chose sur le pc de mon amis apart que je vais chercher le fichier dans la clé usb.
    Merci
    m
    0
    l
    a c 547 8 Sécurité
    18 Janvier 2013 19:03:44

    Re,

    Tu es certains que c'est le fichier texte OTL.txt et pas l'exécutable OTL.exe que tu essayes d'envoyer ?
    Si tu l'ouvres toi ce rapport, il s'ouvre normalement avec le bloc-note et contient un rapport texte ?
    m
    0
    l
    18 Janvier 2013 19:14:23

    Bin j'avoue que je comprend pas, je suis pas une pro de l'ordi mais bon, j'essais de comprendre dur dur.
    Je t'envois un extrai du fichier OTL;Txt, je pense que c'est ça.
    je vais y arrivé....
    m
    0
    l
    18 Janvier 2013 19:16:45

    OTL logfile created on: 17/01/2013 14:30:26 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sodel\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,86 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 46,60% Memory free
    7,71 Gb Paging File | 5,14 Gb Available in Paging File | 66,70% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 455,15 Gb Total Space | 312,10 Gb Free Space | 68,57% Space Free | Partition Type: NTFS

    Computer Name: DOUDOU | User Name: sodel | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
    m
    0
    l
    a c 547 8 Sécurité
    18 Janvier 2013 19:33:10

    Re,

    Ben oui, c'est bon ...

    Bien, on fait autrement, tu me copies ce rapport ici, mais coupe-le en deux réponses, il ne passera surement pas sur une seule. ;) 
    m
    0
    l
    18 Janvier 2013 19:55:57

    oh chouette....
    le Voic
    i OTL logfile created on: 17/01/2013 14:30:26 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sodel\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,86 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 46,60% Memory free
    7,71 Gb Paging File | 5,14 Gb Available in Paging File | 66,70% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 455,15 Gb Total Space | 312,10 Gb Free Space | 68,57% Space Free | Partition Type: NTFS

    Computer Name: DOUDOU | User Name: sodel | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/01/17 14:25:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sodel\Desktop\OTL.exe
    PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2012/10/12 14:02:44 | 000,054,760 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
    PRC - [2012/08/06 13:27:08 | 000,062,464 | ---- | M] () -- C:\Program Files\Sony\VAIO Care\listener.exe
    PRC - [2012/07/12 22:10:31 | 001,677,304 | ---- | M] (bProtector) -- C:\ProgramData\bProtectorForWindows\2.1.419.7\bProtect.exe
    PRC - [2012/06/06 20:33:42 | 001,564,872 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
    PRC - [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exe
    PRC - [2012/04/24 20:18:16 | 000,014,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
    PRC - [2011/12/29 16:10:08 | 000,960,160 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    PRC - [2011/12/21 13:15:06 | 000,550,128 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
    PRC - [2010/11/20 13:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
    PRC - [2010/10/25 17:55:26 | 000,387,896 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
    PRC - [2010/10/12 15:52:48 | 000,423,280 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
    PRC - [2010/09/30 11:47:44 | 000,093,360 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\Olympus\ib\olycamdetect.exe
    PRC - [2010/09/10 08:47:30 | 000,108,400 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
    PRC - [2010/09/10 08:47:30 | 000,099,696 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
    PRC - [2010/09/10 08:47:30 | 000,067,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
    PRC - [2010/05/28 10:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
    PRC - [2009/12/14 21:06:24 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2009/12/14 21:06:08 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2009/12/01 22:03:52 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
    PRC - [2009/11/21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2009/11/21 00:25:22 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe
    PRC - [2009/10/15 14:17:10 | 000,072,192 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Media Gallery\ElbServer.exe
    PRC - [2009/08/26 19:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
    PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/01/10 08:03:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
    MOD - [2013/01/10 08:02:34 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
    MOD - [2013/01/10 08:02:24 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
    MOD - [2013/01/10 08:02:05 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
    MOD - [2013/01/10 08:01:58 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
    MOD - [2013/01/10 08:01:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
    MOD - [2013/01/10 08:01:52 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
    MOD - [2013/01/10 08:01:44 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
    MOD - [2012/08/06 13:27:08 | 000,062,464 | ---- | M] () -- C:\Program Files\Sony\VAIO Care\listener.exe
    MOD - [2012/07/12 22:10:31 | 002,004,472 | ---- | M] () -- c:\ProgramData\bProtectorForWindows\2.1.419.7\protector.dll
    MOD - [2012/04/24 20:18:24 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll
    MOD - [2012/04/24 20:18:06 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll
    MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2010/11/13 01:54:34 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2012/10/26 09:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
    SRV:64bit: - [2012/10/12 14:02:44 | 000,054,760 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
    SRV:64bit: - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV:64bit: - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV:64bit: - [2012/08/06 13:27:08 | 000,156,672 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
    SRV:64bit: - [2011/12/21 13:15:06 | 000,550,128 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
    SRV:64bit: - [2011/12/01 10:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
    SRV:64bit: - [2011/08/26 18:47:26 | 000,101,600 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
    SRV:64bit: - [2010/10/25 17:55:26 | 000,387,896 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
    SRV:64bit: - [2010/10/08 07:55:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2010/08/11 08:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
    SRV:64bit: - [2009/11/30 19:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
    SRV:64bit: - [2009/09/04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
    SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2013/01/17 12:06:55 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012/07/12 22:10:31 | 001,677,304 | ---- | M] (bProtector) [Auto | Running] -- C:\ProgramData\bProtectorForWindows\2.1.419.7\bProtect.exe -- (bProtector)
    SRV - [2012/03/30 12:26:52 | 000,237,328 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\SONY\MSS\3.0.271\McCHSvc.exe -- (McComponentHostServiceSony)
    SRV - [2011/12/29 16:10:08 | 000,960,160 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
    SRV - [2010/10/12 15:52:48 | 000,423,280 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
    SRV - [2010/09/27 15:13:26 | 000,074,496 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
    SRV - [2010/09/10 08:47:30 | 000,108,400 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
    SRV - [2010/09/10 08:47:30 | 000,067,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
    SRV - [2010/05/28 10:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
    SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2009/12/14 21:06:24 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2009/12/14 21:06:08 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2009/11/21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
    SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
    SRV - [2009/08/31 01:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
    SRV - [2009/08/31 01:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
    SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/08/02 15:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
    DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2010/11/06 22:24:34 | 000,024,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
    DRV:64bit: - [2010/10/08 07:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
    DRV:64bit: - [2010/10/08 07:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2010/10/08 07:55:08 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2010/08/24 12:59:10 | 000,021,200 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TVicHW64.sys -- (TVICHW64)
    DRV:64bit: - [2010/04/16 10:56:26 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
    DRV:64bit: - [2010/04/16 10:56:26 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
    DRV:64bit: - [2010/04/16 10:56:26 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
    DRV:64bit: - [2010/04/16 10:56:26 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
    DRV:64bit: - [2010/04/16 10:56:22 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
    DRV:64bit: - [2010/04/16 10:56:22 | 000,116,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
    DRV:64bit: - [2010/04/16 10:56:22 | 000,113,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
    DRV:64bit: - [2010/04/07 11:46:56 | 000,119,680 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jrdusbser.sys -- (jrdusbser)
    DRV:64bit: - [2009/12/16 21:03:59 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2009/12/16 21:03:04 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/12/16 05:04:17 | 000,293,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2009/12/16 03:49:48 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
    DRV:64bit: - [2009/12/14 21:06:07 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
    DRV:64bit: - [2009/11/21 00:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009/11/18 05:30:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
    DRV:64bit: - [2009/11/18 05:30:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
    DRV:64bit: - [2009/11/18 05:30:32 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
    DRV:64bit: - [2009/11/18 05:30:21 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
    DRV:64bit: - [2009/11/18 05:23:46 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
    DRV:64bit: - [2009/11/13 21:08:21 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
    DRV:64bit: - [2009/11/12 21:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/11/12 21:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009/11/06 21:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
    DRV:64bit: - [2009/09/15 21:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
    DRV:64bit: - [2009/09/09 10:13:26 | 000,024,208 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\OlyCamComm.sys -- (OlyCamComm)
    DRV:64bit: - [2009/08/19 21:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
    DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
    DRV:64bit: - [2009/05/20 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
    IE - HKLM\..\URLSearchHook: {09a07b02-f491-4b6b-bfc9-684a624f4f3b} - C:\Program Files (x86)\Reverso\prxtbReve.dll (Conduit Ltd.)
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://search.chatzum.com/?q={searchTerms}


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?AF=114022&babsrc=HP_ss&mntrI...
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVEC&bmod...
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 04 00 E1 02 0F 00 00 00 C0 83 E4 08 01 00 00 80 06 00 E1 02 00 00 00 00 [binary data]
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/?pc=UP22&ocid=UP22DHP&dt=121312
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 05 1E F1 5D 8E 18 CB 01 [binary data]
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\URLSearchHook: {09a07b02-f491-4b6b-bfc9-684a624f4f3b} - C:\Program Files (x86)\Reverso\prxtbReve.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{0518788A-CCBF-4692-94BF-699149542776}: "URL" = http://fr.shopping.com/?linkin_id=8056351
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2EAA}: "URL" = http://www.pucuy.com/google?q={searchTerms}&sa=Search&cx=partner-pub-3546861938806019:fn51rv5o9ne&cof=FORID%3A10&ie=UTF-8&hl=fr
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=114022&babsrc=SP_ss&mntrId=40135f010000000000007edd08d2cb0d
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=10...{searchTerms}&locale=fr_FR&apn_ptnrs=U3&apn_dtid=YYYYYYYYFR&apn_uid=43E589CF-08A7-4794-BEC4-DFA0D775F97F&apn_sauid=AD0F055E-D329-4CE5-B096-0877F5EA9E1E
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{3A77527F-768A-43F6-A555-599DFFF0E82D}: "URL" = http://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=12131...{searchTerms}&src=IE-SearchBox
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{46141E25-AEC0-4166-9614-D10E16B34088}: "URL" = http://rover.ebay.com/rover/1/709-42536-16445-8/4?satit...{searchTerms}
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{74B8EB84-F847-4FF0-8981-998C5391DC7D}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2089011
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzum.com/?q={SearchTerms}
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{D377DC55-5FA5-48B8-801D-DD33217A80DC}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC_frFR385
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{f3d17ef2-8118-4fa3-afea-bb2e18a69054}: "URL" = http://www.iadah.com/web?search&q={searchTerms}
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{FA953F54-BAED-4E17-B370-B1524B0D23C2}: "URL" = http://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Bing "
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.order.3: "Bing "
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.search.suggest.enabled: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "about:home"
    FF - prefs.js..extensions.enabledAddons: geekck%40facebook.com:1.0
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
    FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=12131..."


    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/08 22:23:32 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\bProtectorForWindows\2.1.419.7\FirefoxExtension [2012/07/12 22:10:32 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Users\sodel\AppData\Roaming\Mozilla\Firefox\Profiles/oz5zy675.default\extensions\specialsavings@superfish.com [2012/07/12 22:14:46 | 000,000,000 | ---D | M]

    [2012/01/06 11:42:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sodel\AppData\Roaming\mozilla\Extensions
    [2012/11/24 12:06:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sodel\AppData\Roaming\mozilla\Firefox\Profiles\oz5zy675.default\extensions
    [2012/07/12 22:14:46 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\sodel\AppData\Roaming\mozilla\Firefox\Profiles\oz5zy675.default\extensions\specialsavings@superfish.com
    [2012/07/09 21:53:17 | 000,028,342 | ---- | M] () (No name found) -- C:\Users\sodel\AppData\Roaming\mozilla\firefox\profiles\oz5zy675.default\extensions\geekck@facebook.com.xpi
    [2012/11/24 12:06:11 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\sodel\AppData\Roaming\mozilla\firefox\profiles\oz5zy675.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2012/09/18 20:03:56 | 000,002,396 | ---- | M] () -- C:\Users\sodel\AppData\Roaming\mozilla\firefox\profiles\oz5zy675.default\searchplugins\askcom.xml
    [2012/12/13 14:52:09 | 000,002,402 | ---- | M] () -- C:\Users\sodel\AppData\Roaming\mozilla\firefox\profiles\oz5zy675.default\searchplugins\bingp.xml
    [2012/04/18 18:19:49 | 000,002,311 | ---- | M] () -- C:\Users\sodel\AppData\Roaming\mozilla\firefox\profiles\oz5zy675.default\searchplugins\bProtect.xml
    [2013/01/13 11:30:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2013/01/08 22:12:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2012/06/27 19:05:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
    [2012/10/21 08:06:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
    [2013/01/13 11:30:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
    [2013/01/05 04:44:54 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2013/01/05 15:48:07 | 000,001,609 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
    [2012/07/12 22:27:26 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    [2013/01/05 15:48:08 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012/07/12 22:27:26 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bProtect.xml
    [2013/01/05 15:48:08 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2013/01/05 15:48:08 | 000,001,476 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
    [2013/01/05 15:48:08 | 000,001,399 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2013/01/05 15:48:08 | 000,001,169 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

    ========== Chrome ==========

    CHR - homepage: http://search.iminent.com/?appId=7C5F7E27-75AB-4A11-808...
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:o riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
    CHR - homepage: http://search.iminent.com/?appId=7C5F7E27-75AB-4A11-808...
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
    CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
    CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: YouTube = C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
    CHR - Extension: Recherche Google = C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
    CHR - Extension: New Tab = C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn\1.0.1_0\
    CHR - Extension: ChatZum.com - Easy Pictures zoom = C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.9_0\
    CHR - Extension: Gmail = C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

    O1 HOSTS File: ([2012/09/27 21:47:42 | 000,443,881 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 127.0.0.1 123fporn.info
    O1 - Hosts: 15244 more lines...
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (Reverso Toolbar) - {09a07b02-f491-4b6b-bfc9-684a624f4f3b} - C:\Program Files (x86)\Reverso\prxtbReve.dll (Conduit Ltd.)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3 - HKLM\..\Toolbar: (Reverso Toolbar) - {09a07b02-f491-4b6b-bfc9-684a624f4f3b} - C:\Program Files (x86)\Reverso\prxtbReve.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Iadah Toolbar) - {3EA8D036-C9E7-4721-BCDF-C13D00C4CC39} - C:\Program Files (x86)\DevNet\Toolbar\DevNet.dll (DevNet)
    O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O3 - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\Toolbar\WebBrowser: (Reverso Toolbar) - {09A07B02-F491-4B6B-BFC9-684A624F4F3B} - C:\Program Files (x86)\Reverso\prxtbReve.dll (Conduit Ltd.)
    O3 - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
    O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
    O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [Olympus ib] C:\Program Files (x86)\Olympus\ib\olycamdetect.exe (OLYMPUS IMAGING CORP.)
    O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-2092922797-57936793-2661065244-1000..\Run: [Bubble Dock] "C:\Users\sodel\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup File not found
    O4 - HKU\S-1-5-21-2092922797-57936793-2661065244-1000..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation)
    O4 - HKU\S-1-5-21-2092922797-57936793-2661065244-1000..\Run: [Olympus ib] C:\Program Files (x86)\Olympus\ib\olycamdetect.exe (OLYMPUS IMAGING CORP.)
    O4 - HKU\S-1-5-21-2092922797-57936793-2661065244-1000..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
    O4 - HKU\S-1-5-21-2092922797-57936793-2661065244-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O8:64bit: - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
    O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-wind... (Java Plug-in 1.6.0_16)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-wind... (Java Plug-in 1.6.0_38)
    O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-wind... (Java Plug-in 1.6.0_38)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_38-wind... (Java Plug-in 1.6.0_38)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A86C8BE-5595-404D-BB68-F81A7A1BB037}: DhcpNameServer = 212.27.40.240 212.27.40.241
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DB63988-98C6-4312-8B36-AA4B2FAA958F}: DhcpNameServer = 192.168.0.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D61CA8A8-A9C5-4B05-8B5C-1FF6CD0702CA}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD48514C-F673-4A77-B13B-83B6F16C205A}: DhcpNameServer = 212.27.40.240 212.27.40.241
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\livecall - No CLSID value found
    O18 - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (c:\progra~3\bprote~1\21419~1.7\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.1.419.7\protector.dll ()
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{02517a38-8c5f-11df-8083-506313b1c413}\Shell - "" = AutoRun
    O33 - MountPoints2\{02517a38-8c5f-11df-8083-506313b1c413}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{02517a4b-8c5f-11df-8083-506313b1c413}\Shell - "" = AutoRun
    O33 - MountPoints2\{02517a4b-8c5f-11df-8083-506313b1c413}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{414a6d73-9e6e-11df-b229-54424909f7df}\Shell - "" = AutoRun
    O33 - MountPoints2\{414a6d73-9e6e-11df-b229-54424909f7df}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{9a5b3ae2-7590-11e1-bdd3-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{9a5b3ae2-7590-11e1-bdd3-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe
    O33 - MountPoints2\{ab00c344-0c25-11e0-b250-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{ab00c344-0c25-11e0-b250-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{c1838da3-c476-11e0-80d3-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{c1838da3-c476-11e0-80d3-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{c1838de7-c476-11e0-80d3-506313b1c413}\Shell - "" = AutoRun
    O33 - MountPoints2\{c1838de7-c476-11e0-80d3-506313b1c413}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Install.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

    ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX:64bit: >{09B305BD-C0B7-4C97-8270-5BB5CBA4D06F} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
    ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
    ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    m
    0
    l
    18 Janvier 2013 19:57:17

    et de 2:

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/01/17 14:24:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\sodel\Desktop\OTL.exe
    [2013/01/17 14:11:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nosibay
    [2013/01/17 14:10:10 | 000,000,000 | ---D | C] -- C:\Users\sodel\AppData\Roaming\Nosibay
    [2013/01/17 12:06:55 | 000,697,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2013/01/17 12:06:54 | 000,074,248 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2013/01/17 12:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
    [2013/01/15 15:24:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2013/01/15 15:24:13 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2013/01/15 15:24:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2013/01/13 11:30:35 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
    [2013/01/13 11:30:35 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
    [2013/01/13 11:30:35 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
    [2013/01/10 07:28:26 | 000,000,000 | ---D | C] -- C:\84ec06e45407208514a5608750
    [2013/01/10 07:16:34 | 000,000,000 | ---D | C] -- C:\95772c92cc11c857a94b752bcd99
    [2013/01/09 09:45:11 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
    [2013/01/09 09:45:11 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
    [2013/01/09 09:44:52 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
    [2013/01/09 09:44:50 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
    [2013/01/09 09:44:39 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
    [2013/01/09 09:44:39 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
    [2013/01/09 09:44:39 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
    [2013/01/09 09:44:39 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
    [2013/01/09 09:44:39 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
    [2013/01/09 09:44:39 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
    [2013/01/09 09:44:39 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
    [2013/01/09 09:44:39 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
    [2013/01/09 09:44:39 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
    [2013/01/09 09:44:39 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
    [2013/01/09 09:44:39 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
    [2013/01/09 09:44:39 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
    [2013/01/09 09:44:39 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
    [2013/01/09 09:44:39 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
    [2013/01/09 09:44:39 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
    [2013/01/09 09:44:38 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
    [2013/01/09 09:44:38 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
    [2013/01/09 09:44:38 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
    [2013/01/09 09:44:38 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
    [2013/01/09 09:44:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
    [2013/01/09 09:44:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
    [2013/01/09 09:44:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
    [2013/01/09 09:44:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
    [2013/01/09 09:44:37 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
    [2013/01/09 09:44:36 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
    [2013/01/09 09:44:36 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
    [2013/01/09 09:44:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
    [2013/01/09 09:44:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
    [2013/01/09 09:44:36 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
    [2013/01/09 09:44:36 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
    [2013/01/09 09:44:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
    [2013/01/09 09:44:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
    [2013/01/09 09:44:05 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
    [2013/01/09 09:44:03 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
    [2013/01/09 09:44:02 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
    [2013/01/09 09:44:01 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
    [2013/01/09 09:44:01 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
    [2013/01/09 09:44:01 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
    [2013/01/09 09:44:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
    [2013/01/09 09:44:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2013/01/09 09:44:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
    [2013/01/09 09:44:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2013/01/09 09:44:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
    [2013/01/09 09:44:00 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    [2013/01/09 09:44:00 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
    [2013/01/09 09:44:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    [2013/01/09 09:43:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
    [2013/01/09 09:43:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    [2013/01/09 09:43:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
    [2013/01/09 09:43:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    [2013/01/09 09:43:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
    [2013/01/09 09:43:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
    [2013/01/09 09:43:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    [2013/01/09 09:43:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
    [2013/01/09 09:43:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
    [2013/01/09 09:43:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    [2013/01/09 09:43:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    [2013/01/09 09:43:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    [2013/01/09 09:43:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    [2013/01/09 09:43:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    [2013/01/09 09:43:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2013/01/09 09:43:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2013/01/09 09:43:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2013/01/09 09:43:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    [2013/01/09 09:43:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
    [2013/01/09 09:43:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    [2013/01/09 09:43:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
    [2013/01/09 09:43:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [2013/01/09 09:43:35 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
    [2013/01/08 17:09:03 | 000,000,000 | R--D | C] -- C:\Users\sodel\Documents\Scanned Documents
    [2013/01/08 16:48:10 | 000,000,000 | ---D | C] -- C:\Users\sodel\Desktop\papier association l'art en toit
    [2013/01/06 15:56:50 | 000,000,000 | ---D | C] -- C:\Users\sodel\Desktop\pour site à olivier kkoweb
    [2013/01/03 12:54:26 | 000,000,000 | ---D | C] -- C:\Users\sodel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
    [2013/01/03 12:34:57 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
    [2013/01/03 12:34:22 | 000,000,000 | ---D | C] -- C:\Users\sodel\AppData\Local\OLYMPUS
    [2013/01/03 12:32:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Olympus
    [2013/01/03 12:31:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
    [2013/01/03 12:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Camera
    [2013/01/03 12:31:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\OLYMPUS
    [2013/01/03 12:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\OLYMPUS
    [2013/01/01 16:17:08 | 000,000,000 | ---D | C] -- C:\6839dbf5e6c24c95f2
    [2013/01/01 09:42:03 | 000,069,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offreg.dll
    [2013/01/01 09:42:03 | 000,021,176 | ---- | C] (iolo technologies, LLC) -- C:\Windows\SysNative\iolorgdf64.exe
    [2013/01/01 09:42:03 | 000,000,000 | ---D | C] -- C:\Users\sodel\AppData\Roaming\iolo
    [2013/01/01 09:42:03 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
    [2013/01/01 09:41:49 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
    [2013/01/01 03:09:42 | 000,000,000 | ---D | C] -- C:\1caf24ab9ac56b9719608a5795
    [2013/01/01 03:05:16 | 000,000,000 | ---D | C] -- C:\5df23a897cf4a6210c7e19de1c28
    [2013/01/01 03:00:38 | 000,000,000 | ---D | C] -- C:\3b3476e4bb4b6f5fbb687870
    [2012/12/30 09:46:31 | 000,000,000 | ---D | C] -- C:\Users\sodel\Desktop\musique so
    [2012/12/30 09:46:11 | 000,000,000 | ---D | C] -- C:\Users\sodel\Desktop\CUBA ALL STARS
    [2012/12/29 10:40:28 | 000,000,000 | ---D | C] -- C:\Users\sodel\AppData\Local\Programs
    [2012/12/27 18:18:11 | 000,000,000 | ---D | C] -- C:\Users\sodel\Documents\cv so 2012
    [2012/12/27 18:13:22 | 000,000,000 | ---D | C] -- C:\Users\sodel\Documents\michel documents
    [2012/12/22 10:38:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
    [2012/12/22 10:38:20 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
    [2012/12/22 10:38:18 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
    [2012/12/22 10:38:16 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
    [2012/12/20 19:31:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/01/17 14:25:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sodel\Desktop\OTL.exe
    [2013/01/17 13:48:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/01/17 13:38:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/01/17 12:38:01 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/01/17 12:06:55 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2013/01/17 12:06:54 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2013/01/17 12:03:57 | 000,002,515 | ---- | M] () -- C:\Users\sodel\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
    [2013/01/17 12:03:57 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
    [2013/01/17 11:38:58 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/01/17 11:38:58 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/01/17 11:31:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/01/17 11:31:01 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
    [2013/01/15 15:24:22 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/01/13 09:46:21 | 000,002,241 | ---- | M] () -- C:\Users\sodel\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2013/01/11 10:05:06 | 001,662,638 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/01/11 10:05:06 | 000,745,534 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2013/01/11 10:05:06 | 000,652,376 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/01/11 10:05:06 | 000,149,020 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2013/01/11 10:05:06 | 000,121,308 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/01/10 07:54:20 | 000,447,504 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/01/10 07:35:34 | 001,641,184 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013/01/09 21:37:00 | 001,359,864 | ---- | M] () -- C:\Users\sodel\Desktop\IMG_0388.JPG
    [2013/01/08 22:23:49 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/01/05 11:38:11 | 000,001,232 | ---- | M] () -- C:\Users\sodel\AppData\Roaming\wklnhst.dat
    [2013/01/03 20:19:31 | 000,001,877 | ---- | M] () -- C:\Users\sodel\Desktop\ib.lnk
    [2013/01/03 12:31:01 | 000,001,398 | ---- | M] () -- C:\Users\Public\Desktop\uTough-6020 Manuel d’instructions.lnk
    [2013/01/02 12:57:53 | 000,186,375 | ---- | M] () -- C:\Users\sodel\Documents\actualisation janvier 2013.pdf
    [2013/01/01 09:42:04 | 000,074,703 | ---- | M] () -- C:\Windows\SysWow64\mfc45.dll
    [2013/01/01 09:41:52 | 000,002,006 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sony MSS.lnk
    [2012/12/27 16:45:06 | 000,517,924 | ---- | M] () -- C:\Users\sodel\Documents\cerfa_13972 demande de changement d'adresse pour l'association.pdf
    [2012/12/22 17:10:44 | 000,111,608 | ---- | M] () -- C:\Users\sodel\Desktop\lutin de noel.jpg
    [2012/12/20 19:31:12 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/01/17 12:06:55 | 000,001,002 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/01/17 12:03:57 | 000,002,515 | ---- | C] () -- C:\Users\sodel\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
    [2013/01/17 12:03:57 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
    [2013/01/17 12:03:57 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
    [2013/01/15 15:24:22 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/01/10 08:58:47 | 001,359,864 | ---- | C] () -- C:\Users\sodel\Desktop\IMG_0388.JPG
    [2013/01/08 22:23:49 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/01/08 22:23:48 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2013/01/07 13:37:57 | 000,001,143 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
    [2013/01/03 12:34:22 | 000,001,877 | ---- | C] () -- C:\Users\sodel\Desktop\ib.lnk
    [2013/01/03 12:31:01 | 000,001,398 | ---- | C] () -- C:\Users\Public\Desktop\uTough-6020 Manuel d’instructions.lnk
    [2013/01/02 12:57:53 | 000,186,375 | ---- | C] () -- C:\Users\sodel\Documents\actualisation janvier 2013.pdf
    [2013/01/01 09:42:03 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
    [2013/01/01 09:41:52 | 000,002,006 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sony MSS.lnk
    [2013/01/01 09:41:49 | 000,002,019 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
    [2012/12/27 17:03:16 | 000,038,906 | R--- | C] () -- C:\Users\sodel\Desktop\Capture d’écran 2012-03-21 à 14.25.37.png
    [2012/12/27 16:45:06 | 000,517,924 | ---- | C] () -- C:\Users\sodel\Documents\cerfa_13972 demande de changement d'adresse pour l'association.pdf
    [2012/12/22 17:10:41 | 000,111,608 | ---- | C] () -- C:\Users\sodel\Desktop\lutin de noel.jpg
    [2012/12/20 19:31:12 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2012/06/23 17:32:32 | 001,641,184 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2012/06/17 14:43:14 | 000,007,597 | ---- | C] () -- C:\Users\sodel\AppData\Local\resmon.resmoncfg
    [2011/07/28 10:55:11 | 000,000,000 | ---- | C] () -- C:\Users\sodel\AppData\Local\{E4FC2088-76A4-4C3F-A23E-EB753BD7A639}
    [2010/07/01 13:11:16 | 000,001,232 | ---- | C] () -- C:\Users\sodel\AppData\Roaming\wklnhst.dat
    [2010/06/25 17:48:59 | 000,016,384 | ---- | C] () -- C:\Users\sodel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== ZeroAccess Check ==========

    [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== Custom Scans ==========

    < >

    < >

    < >

    < >

    < MD5 for: EXPLORER.EXE >
    [2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
    [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
    [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
    [2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
    [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
    [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
    [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
    [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
    [2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
    [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
    [2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
    [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
    [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
    [2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
    [2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
    [2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
    [2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
    [2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
    [2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
    [2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
    [2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
    [2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

    < MD5 for: KERNEL32.DLL >
    [2011/07/16 06:21:15 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=06835B46D9676BEDD80AF25ACF6845FD -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_f083035588e611da\kernel32.dll
    [2011/05/14 08:20:00 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=0E1B2E16235AA7F89F064EE75DFC905E -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_f1e6ed746ce85c1b\kernel32.dll
    [2011/05/14 07:22:22 | 000,837,632 | ---- | M] (Microsoft Corporation) MD5=166116134C58DC36400DE59ACD64FB39 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_fc3b97c6a1491e16\kernel32.dll
    [2012/08/20 20:02:39 | 001,163,776 | ---- | M] (Microsoft Corporation) MD5=1BDA5DB0C493B390C2DFD09139140DE1 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_f093daaf88d88568\kernel32.dll
    [2012/10/04 18:41:16 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=1DC3504CA4C57900F1557E9A3F01D272 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_f1aee2f66d12ac97\kernel32.dll
    [2012/10/04 18:32:16 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=1DDCACAB8DA5399E5521051923016B18 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_efe8cbf06fd422f3\kernel32.dll
    [2011/07/16 05:21:33 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=2113248DB2D1AF9CA790B09F3E6C6E85 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_fad7ada7bd46d3d5\kernel32.dll
    [2011/07/16 06:28:00 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=27AC02D8EE4C02E7648C41CB880151DA -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_f22aa945863b24d8\kernel32.dll
    [2012/08/20 18:31:14 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=305681B4B695D4A888B941965FFC2C17 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_fc688f63baad32ee\kernel32.dll
    [2012/08/18 12:17:55 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=33616DACC75C9E105DAE944120DB4274 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17107_none_fa5fe69aa41ac3c9\kernel32.dll
    [2011/05/14 07:32:33 | 000,837,120 | ---- | M] (Microsoft Corporation) MD5=40EACEE0B6432CBE2459A11B298E9D88 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16816_none_fa543a76a42398d3\kernel32.dll
    [2011/07/16 05:30:27 | 001,048,576 | ---- | M] (Microsoft Corporation) MD5=4EA99F1644627B1EBAD99D0B93CDEE1C -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_fa22f90aa449708d\kernel32.dll
    [2009/07/14 02:41:13 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=5B4B379AD10DEDA4EDA01B8C6961B193 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_efb2d6e86ffc8f55\kernel32.dll
    [2012/10/04 17:36:32 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=5FA395364EE727E4BEE6B1406C207F98 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_fcb841e5ba70d1da\kernel32.dll
    [2009/07/14 02:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) MD5=606ECB76A424CC535407E7A24E2A34BC -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_fa07813aa45d5150\kernel32.dll
    [2012/08/20 19:24:09 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=624B34180C79D67C470C155DB81FFB8E -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_f213e511864c70f3\kernel32.dll
    [2011/05/14 08:11:10 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=6743E8705A96FCBF71279B5AE2CCFDBC -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_f266ba9d860d312d\kernel32.dll
    [2011/06/03 06:58:27 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=6EB2AEE15C20681E323E9A3E334FE6CF -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20978_none_fa9ef84dbd7012f1\kernel32.dll
    [2012/10/04 18:29:16 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=6EED0D77C20137948979EA47360A890B -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_f0726aa188f1bfe4\kernel32.dll
    [2010/11/20 14:26:42 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=7A6326D96D53048FDEC542DF23D875A0 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll
    [2011/06/03 07:54:47 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=8225958BAC83EAFCDB6BAB6EE5EDF6E6 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20978_none_f04a4dfb890f50f6\kernel32.dll
    [2012/08/20 18:51:24 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=85660067ECD49B6E302347EFCC2F72A5 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_fae88501bd394763\kernel32.dll
    [2012/08/18 16:37:49 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=8E7F88A62E1AA28F15C0D6784E4C78B6 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17107_none_f00b3c486fba01ce\kernel32.dll
    [2011/05/14 08:36:24 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=98DA1B7572DAD6BA10296E0DF0950B37 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16816_none_efff90246fc2d6d8\kernel32.dll
    [2011/07/16 05:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=99C3F8E9CC59D95666EB8D8A8B4C2BEB -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_fc0a565aa16ef5d0\kernel32.dll
    [2012/08/20 18:37:18 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=9B98D47916EAD4F69EF51B56B0C2323C -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_fc20fc2ea15dceba\kernel32.dll
    [2012/11/30 05:57:47 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=9CC2571E3646B9A24296AD7ADCC71682 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll
    [2012/10/04 17:54:17 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=A6778FC49011313995A4D718F624CC74 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_fa3d7642a434e4ee\kernel32.dll
    [2012/11/30 05:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=AC0B6F41882FC6ED186962D770EBF1D2 -- C:\Windows\SysWOW64\kernel32.dll
    [2012/11/30 05:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=AC0B6F41882FC6ED186962D770EBF1D2 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll
    [2012/11/30 06:52:53 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=B3BEA6420D482356E53B7C728E05C637 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll
    [2012/11/30 06:38:48 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=B6B1AB98BA656BA1D8E0CA03F59DED51 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_f03d5b4f891964f0\kernel32.dll
    [2011/07/16 06:37:12 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=B9B42A302325537D7B9DC52D47F33A73 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_f1b5ac086d0e33d5\kernel32.dll
    [2012/11/30 06:06:48 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=C95793F4BE3471AEED92F5BF367BE69E -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_fa1637baa451ba0e\kernel32.dll
    [2011/05/14 08:33:36 | 000,837,632 | ---- | M] (Microsoft Corporation) MD5=CC5CBC069944E7EA70D8674478A70A37 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_fcbb64efba6df328\kernel32.dll
    [2011/07/16 05:49:33 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=D3CB12854171DF61D117D7C2BF22C675 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_fc7f5397ba9be6d3\kernel32.dll
    [2012/10/04 17:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=D4F3176082566CEFA633B4945802D4C4 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_fc038d48a1736e92\kernel32.dll
    [2011/07/16 06:21:32 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=DDBD24DC04DA5FD0EDF45CF72B7C01E2 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_efce4eb86fe8ae92\kernel32.dll
    [2012/10/04 17:56:24 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=DE7A37CB1F48526A78A2D42786411578 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_fac714f3bd5281df\kernel32.dll
    [2012/11/30 06:43:53 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=E3BC37881D92EB59EE0BA3B854A54D1E -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_efc18d686ff0f813\kernel32.dll
    [2012/11/30 05:51:54 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=E747ADB6223DBBE1BB138F08A09ADAD6 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_fa9205a1bd7a26eb\kernel32.dll
    [2010/11/20 13:08:56 | 000,837,632 | ---- | M] (Microsoft Corporation) MD5=E80758CF485DB142FCA1EE03A34EAD05 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll
    [2012/08/20 19:48:35 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=EAF41CFBA5281834CBC383C710AC7965 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_f1cc51dc6cfd0cbf\kernel32.dll
    [2012/10/04 18:37:46 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=F3C594D0DA3ACFA6C7B781A490AB4282 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_f263979386100fdf\kernel32.dll
    [2012/11/30 06:41:07 | 001,161,216 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\kernel32.dll
    [2012/11/30 06:41:07 | 001,161,216 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll

    < MD5 for: SERVICES.EXE >
    [2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
    [2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

    < MD5 for: USERINIT.EXE >
    [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
    [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
    [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
    [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
    [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
    [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

    < MD5 for: WININIT.EXE >
    [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
    [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
    [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
    [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

    < MD5 for: WINLOGON.EXE >
    [2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
    [2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
    [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
    [2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
    [2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
    [2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

    < >

    < %SYSTEMDRIVE%\*.exe >
    [2012/07/04 04:48:38 | 003,861,472 | ---- | M] () -- C:\chatzum.exe

    < >

    < %ALLUSERSPROFILE%\Application Data\*. >

    < >

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < >

    < %APPDATA%\*. >
    [2010/06/29 11:28:26 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Adobe
    [2013/01/17 12:04:03 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Apple Computer
    [2010/06/30 21:48:19 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\ArcSoft
    [2010/06/24 12:22:42 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\ATI
    [2010/07/24 13:25:05 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Auslogics
    [2011/07/21 10:27:40 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\GlarySoft
    [2010/06/24 12:27:55 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Google
    [2010/06/30 19:42:17 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Icones
    [2010/06/24 12:21:29 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Identities
    [2010/06/27 13:33:06 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\InstallShield
    [2010/06/24 12:22:50 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Intel Corporation
    [2013/01/01 09:42:03 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\iolo
    [2010/06/24 16:53:10 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Macromedia
    [2012/10/06 19:53:28 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Malwarebytes
    [2010/01/30 01:45:13 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Media Center Programs
    [2013/01/17 14:10:11 | 000,000,000 | --SD | M] -- C:\Users\sodel\AppData\Roaming\Microsoft
    [2012/01/06 11:42:30 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Mozilla
    [2013/01/17 14:19:59 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Nosibay
    [2012/07/30 21:34:44 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\OfferBox
    [2010/06/25 16:51:25 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Opera
    [2013/01/08 22:13:21 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Skype
    [2010/06/27 14:11:00 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Sony Corporation
    [2010/08/03 20:58:44 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Template
    [2010/12/27 19:43:28 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Windows Live Writer
    [2010/10/12 13:16:27 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Yahoo!

    < >

    < %APPDATA%\*.exe /s >

    < >

    < %systemroot%\*. /mp /s >

    < >

    < %systemroot%\system32\*.dll /lockedfiles >

    < >

    < %systemroot%\syswow64\*.dll /lockedfiles >

    < >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < >

    < %systemroot%\syswow64\drivers\*.sys /lockedfiles >

    < >

    < hklm\software\clients\startmenuinternet|command /rs >
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013/01/05 15:48:36 | 000,866,904 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013/01/05 15:48:36 | 000,866,904 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013/01/05 15:48:36 | 000,866,904 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013/01/05 04:43:57 | 000,917,552 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2013/01/05 04:43:57 | 000,917,552 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2013/01/05 04:43:57 | 000,917,552 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/07/08 17:08:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/07/08 17:08:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/07/08 17:08:32 | 000,074,240 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/11/14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/11/14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

    < >

    < hklm\software\clients\startmenuinternet|command /64 /rs >
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2013/01/05 15:48:36 | 000,866,904 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2013/01/05 15:48:36 | 000,866,904 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2013/01/05 15:48:36 | 000,866,904 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2013/01/05 04:43:57 | 000,917,552 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2013/01/05 04:43:57 | 000,917,552 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2013/01/05 04:43:57 | 000,917,552 | ---- | M] (Mozilla Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/07/08 17:08:31 | 000,089,088 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/07/08 17:08:31 | 000,089,088 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/07/08 17:08:31 | 000,089,088 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/11/14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/11/14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /REINSTALL [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /HIDEICONS [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" /SHOWICONS [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)
    64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\PROGRAM FILES (X86)\SAFARI\SAFARI.EXE" [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.)

    < >

    < End of report >
    m
    0
    l
    a c 547 8 Sécurité
    18 Janvier 2013 21:49:49

    Re,

    à faire pour suivre donc, sur ton pc :

    1) Désinstalle les programmes suivants dans ta liste des programmes (si présents) :

    Note : Si tu rencontres une erreur passe au suivant et poursuis la procédure

    - Java(TM) 6 Update 16 (64-bit) (version obsolète et vulnérable, tu possèdes une plus récente)
    - Ask Toolbar (barre d'outil, sauf réel intérêt)
    - Yahoo! Toolbar (idem)
    - Spybot - Search & Destroy (inutile et obsolète, la preuve, tu es là ...)

    - bProtector for Windows (adware : logiciel publicitaire)
    - Reverso Toolbar (barre d'outil sponsorisée par un adware)
    - Iadah Toolbar (idem)


    2) Télécharge AdwCleaner (de Xplode) sur ton Bureau.

    /!\ Désactive tes protections résidentes : antivirus, antispyware ... Ferme toutes les applications en cours (notamment ton navigateur)/!\

  • Double-clique sur adwcleaner.exe pour lancer le programme.
    (Utilisateur de Vista/Windows 7, clique-droit sur le fichier adwcleaner.exe -> Exécuter en tant qu'administrateur)

  • Dans la fenêtre principal, choisis l'option Suppression.
  • Valide l'avertissement.
  • Si le pc demande à redémarrer, accepte.
  • Un rapport apparaitra (sinon, il est situé ici C:\AdwCleaner[Sx].txt). Poste-le dans ta prochaine réponse.


    3) Relance OTL.exe

  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

    /!\ Attention, utilisateur d'Avast! ou d'autres antivirus, ne lancez pas OTL en mode sandbox /!\

  • Copie-colle l'ensemble du texte ci-dessous dans le cadre Personnalisation d'OTL en bas à gauche.



    :OTL
    PRC - [2012/07/12 22:10:31 | 001,677,304 | ---- | M] (bProtector) -- C:\ProgramData\bProtectorForWindows\2.1.419.7\bProtect.exe
    MOD - [2012/07/12 22:10:31 | 002,004,472 | ---- | M] () -- c:\ProgramData\bProtectorForWindows\2.1.419.7\protector.dll
    SRV - [2012/07/12 22:10:31 | 001,677,304 | ---- | M] (bProtector) [Auto | Running] -- C:\ProgramData\bProtectorForWindows\2.1.419.7\bProtect.exe -- (bProtector)
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\URLSearchHook: {09a07b02-f491-4b6b-bfc9-684a624f4f3b} - C:\Program Files (x86)\Reverso\prxtbReve.dll (Conduit Ltd.)
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://search.chatzum.com/?q={searchTerms}
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?AF=114022&babsrc=HP_ss&mntrI...
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\URLSearchHook: {09a07b02-f491-4b6b-bfc9-684a624f4f3b} - C:\Program Files (x86)\Reverso\prxtbReve.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{0518788A-CCBF-4692-94BF-699149542776}: "URL" = http://fr.shopping.com/?linkin_id=8056351
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2EAA}: "URL" = http://www.pucuy.com/google?q={searchTerms}&sa=Search&cx=partner-pub-3546861938806019:fn51rv5o9ne&cof=FORID%3A10&ie=UTF-8&hl=fr
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=114022&babsrc=SP_ss&mntrId=40135f010000000000007edd08d2cb0d
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzum.com/?q={SearchTerms}
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{f3d17ef2-8118-4fa3-afea-bb2e18a69054}: "URL" = http://www.iadah.com/web?search&q={searchTerms}
    IE - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\SearchScopes\{FA953F54-BAED-4E17-B370-B1524B0D23C2}: "URL" = http://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\bProtectorForWindows\2.1.419.7\FirefoxExtension [2012/07/12 22:10:32 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com: C:\Users\sodel\AppData\Roaming\Mozilla\Firefox\Profiles/oz5zy675.default\extensions\specialsavings@superfish.com [2012/07/12 22:14:46 | 000,000,000 | ---D | M]
    [2012/07/12 22:14:46 | 000,000,000 | ---D | M] (SpecialSavings) -- C:\Users\sodel\AppData\Roaming\mozilla\Firefox\Profiles\oz5zy675.default\extensions\specialsavings@superfish.com
    [2012/04/18 18:19:49 | 000,002,311 | ---- | M] () -- C:\Users\sodel\AppData\Roaming\mozilla\firefox\profiles\oz5zy675.default\searchplugins\bProtect.xml
    [2012/06/27 19:05:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
    [2012/10/21 08:06:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
    [2012/07/12 22:27:26 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    [2012/07/12 22:27:26 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bProtect.xml
    CHR - Extension: New Tab = C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn\1.0.1_0\
    CHR - Extension: ChatZum.com - Easy Pictures zoom = C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.9_0\
    O2 - BHO: (Reverso Toolbar) - {09a07b02-f491-4b6b-bfc9-684a624f4f3b} - C:\Program Files (x86)\Reverso\prxtbReve.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Reverso Toolbar) - {09a07b02-f491-4b6b-bfc9-684a624f4f3b} - C:\Program Files (x86)\Reverso\prxtbReve.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
    O3 - HKU\S-1-5-21-2092922797-57936793-2661065244-1000\..\Toolbar\WebBrowser: (Reverso Toolbar) - {09A07B02-F491-4B6B-BFC9-684A624F4F3B} - C:\Program Files (x86)\Reverso\prxtbReve.dll (Conduit Ltd.)
    O4 - HKU\S-1-5-21-2092922797-57936793-2661065244-1000..\Run: [Bubble Dock] "C:\Users\sodel\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup File not found
    O20 - AppInit_DLLs: (c:\progra~3\bprote~1\21419~1.7\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.1.419.7\protector.dll ()
    [2013/01/17 14:11:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nosibay
    [2013/01/17 14:10:10 | 000,000,000 | ---D | C] -- C:\Users\sodel\AppData\Roaming\Nosibay
    [2013/01/10 07:28:26 | 000,000,000 | ---D | C] -- C:\84ec06e45407208514a5608750
    [2013/01/10 07:16:34 | 000,000,000 | ---D | C] -- C:\95772c92cc11c857a94b752bcd99
    [2013/01/01 16:17:08 | 000,000,000 | ---D | C] -- C:\6839dbf5e6c24c95f2
    [2013/01/01 03:09:42 | 000,000,000 | ---D | C] -- C:\1caf24ab9ac56b9719608a5795
    [2013/01/01 03:05:16 | 000,000,000 | ---D | C] -- C:\5df23a897cf4a6210c7e19de1c28
    [2013/01/01 03:00:38 | 000,000,000 | ---D | C] -- C:\3b3476e4bb4b6f5fbb687870
    [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [2012/07/04 04:48:38 | 003,861,472 | ---- | M] () -- C:\chatzum.exe
    [2013/01/17 14:19:59 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\Nosibay
    [2012/07/30 21:34:44 | 000,000,000 | ---D | M] -- C:\Users\sodel\AppData\Roaming\OfferBox

    :Files
    C:\ProgramData\bProtectorForWindows

    :Commands
    [emptytemp]
    [resethosts]



  • Puis clique sur le bouton Correction en haut à gauche
  • Le pc va redémarrer. (si ce n'est pas le cas, fais-le manuellement)
  • Poste le rapport de suppression s'il apparait.

    Note : S'il n'apparait pas, il se trouve ici : C:\_OTL, sous la forme xxxxxxxx_xxxx.log où x sont la date et l'heure

    /!\ Ce script est exclusivement réservé à l'utilisateur actuel du sujet, vous ne devez en aucun cas l'utiliser de votre propre chef sur un autre pc, sous risque d'endommager le système /!\


    -------------

    Dans ta prochaine réponse il ma faudra les rapport Adwcleaner en mode suppression, et OTL en correction, tu peux les poster directement ici.

    :jap: 
    m
    0
    l
    19 Janvier 2013 11:38:11

    Bonjour,
    Alors j'ai éffectué toutes les demande,je pense que j'ai réussi, voici ce que j'ai reçu:

    No active process named bProtect.exe was found!
    Error: No service named bProtector was found to stop!
    Service\Driver key bProtector not found.
    File C:\ProgramData\bProtectorForWindows\2.1.419.7\bProtect.exe not found.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{09a07b02-f491-4b6b-bfc9-684a624f4f3b} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09a07b02-f491-4b6b-bfc9-684a624f4f3b}\ not found.
    File C:\Program Files (x86)\Reverso\prxtbReve.dll not found.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
    HKU\S-1-5-21-2092922797-57936793-2661065244-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!
    Registry value HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{09a07b02-f491-4b6b-bfc9-684a624f4f3b} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09a07b02-f491-4b6b-bfc9-684a624f4f3b}\ not found.
    File C:\Program Files (x86)\Reverso\prxtbReve.dll not found.
    HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0518788A-CCBF-4692-94BF-699149542776}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0518788A-CCBF-4692-94BF-699149542776}\ not found.
    Registry key HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2EAA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-1111-472f-A0FF-E1416B8B2EAA}\ not found.
    Registry key HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
    Registry key HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
    Registry key HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Internet Explorer\SearchScopes\{f3d17ef2-8118-4fa3-afea-bb2e18a69054}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3d17ef2-8118-4fa3-afea-bb2e18a69054}\ not found.
    Registry key HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FA953F54-BAED-4E17-B370-B1524B0D23C2}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA953F54-BAED-4E17-B370-B1524B0D23C2}\ not found.
    Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com not found.
    File C:\Program Files (x86)\Iminent\webbooster@iminent.com not found.
    Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
    File C:\Program Files\Web Assistant\Firefox not found.
    Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b64982b1-d112-42b5-b1e4-d3867c4533f8}\ not found.
    File C:\ProgramData\bProtectorForWindows\2.1.419.7\FirefoxExtension not found.
    Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\specialsavings@superfish.com not found.
    File C:\Users\sodel\AppData\Roaming\Mozilla\Firefox\Profiles/oz5zy675.default\extensions\specialsavings@superfish.com not found.
    Folder C:\Users\sodel\AppData\Roaming\mozilla\Firefox\Profiles\oz5zy675.default\extensions\specialsavings@superfish.com\ not found.
    File C:\Users\sodel\AppData\Roaming\mozilla\firefox\profiles\oz5zy675.default\searchplugins\bProtect.xml not found.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\content folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} folder moved successfully.
    File C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml not found.
    C:\Program Files (x86)\Mozilla Firefox\searchplugins\bProtect.xml moved successfully.
    C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn\1.0.1_0\js folder moved successfully.
    C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn\1.0.1_0\css folder moved successfully.
    C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn\1.0.1_0 folder moved successfully.
    C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.9_0 folder moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09a07b02-f491-4b6b-bfc9-684a624f4f3b}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09a07b02-f491-4b6b-bfc9-684a624f4f3b}\ not found.
    File C:\Program Files (x86)\Reverso\prxtbReve.dll not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{09a07b02-f491-4b6b-bfc9-684a624f4f3b} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09a07b02-f491-4b6b-bfc9-684a624f4f3b}\ not found.
    File C:\Program Files (x86)\Reverso\prxtbReve.dll not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
    Registry value HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{09A07B02-F491-4B6B-BFC9-684A624F4F3B} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09A07B02-F491-4B6B-BFC9-684A624F4F3B}\ not found.
    File C:\Program Files (x86)\Reverso\prxtbReve.dll not found.
    Registry value HKEY_USERS\S-1-5-21-2092922797-57936793-2661065244-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Bubble Dock not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\bprote~1\21419~1.7\protec~1.dll deleted successfully.
    File c:\ProgramData\bProtectorForWindows\2.1.419.7\protector.dll not found.
    Folder C:\Program Files (x86)\Nosibay\ not found.
    Folder C:\Users\sodel\AppData\Roaming\Nosibay\ not found.
    C:\84ec06e45407208514a5608750\searchplugins folder moved successfully.
    C:\84ec06e45407208514a5608750 folder moved successfully.
    C:\95772c92cc11c857a94b752bcd99\searchplugins folder moved successfully.
    C:\95772c92cc11c857a94b752bcd99 folder moved successfully.
    C:\6839dbf5e6c24c95f2\searchplugins folder moved successfully.
    C:\6839dbf5e6c24c95f2 folder moved successfully.
    C:\1caf24ab9ac56b9719608a5795\searchplugins folder moved successfully.
    C:\1caf24ab9ac56b9719608a5795 folder moved successfully.
    C:\5df23a897cf4a6210c7e19de1c28\searchplugins folder moved successfully.
    C:\5df23a897cf4a6210c7e19de1c28 folder moved successfully.
    C:\3b3476e4bb4b6f5fbb687870\searchplugins folder moved successfully.
    C:\3b3476e4bb4b6f5fbb687870 folder moved successfully.
    C:\Program Files (x86)\GUM5901.tmp\searchplugins\bProtect.xml deleted successfully.
    C:\Program Files (x86)\GUM5901.tmp\searchplugins folder deleted successfully.
    C:\Program Files (x86)\GUM5901.tmp folder deleted successfully.
    C:\Program Files (x86)\GUM6FB3.tmp\searchplugins\bProtect.xml deleted successfully.
    C:\Program Files (x86)\GUM6FB3.tmp\searchplugins folder deleted successfully.
    C:\Program Files (x86)\GUM6FB3.tmp folder deleted successfully.
    C:\Windows\msdownld.tmp folder deleted successfully.
    C:\chatzum.exe moved successfully.
    Folder C:\Users\sodel\AppData\Roaming\Nosibay\ not found.
    Folder C:\Users\sodel\AppData\Roaming\OfferBox\ not found.
    ========== FILES ==========
    File\Folder C:\ProgramData\bProtectorForWindows not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public

    User: sodel
    ->Temp folder emptied: 8347602 bytes
    ->Temporary Internet Files folder emptied: 710628 bytes
    ->Java cache emptied: 9342970 bytes
    ->FireFox cache emptied: 69580186 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Apple Safari cache emptied: 133210112 bytes
    ->Opera cache emptied: 0 bytes
    ->Flash cache emptied: 523 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 57298 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1276956 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 757 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 212,00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    OTL by OldTimer - Version 3.2.69.0 log created on 01192013_112616

    Files\Folders moved on Reboot...
    C:\Users\sodel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DF27841B2DCD73FC31.TMP not found!
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DF32299451AB52F8CE.TMP not found!
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DF960901F3A0678A3D.TMP not found!
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DF9FC26D21A9DAB84C.TMP not found!
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DFB8181412100F886C.TMP not found!
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DFBBBAD9CD8281FE16.TMP not found!
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DFC296EAB80A044C1E.TMP not found!
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DFCB0720CB5F2B3085.TMP not found!
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DFD122E80AB451AAE2.TMP not found!
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DFD54361D08A54B938.TMP not found!
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DFE298994EF3AC8BD1.TMP not found!
    File\Folder C:\Users\sodel\AppData\Local\Temp\~DFFEB4C5E0ED8C2120.TMP not found!

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
    m
    0
    l
    a c 547 8 Sécurité
    19 Janvier 2013 11:51:32

    Re,

    Ok pour OTL.

    TU dois me fournir aussi le rapport obtenu avec Adwcleaner s'il te plait.
    Il doit être sur ton bureau, nommé AdwCleaner[S1].txt
    Ou bien à la base de ton disque dur, donc "Ordinateur" -> C: -> AdwCleaner[S1].txt
    m
    0
    l
    19 Janvier 2013 12:02:17

    je pense que c'est sa:

    # AdwCleaner v2.106 - Rapport créé le 19/01/2013 à 11:11:18
    # Mis à jour le 17/01/2013 par Xplode
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d'utilisateur : sodel - DOUDOU
    # Mode de démarrage : Normal
    # Exécuté depuis : C:\Users\sodel\AppData\Local\Temp\wdwezmzm.tmp\adwcleaner.exe
    # Option [Suppression]


    ***** [Services] *****


    ***** [Fichiers / Dossiers] *****


    ***** [Registre] *****


    ***** [Navigateurs] *****

    -\\ Internet Explorer v9.0.8112.16457

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v18.0 (fr)

    Fichier : C:\Users\sodel\AppData\Roaming\Mozilla\Firefox\Profiles\oz5zy675.default\prefs.js

    [OK] Le fichier ne contient aucune entrée illégitime.

    -\\ Google Chrome v24.0.1312.52

    Fichier : C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] Le fichier ne contient aucune entrée illégitime.

    -\\ Opera v [Impossible d'obtenir la version]

    Fichier : C:\Users\sodel\AppData\Roaming\Opera\Opera\operaprefs.ini

    [OK] Le fichier ne contient aucune entrée illégitime.

    *************************

    AdwCleaner[S1].txt - [18717 octets] - [19/01/2013 11:05:02]
    AdwCleaner[S2].txt - [1208 octets] - [19/01/2013 11:11:18]

    ########## EOF - C:\AdwCleaner[S2].txt - [1268 octets] ##########
    m
    0
    l
    19 Janvier 2013 12:04:56

    ou celui la:

    # AdwCleaner v2.106 - Rapport créé le 19/01/2013 à 11:05:02
    # Mis à jour le 17/01/2013 par Xplode
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d'utilisateur : sodel - DOUDOU
    # Mode de démarrage : Normal
    # Exécuté depuis : C:\Users\sodel\AppData\Local\Temp\wdwezmzm.tmp\adwcleaner.exe
    # Option [Suppression]


    ***** [Services] *****


    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\Program Files (x86)\Ask.com
    Dossier Supprimé : C:\Program Files (x86)\ChatZum Toolbar
    Dossier Supprimé : C:\Program Files (x86)\Conduit
    Dossier Supprimé : C:\Program Files (x86)\Nosibay
    Dossier Supprimé : C:\ProgramData\Ask
    Dossier Supprimé : C:\ProgramData\Partner
    Dossier Supprimé : C:\Users\sodel\AppData\Local\Conduit
    Dossier Supprimé : C:\Users\sodel\AppData\LocalLow\Conduit
    Dossier Supprimé : C:\Users\sodel\AppData\Roaming\Mozilla\Firefox\Profiles\oz5zy675.default\extensions\specialsavings@superfish.com
    Dossier Supprimé : C:\Users\sodel\AppData\Roaming\Nosibay
    Dossier Supprimé : C:\Users\sodel\AppData\Roaming\OfferBox
    Dossier Supprimé : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
    Fichier Supprimé : C:\user.js
    Fichier Supprimé : C:\Users\sodel\AppData\Roaming\Mozilla\Firefox\Profiles\oz5zy675.default\bprotector_extensions.sqlite
    Fichier Supprimé : C:\Users\sodel\AppData\Roaming\Mozilla\Firefox\Profiles\oz5zy675.default\searchplugins\Askcom.xml
    Fichier Supprimé : C:\Users\sodel\AppData\Roaming\Mozilla\Firefox\Profiles\oz5zy675.default\searchplugins\bProtect.xml
    Fichier Supprimé : C:\Windows\SysWOW64\searchplugins\bProtect.xml
    Supprimé au redémarrage : C:\ProgramData\bProtectorForWindows

    ***** [Registre] *****

    Clé Supprimée : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
    Clé Supprimée : HKCU\Software\ChatZum Toolbar
    Clé Supprimée : HKCU\Software\DataMngr
    Clé Supprimée : HKCU\Software\IM
    Clé Supprimée : HKCU\Software\ImInstaller
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
    Clé Supprimée : HKCU\Software\Nosibay
    Clé Supprimée : HKCU\Software\Offerbox
    Clé Supprimée : HKCU\Software\Softonic
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    Clé Supprimée : HKLM\Software\ChatZum Toolbar
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
    Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2089011
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Clé Supprimée : HKLM\Software\Conduit
    Clé Supprimée : HKLM\Software\DataMngr
    Clé Supprimée : HKLM\Software\Iminent
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
    Clé Supprimée : HKLM\Software\Offerbox
    Clé Supprimée : HKLM\Software\Web Assistant
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
    Clé Supprimée : HKLM\SOFTWARE\Web Assistant
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Valeur Supprimée : HKCU\Software\Mozilla\Firefox\Extensions [specialsavings@superfish.com]
    Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
    Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
    Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

    ***** [Navigateurs] *****

    -\\ Internet Explorer v9.0.8112.16457

    Remplacé : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.chatzum.com/ --> hxxp://www.google.com

    -\\ Mozilla Firefox v18.0 (fr)

    Fichier : C:\Users\sodel\AppData\Roaming\Mozilla\Firefox\Profiles\oz5zy675.default\prefs.js

    C:\Users\sodel\AppData\Roaming\Mozilla\Firefox\Profiles\oz5zy675.default\user.js ... Supprimé !

    Supprimée : user_pref("browser.newtab.url", "search.chatzum.com");
    Supprimée : user_pref("browser.search.order.1", "Ask.com");
    Supprimée : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
    Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");
    Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=114022");
    Supprimée : user_pref("extensions.BabylonToolbar_i.hardId", "40135f010000000000007edd08d2cb0d");
    Supprimée : user_pref("extensions.BabylonToolbar_i.id", "40135f010000000000007edd08d2cb0d");
    Supprimée : user_pref("extensions.BabylonToolbar_i.instlDay", "15533");
    Supprimée : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
    Supprimée : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
    Supprimée : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
    Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
    Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
    Supprimée : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
    Supprimée : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
    Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1723:27:31");
    Supprimée : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
    Supprimée : user_pref("extensions.incredibar_i.aflt", "orgnl");
    Supprimée : user_pref("extensions.incredibar_i.dfltLng", "");
    Supprimée : user_pref("extensions.incredibar_i.did", "10665");
    Supprimée : user_pref("extensions.incredibar_i.excTlbr", false);
    Supprimée : user_pref("extensions.incredibar_i.id", "40135f010000000000007edd08d2cb0d");
    Supprimée : user_pref("extensions.incredibar_i.installerproductid", "26");
    Supprimée : user_pref("extensions.incredibar_i.instlDay", "15533");
    Supprimée : user_pref("extensions.incredibar_i.instlRef", "");
    Supprimée : user_pref("extensions.incredibar_i.ms_url_id", "");
    Supprimée : user_pref("extensions.incredibar_i.newTab", false);
    Supprimée : user_pref("extensions.incredibar_i.ppd", "");
    Supprimée : user_pref("extensions.incredibar_i.prdct", "incredibar");
    Supprimée : user_pref("extensions.incredibar_i.productid", "26");
    Supprimée : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
    Supprimée : user_pref("extensions.incredibar_i.smplGrp", "none");
    Supprimée : user_pref("extensions.incredibar_i.tlbrId", "base");
    Supprimée : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyHKFHoli&loc=IB[...]
    Supprimée : user_pref("extensions.incredibar_i.upn2", "6OyHKFHoli");
    Supprimée : user_pref("extensions.incredibar_i.upn2n", "92261744621849024");
    Supprimée : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
    Supprimée : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1423:28:45");
    Supprimée : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
    Supprimée : user_pref("id_chatzum_installed_version", "1.0.15");
    Supprimée : user_pref("id_chatzum_tabpage", "hxxp%3A//search.chatzum.com/");
    Supprimée : user_pref("browser.search.defaultengine", "Ask.com");

    -\\ Google Chrome v24.0.1312.52

    Fichier : C:\Users\sodel\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Supprimée [l.12] : homepage = "hxxp://search.iminent.com/?appId=7C5F7E27-75AB-4A11-8088-701A5711788B",
    Supprimée [l.16] : urls_to_restore_on_startup = [ "hxxp://search.chatzum.com" ]
    Supprimée [l.1666] : homepage = "hxxp://search.iminent.com/?appId=7C5F7E27-75AB-4A11-8088-701A5711788B",
    Supprimée [l.1929] : urls_to_restore_on_startup = [ "hxxp://search.chatzum.com" ]

    -\\ Opera v [Impossible d'obtenir la version]

    Fichier : C:\Users\sodel\AppData\Roaming\Opera\Opera\operaprefs.ini

    [OK] Le fichier ne contient aucune entrée illégitime.

    *************************

    AdwCleaner[S1].txt - [18684 octets] - [19/01/2013 11:05:02]

    ########## EOF - C:\AdwCleaner[S1].txt - [18745 octets] ##########
    m
    0
    l
    a c 547 8 Sécurité
    19 Janvier 2013 13:34:55

    Re,

    Oui, le seconde était celui qu'il me fallait.

    Bon, comment se comporte ton pc à présent ?
    Rencontres-tu encore des problèmes comme lors de ton premier message ?
    m
    0
    l
    19 Janvier 2013 13:55:57

    bin si j'ouvre mozilla firefox le problème est le même.
    Je vais voir pour le reste
    Merci
    m
    0
    l
    19 Janvier 2013 14:14:45

    Alors je suis aller dans tom's guide dans mon frofil j'ai voulu télépharger une image pour mon avatar est la ....oh c'est le même délir ,il m'ouvre un encart qui me dit: rutime eror programe c:/ programe files 5x86) safari.exe, et il se déconect ...
    m
    0
    l
    a c 547 8 Sécurité
    19 Janvier 2013 14:23:19

    Re,

    Ok, une chose à la fois.

    Avec Firefox, le problème que tu signales, c'est celui de ton premier message ?
    Citation :
    quand j'ouvre firefox et que je cherche à ouvrir une page ,
    j'ai une autre page qui s'affiche et qui défille toujour la même:p  arked.com captcha vérification, on me demande un mot de passe, je ne peux plus aller surfé.


    Et l'erreur :
    Citation :
    il m'ouvre un encart qui me dit: rutime eror programe c:/ programe files 5x86) safari.exe, et il se déconect ...

    C’est en naviguant avec Safari ?

    m
    0
    l
    19 Janvier 2013 14:30:38

    Alors oui pour firefox, et oui pour safari
    m
    0
    l
    19 Janvier 2013 14:32:31

    ton windows est bien a jour ?
    peut etre re DL Microsoft Visual c++ ?
    m
    0
    l
    19 Janvier 2013 14:51:48

    Alors j'ai été dans recherche de mis à jour, la il y avais 3 mis à jour de windows,j'ai éfectuer ses mis à jour,l'ordi c'est fermer et ralumer, je suis me suis conecter avec firefox le problème et toujours la.
    m
    0
    l
    19 Janvier 2013 14:56:10

    j'ai chercher d'autre mis à jour il en a 2 c'est : bing desktop (1) et bingdesktop bureau
    m
    0
    l
    19 Janvier 2013 15:01:09

    non mise a jour inutile
    je laisse hyunkel poursuivre ( si il trouve :D  )
    m
    0
    l
    a c 547 8 Sécurité
    19 Janvier 2013 15:05:36

    Re,

    On va faire un par un hein ...

    Pour Firefox d'abord, fdis-moi toutes les extension existante ici :
    Bouton "firefox" -> modules complémentaire" -> Extensions"

    Puis de même sous "plugins"

    :jap: 
    m
    0
    l
    19 Janvier 2013 15:13:35

    J'ai pas saisie, je vais dans quoi pour firefox
    m
    0
    l
    19 Janvier 2013 15:22:09

    je pense avoir trouvé , j'ai ouver firefox j'ai été dans outil, gestionnaire de modul complémentaire ,une page c'est ouverte et la j'ai: ABP Abdlock plus 2.2.1
    et Java console 6.0.38
    et Mirosoft Essentials 1.O
    m
    0
    l
    19 Janvier 2013 16:07:19

    j'ai trouvé pluging il y en à en rouge qui dit: java (TM) platform SE.......il y en a des activé et d'autre non
    m
    0
    l
    a c 547 8 Sécurité
    19 Janvier 2013 16:25:25

    Re,

    Tu as encore le menu outil ?
    Mais tu es à quelle version de Firefox ?

    Met à jour vers la dernière s'il te plait :
    http://www.mozilla.org/fr/firefox/
    m
    0
    l
    a c 547 8 Sécurité
    19 Janvier 2013 19:09:47

    Re,

    Tu as des marques-pages à sauvegarder sur Firefox si on le désinstalle complètement et qu'on supprime ton profil avant de le réinstaller ?
    m
    0
    l
    19 Janvier 2013 19:14:37

    les marques pages c'est pas grave je ne les sauvegarde pas...on suprime mon profil sur quoi?
    m
    0
    l
    a c 547 8 Sécurité
    19 Janvier 2013 19:25:30

    Re,

    Je te donne la procédure :

    - Désinstalle Firefox dans ta liste des programmes

    - affiche les fichiers et dossiers cachés :
    http://www.chantal11.com/2009/04/afficher-les-fichiers-...

    - Cherche et supprime les dossiers que j'indique, en gras :
    C:\Users\sodel\AppData\Roaming\mozilla\Extensions
    C:\Users\sodel\AppData\Roaming\mozilla\Firefox
    C:\Program Files (x86)\Mozilla Firefox

    Puis :

    Télécharge CCleaner Slim (sans toolbar) de Piriform :

  • Lance l'installation en double cliquant sur le fichier Ccleaner***_slim.exe. (aide ici)
  • Ceci terminé, lance le programme.

  • Choisis ensuite "Registre" puis clique sur "Chercher les erreurs"
  • Laisse faire le scan puis clique sur "Réparer les erreurs sélectionnées"
  • Enregistre la sauvegarde en cliquant sur "Oui"
  • puis clique sur "Corriger toutes les erreurs sélectionnées"
  • Valide l'avertissement en cliquant sur "Oui"

  • Ferme le programme

    Enfin, réinstalle Firefox en le téléchargeant ici :
    http://www.mozilla.org/fr/firefox/


    regarde si le souci persiste ou pas.
    m
    0
    l
    19 Janvier 2013 20:01:42

    ou je trouve les dossiers que je dois suprimer en gras,
    m
    0
    l
    19 Janvier 2013 21:44:38

    Je cherche , je cherche je ne trouve pas c'est dossier?
    m
    0
    l
        • 1 / 2
        • 2
        • Dernier
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS