Se connecter / S'enregistrer
Votre question
Fermé

[Résolu] Fenêtres pub intempestives, comment nettoyer mon PC?

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Mars 2011 10:53:08

Bonjour ,
J'ai des fenêtres de pubs intempestives même si je ne suis pas devant mon PC .
Je suis sous windows XP , j'utilise Firefox

Comment analyser les virus en cause et ensuite nettoyer ?

Merci pour l'aide que vous voudrez bien m'apporter

Autres pages sur : resolu fenetres pub intempestives nettoyer

9 Mars 2011 11:48:35

Bonjour

Bienvenue sur le forum, on va regarder çà ensemble si tu veux bien

Télécharge OTL sur ton Bureau.

  • Prends le soin de fermer toutes les autres fenêtres Windows afin de ne pas interrompre le scan.
  • Double-clique sur OTL.exe pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
  • L'écran principal de OTL s'affiche:



    (1) Si ce n'est déjà fait, dans le paragraphe Registre: Approfondi, cocher le bouton-radio Avec liste blanche

    (2) Coche (en haut) la case située devant Tous les utilisateurs

    (3) Coche également les cases à côté de Recherche Lop et Recherche purity.

    (4) Sélectionne très précisément tout ce qui est en gras avec la souris et copie/colle le contenu dans la zone Personnalisation de la fenêtre OTL


    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.dll /lockedfiles
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    iexplore.exe
    /md5stop



    (5) Puis cliquer sur le bouton Analyse

    - Laisser l'outil travailler sans l'interrompre.

  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau)

    Utilise le site http://pjjoint.malekal.com/ pour envoyer tes rapports, et poste le lien dans ta prochaine réponse.
    Contenus similaires
    9 Mars 2011 15:54:48

    Bonjour

    Pas mal de véroles sur ton PC!

    Relance OTL.exe.

    Fais un double clic sur l'icône pour le lancer.Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

    Sélectionne très précisément tout ce qui est dans le cadre ci dessous , avec la souris et copie le contenu dans la zone "Personnalisation" de la fenêtre OTL

    RAS
    :Files
    C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
    C:\Documents and Settings\HP_Propriétaire\Application Data\inst.exe
    C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
    C:\log.txt

    :Services
    rpcapd
    Planificateur LiveUpdate automatique
    HidServ
    AppMgmt

    :OTL
    PRC - [2008/12/09 10:13:14 | 000,368,224 | ---- | M] (EoRezo) -- C:\Documents and Settings\HP_Propriétaire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    O1 - Hosts: 192.168.251.103 INCTEST
    O1 - Hosts: 192.168.251.102 INCDEV
    O1 - Hosts: 192.168.251.100 INC400
    O1 - Hosts: 192.168.251.120 OPTRADEV
    O1 - Hosts: 192.168.251.123 PRTCIAL
    O1 - Hosts: 192.168.251.121 OPTRAADM
    O1 - Hosts: 192.168.251.122 OPTRAF1
    O1 - Hosts: 192.168.251.105 INC2000
    O1 - Hosts: 192.168.251.106 FAXSTAR
    O1 - Hosts: 192.168.250.100 INCWEB
    O1 - Hosts: 192.168.251.124 COPIEUR
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (no name) - {6d6b212b-2245-4898-8b16-9a11b81ff9e1} - No CLSID value found.
    O2 - BHO: (EOBHO Class) - {C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - C:\Program Files\EoRezo\EoRezoBHO.dll (EoRezo)
    O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O3 - HKU\S-1-5-21-1522709872-1903334440-2166319505-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O3 - HKU\S-1-5-21-1522709872-1903334440-2166319505-1007\..\Toolbar\WebBrowser: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
    O4 - HKLM..\Run: [EoEngine] File not found
    O4 - HKLM..\Run: [NPSStartup] File not found
    O4 - HKLM..\Run: [SoftwareHelper] C:\Documents and Settings\HP_Propriétaire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (EoRezo)
    O4 - HKLM..\Run: [VTTimer] File not found
    O4 - HKLM..\RunOnceEx: [] File not found
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab (Reg Error: Key error.)
    O33 - MountPoints2\{710de5c0-1110-11e0-9c13-5050506f4531}\Shell\AutoRun\command - "" = K:\InstallTomTomHOME.exe
    O33 - MountPoints2\{832a8114-7eb9-11de-98c1-5050506f4531}\Shell\AutoRun\command - "" = x0.com
    O33 - MountPoints2\{832a8114-7eb9-11de-98c1-5050506f4531}\Shell\explore\Command - "" = x0.com
    O33 - MountPoints2\{832a8114-7eb9-11de-98c1-5050506f4531}\Shell\open\Command - "" = x0.com
    O33 - MountPoints2\{fb376a5e-addf-11de-990f-5050506f4531}\Shell - "" = AutoRun
    O33 - MountPoints2\{fb376a5e-addf-11de-990f-5050506f4531}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
    [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    @Alternate Data Stream - 24 bytes -> C:\WINDOWS:CD6908D115FCCD2E

    :Reg
    [HKEY_CURRENT_USER\Control Panel\Desktop]
    "MenuShowDelay"="100"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]
    "AlwaysUnloadDll"=dword:00000001
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=dword:000000ff
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    "NoDriveTypeAutoRun"=dword:000000ff
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer]
    "link"=hex:00,00,00,00
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
    "EnableBalloonTips"=dword:00000000
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify]
    "IconStreams"=-
    "PastIconsStream"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole]
    "SetCommand"=dword:00000001
    "SecurityLevel"=dword:00000001
    :Commands
    [EmptyTemp]
    [ResetHosts]
    [EmptyFlash]
    [CreateRestorePoint]



    Ferme toutes les fenêtres de programme ouvertes (navigateur, traitement de texte, etc...).
    Déconnecte toi physiquement d'internet (le plus simple est de débrancher la prise téléphonique de ta box)
    Branche toutes tes clefs USB, disques dures externes et tout autre support de stockage externe que tu as en ta possession au pc et sans les ouvrir

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler sans te servir du PC!!!!!
  • Copie et colle le rapport dans ta réponse stp
    9 Mars 2011 17:28:25

    Re- bonjour ,

    Voici le rapport de la correction :
    All processes killed
    Error: Unable to interpret <RAS> in the current context!
    ========== FILES ==========
    C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
    C:\Documents and Settings\HP_Propriétaire\Application Data\inst.exe moved successfully.
    File\Folder C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job not found.
    C:\log.txt moved successfully.
    ========== SERVICES/DRIVERS ==========
    Service rpcapd stopped successfully!
    Service rpcapd deleted successfully!
    Service Planificateur LiveUpdate automatique stopped successfully!
    Service Planificateur LiveUpdate automatique deleted successfully!
    Service HidServ stopped successfully!
    Service HidServ deleted successfully!
    Service AppMgmt stopped successfully!
    Service AppMgmt deleted successfully!
    ========== OTL ==========
    No active process named SoftwareUpdateHP.exe was found!
    192.168.251.103 INCTEST removed from HOSTS file successfully
    192.168.251.102 INCDEV removed from HOSTS file successfully
    192.168.251.100 INC400 removed from HOSTS file successfully
    192.168.251.120 OPTRADEV removed from HOSTS file successfully
    192.168.251.123 PRTCIAL removed from HOSTS file successfully
    192.168.251.121 OPTRAADM removed from HOSTS file successfully
    192.168.251.122 OPTRAF1 removed from HOSTS file successfully
    192.168.251.105 INC2000 removed from HOSTS file successfully
    192.168.251.106 FAXSTAR removed from HOSTS file successfully
    192.168.250.100 INCWEB removed from HOSTS file successfully
    192.168.251.124 COPIEUR removed from HOSTS file successfully
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d6b212b-2245-4898-8b16-9a11b81ff9e1}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}\ deleted successfully.
    C:\Program Files\EoRezo\EoRezoBHO.dll moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
    C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
    File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
    Registry value HKEY_USERS\S-1-5-21-1522709872-1903334440-2166319505-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
    Registry value HKEY_USERS\S-1-5-21-1522709872-1903334440-2166319505-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
    File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SoftwareHelper deleted successfully.
    C:\Documents and Settings\HP_Propriétaire\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe moved successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\VTTimer deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\\ deleted successfully.
    Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
    C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{710de5c0-1110-11e0-9c13-5050506f4531}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{710de5c0-1110-11e0-9c13-5050506f4531}\ not found.
    File K:\InstallTomTomHOME.exe not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{832a8114-7eb9-11de-98c1-5050506f4531}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{832a8114-7eb9-11de-98c1-5050506f4531}\ not found.
    File x0.com not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{832a8114-7eb9-11de-98c1-5050506f4531}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{832a8114-7eb9-11de-98c1-5050506f4531}\ not found.
    File x0.com not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{832a8114-7eb9-11de-98c1-5050506f4531}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{832a8114-7eb9-11de-98c1-5050506f4531}\ not found.
    File x0.com not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb376a5e-addf-11de-990f-5050506f4531}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fb376a5e-addf-11de-990f-5050506f4531}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb376a5e-addf-11de-990f-5050506f4531}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fb376a5e-addf-11de-990f-5050506f4531}\ not found.
    File K:\LaunchU3.exe -a not found.
    C:\WINDOWS\002647_.tmp deleted successfully.
    C:\WINDOWS\S6A5C26CF.tmp deleted successfully.
    ADS C:\WINDOWS:CD6908D115FCCD2E deleted successfully.
    ========== REGISTRY ==========
    HKEY_CURRENT_USER\Control Panel\Desktop\\"MenuShowDelay"|"100" /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\\"AlwaysUnloadDll"|dword:00000001 /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\"NoDriveTypeAutoRun"|dword:000000ff /E : value set successfully!
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\"NoDriveTypeAutoRun"|dword:000000ff /E : value set successfully!
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\\"link"|hex:00,00,00,00 /E : value set successfully!
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\"EnableBalloonTips"|dword:00000000 /E : value set successfully!
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\IconStreams deleted successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify\\PastIconsStream deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\\"SetCommand"|dword:00000001 /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\\"SecurityLevel"|dword:00000001 /E : value set successfully!
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 70231 bytes
    ->Temporary Internet Files folder emptied: 32768 bytes

    User: HP_Propriétaire
    ->Temp folder emptied: 14311429 bytes
    ->Temporary Internet Files folder emptied: 1015793 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 106868390 bytes
    ->Flash cache emptied: 1551447 bytes

    User: HP_PropriÚtaire
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: LocalService
    ->Temp folder emptied: 115348 bytes
    ->Temporary Internet Files folder emptied: 214883 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 115090 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 2457126 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 70231 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 3846502210 bytes

    Total Files Cleaned = 3 789,00 mb

    C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYFLASH]

    User: All Users

    User: Default User

    User: HP_Propriétaire
    ->Flash cache emptied: 0 bytes

    User: HP_PropriÚtaire

    User: LocalService

    User: NetworkService

    Total Flash Files Cleaned = 0,00 mb

    Restore point Set: OTL Restore Point (0)

    OTL by OldTimer - Version 3.2.22.3 log created on 03092011_171647

    Files\Folders moved on Reboot...
    File\Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XKRRVHKG\Get Hermione Laid not found!
    File\Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\XKRRVHKG\Like an Angel not found!
    File\Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\SVGTEPYB\Get Hermione Laid not found!
    File\Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\N3X5551E\Get Hermione Laid not found!
    File\Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\L8DSDZ26\Get Hermione Laid not found!
    File\Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\L8DSDZ26\Like an Angel not found!
    File\Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\JJXAYARJ\Get Hermione Laid not found!
    File\Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\HGGN1TG9\Get Hermione Laid not found!
    File\Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\HGGN1TG9\Like an Angel not found!
    File\Folder C:\Documents and Settings\HP_Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\GRV3YW9D\Get Hermione Laid not found!

    Registry entries deleted on Reboot...
    9 Mars 2011 18:27:59

    [:_sebastien_:5]

    Normalement tu ne devrais plus avoir de pub on va quand même faire un scan suppléméntaire

    Si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.



  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :



  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen rapide".
  • Afin de lancer la recherche, clic sur " Rechercher ".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
  • Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
  • Si des infections sont présentes, clic sur "Afficher les résultats"
    puis sur "Supprimer la sélection".

    Enregistre le rapport sur ton Bureau.
  • Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
    9 Mars 2011 18:59:42

    Bien vu l'analyse supplémentaire ! il y en avait encore !!
    Tu connais Eorezo ? il a dû s'installer à l'insu de mon plein gré

    Le rapport :

    alwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 6003

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    09/03/2011 18:49:24
    mbam-log-2011-03-09 (18-49-24).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 159638
    Temps écoulé: 7 minute(s), 21 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 3

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\EoRezo\confmedia.cyp (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\Program Files\EoRezo\unins000.dat (Rogue.Eorezo) -> Quarantined and deleted successfully.
    C:\Program Files\EoRezo\unins000.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
    9 Mars 2011 19:02:55

    [:_sebastien_:5]
    Citation :
    Tu connais Eorezo ?

    Oui quel daube ce truc

    janis_14 Alors maintenant toujours des pubs ?
    9 Mars 2011 19:08:33

    Re

    Tu réponds tellement vite que je n'ai pas de recul pour te dire si j'ai encore des pubs (lol)

    Pour l'instant , plus de pubs et un GRAND MERCI pour les explications claires concernant la marche à suivre

    Des choses à désinstaller ?

    9 Mars 2011 19:11:08

    Citation :
    Des choses à désinstaller ?

    Oui bien sur cher ami

    Avant fais ceci

    PureRa est un outil très simple qui supprime des fichiers que d'autres nettoyeurs ignorent et permet ainsi un gain d'espace intéressant pour un fonctionnement optimal de votre PC.

  • Cliquer ICI,descendre jusqu'à PureRa et cliquer sur Download Windows Binary pour télécharger le fichier (.zip) sur le Bureau.

  • Cliquer-droit sur le nouveau fichier => "Extraire ici".

  • Fermer toutes les fenêtres et applications ouvertes et double-cliquer sur PureRa.exe (Vista et Windows 7, cliquer-droit dessus => "Exécuter en tant qu'administrateur") puis cliquer sur Next.

  • Cocher la case Check All et cliquer sur le bouton Clean

    Un rapport sera créé et le nettoyage terminé . Inutile de le poster sur le forum.
    9 Mars 2011 19:28:08

    Voila c'est fait : nettoyage terminé
    9 Mars 2011 19:35:01

    Ok


    Tu n'es plus infecté après avoir fais ce qui suit:


  • Double clique sur OTL.exe et clique sur le bouton purge outils
    Sous Windows Vista/7, faire un clic droit sur OTL.exe puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.
  • OTL va supprimer tous les logiciels qu'on a utilisés et faire redémarrer ton ordinateur.

    Il faut toujours mettre à jour Internet Explorer. : IE 8 Même si tu utilises Firefox

    Il faut modifier tous les mots de passe importants.
    De nos jours, la plupart des nuisibles sont créés dans le seul but de voler des informations personnelles et/ou des mots de passe.
    Je te conseille de modifier tous les mots de passe importants comme ceux concernant la banque, les sites marchands, les réseaux sociaux, etc...
    Il est très important de créer des mots de passe solides et d'utiliser un mot de passe différent pour chaque site.

    Il faut sécuriser Firefox: Certaines extensions me semblent presque indispensables:

    Adblock Plus https://addons.mozilla.org/fr/firefox/addon/1865
    NoScript https://addons.mozilla.org/fr/firefox/addon/722
    WOT https://addons.mozilla.org/fr/firefox/addon/3456

    Proscrire l'utilisation de cracks, keygens et autres warez!
    Proscrire l'utilisation de P2P illicite!
    Azureus, BitTorrent, uTorrent:
    Regarde ce que ça fait j'ai fait une petite expérience :
    http://hackinginterdit.forumactif.com/information-f14/les-keygens-c-est-de-la-daube-t122.htm

    janis_14 Peux tu Ajouter [Résolu] au titre. Pour cela :
    Clique, sur ton premier message, sur le bouton "Editer"
    Rajoute la mention [RESOLU] à ton titre
    Clique ensuite sur "Valider votre message"

    Il ne me reste plus qu'à te souhaiter une très bonne soirée et un bon surf sans malwares !!!!








    6 Mai 2011 18:18:13

    C'est pas bien de se squatter les topics des autres, crée un nouveau topic...
    15 Février 2012 08:33:52

    BONJOUR, merci de m'aider
    voici le premier rapport extras:
    OTL Extras logfile created on: 15/02/2012 07:57:20 - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\india\Desktop
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,97 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 48,99% Memory free
    4,86 Gb Paging File | 2,44 Gb Available in Paging File | 50,30% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 93,16 Gb Total Space | 3,52 Gb Free Space | 3,78% Space Free | Partition Type: NTFS
    Drive E: | 100,00 Mb Total Space | 69,79 Mb Free Space | 69,79% Space Free | Partition Type: NTFS
    Drive H: | 232,73 Gb Total Space | 43,68 Gb Free Space | 18,77% Space Free | Partition Type: NTFS
    Drive I: | 232,93 Gb Total Space | 1,78 Gb Free Space | 0,76% Space Free | Partition Type: NTFS

    Computer Name: INDIA-PC | User Name: india | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-1657895859-445539507-710052843-1001\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series" = Canon MP270 series MP Drivers
    "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
    "{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}" = WinZip 16.0
    "{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "CCleaner" = CCleaner

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{006E6A46-8D55-4F10-BBA8-2C9653B4278B}" = Software Update Helper
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1" = BusinessCards MX
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
    "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
    "{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
    "{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
    "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
    "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
    "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
    "{58AB24F7-9A4A-4573-B9CE-58AF961E173B}" = Boxore Client
    "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
    "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1" = Free Alarm Clock 2.2.0
    "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
    "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
    "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
    "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
    "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
    "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
    "{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Français
    "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F2BBDD5D-7959-4F64-8737-F568092433F6}" = VideoBuzz
    "{FAD6CF61-D3BE-485A-8B57-41110BC214C7}" = Winiti
    "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
    "2YourFace" = 2YourFace 1.0
    "abe20ca9" = Contextual Tool Extrafind
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Alarm_is1" = Alarm 2.0.4
    "Anti-Pub_is1" = Anti-Pub 2003.03
    "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
    "Babylon" = Babylon
    "BabylonToolbar" = Babylon toolbar on IE
    "CartaGoGo v3.1.8_is1" = CartaGoGo v3.1.8
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "Chica Password Manager_is1" = Chica Password Manager 1.10.0.6
    "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
    "DivX Setup" = Configuration DivX
    "Eurosport Poker_is1" = Eurosport Poker
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "iLivid" = iLivid
    "McAfee Security Scan" = McAfee Security Scan Plus
    "Mozilla Firefox (3.6.26)" = Mozilla Firefox (3.6.26)
    "OfferBox" = OfferBox
    "PCTuto Avast_is1" = PCTuto Avast 2.0
    "PCTuto Maj_is1" = PCTuto Maj 1.0
    "PCTuto_is1" = PCTuto 2.0
    "PlayerPlus" = PlayerPlus
    "PMUPoker" = PMU Poker
    "PriceGong" = PriceGong 2.5.3
    "scrabbleproB_is1" = scrabbleproB 1.1.3
    "SFR_Kit" = SFR - Kit de connexion
    "SFR_Media Center" = SFR - Media Center
    "SFR_Mediacenter Evolution" = SFR - Mediacenter Evolution
    15 Février 2012 08:40:33

    OTL logfile created on: 15/02/2012 07:57:20 - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\india\Desktop
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,97 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 48,99% Memory free
    4,86 Gb Paging File | 2,44 Gb Available in Paging File | 50,30% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 93,16 Gb Total Space | 3,52 Gb Free Space | 3,78% Space Free | Partition Type: NTFS
    Drive E: | 100,00 Mb Total Space | 69,79 Mb Free Space | 69,79% Space Free | Partition Type: NTFS
    Drive H: | 232,73 Gb Total Space | 43,68 Gb Free Space | 18,77% Space Free | Partition Type: NTFS
    Drive I: | 232,93 Gb Total Space | 1,78 Gb Free Space | 0,76% Space Free | Partition Type: NTFS

    Computer Name: INDIA-PC | User Name: india | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/02/15 07:50:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\india\Desktop\OTL.exe
    PRC - [2012/01/24 08:37:46 | 003,189,360 | ---- | M] (Babylon Ltd.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe
    PRC - [2012/01/14 08:38:18 | 000,307,312 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    PRC - [2011/12/28 16:47:00 | 000,175,976 | ---- | M] (Aedge Performance BCN SL) -- C:\Program Files (x86)\OfferBox\OfferBoxHTTPProxy.exe
    PRC - [2011/12/28 16:46:58 | 003,084,648 | ---- | M] (Aedge Performance BCN SL) -- C:\Program Files (x86)\OfferBox\OfferBox.exe
    PRC - [2011/12/15 14:22:24 | 000,526,192 | ---- | M] () -- C:\Program Files (x86)\6PEO\Winiti\Winiti.exe
    PRC - [2011/12/09 19:06:18 | 000,513,200 | ---- | M] (Boxore OU) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe
    PRC - [2011/12/06 11:17:56 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
    PRC - [2011/11/02 05:13:14 | 000,210,744 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\ytbb.exe
    PRC - [2011/08/31 12:07:34 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    PRC - [2011/06/10 07:23:52 | 000,959,880 | ---- | M] (SFR) -- C:\Program Files (x86)\SFR\Kit\9props.exe
    PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2011/04/21 06:55:37 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    PRC - [2011/04/21 06:55:20 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2011/04/14 12:40:06 | 000,663,168 | ---- | M] (PCTuto) -- C:\Users\india\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe
    PRC - [2011/04/14 12:40:04 | 000,982,656 | ---- | M] (PCTUTO) -- C:\Program Files (x86)\PCTuto\pctuto.exe
    PRC - [2011/04/01 10:14:30 | 000,391,432 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
    PRC - [2011/04/01 10:14:30 | 000,259,336 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
    PRC - [2011/03/28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    PRC - [2011/02/17 11:36:48 | 001,347,912 | ---- | M] (Comfort Software Group) -- C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
    PRC - [2010/04/29 23:08:14 | 000,742,720 | ---- | M] (SFR) -- C:\Program Files (x86)\SFR\Media Center\MediaCenter.exe
    PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    PRC - [2007/09/05 07:59:02 | 000,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\SFR\Media Center\httpd\httpd.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/01/16 13:36:00 | 000,085,312 | ---- | M] () -- C:\Program Files (x86)\2YourFace\bho.dll
    MOD - [2011/12/15 14:22:24 | 000,526,192 | ---- | M] () -- C:\Program Files (x86)\6PEO\Winiti\Winiti.exe
    MOD - [2011/10/31 14:37:30 | 000,088,976 | ---- | M] () -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll
    MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    MOD - [2011/06/10 07:24:04 | 000,079,240 | ---- | M] () -- C:\Program Files (x86)\SFR\Kit\9unelevate.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2009/08/18 01:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2012/01/29 03:17:51 | 000,138,416 | ---- | M] (Boxore OU.) [Auto | Stopped] -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe -- (supdate) Software Update Service (supdate)
    SRV - [2011/08/31 12:07:34 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/04/21 06:55:37 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2011/04/01 10:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
    SRV - [2011/03/28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
    SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
    SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/08/31 12:07:35 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
    DRV:64bit: - [2011/08/31 12:07:35 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
    DRV:64bit: - [2011/05/13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2009/08/18 02:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
    DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/20 03:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT310677...
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B FB 59 56 D5 5D CC 01 [binary data]
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:56847

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Search Results"
    FF - prefs.js..browser.search.defaultthis.engineName: "WinZipBar Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT310677...{searchTerms}"
    FF - prefs.js..browser.search.order.1: "Search Results"
    FF - prefs.js..browser.search.selectedEngine: "WinZipBar Customized Web Search"
    FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
    FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
    FF - prefs.js..extensions.enabledItems: {33e0daa6-3af3-d8b5-6752-10e949c61516}:1.1
    FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.5.3
    FF - prefs.js..extensions.enabledItems: crossriderapp1950@crossrider.com:0.78.15
    FF - prefs.js..extensions.enabledItems: BlocagePublicite@winiti.com:1.1
    FF - prefs.js..extensions.enabledItems: adapter@babylontc.com:1.0.0.1
    FF - prefs.js..extensions.enabledItems: ocr@babylon.com:1.1
    FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
    FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.5.1.00
    FF - prefs.js..extensions.enabledItems: support@2yourface.com:1
    FF - prefs.js..extensions.enabledItems: {0994e754-fbb0-c4c4-1c15-b823990eb20f}:4.6.8.3
    FF - prefs.js..extensions.enabledItems: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37}:3.9.0.3
    FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=189&syst..."

    FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="

    FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8: C:\Program Files (x86)\Software\Update\1.2.195.0\npSoftwareOneClick8.dll (Boxore OU.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/26 18:19:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp1950@crossrider.com: C:\Users\india\AppData\Local\RewardsArcadeSuite\1950\Firefox [2012/01/09 00:13:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@2yourface.com: C:\Program Files (x86)\2YourFace\ffextension [2012/01/29 03:12:44 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 15:36:29 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/02/03 15:36:29 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\support@2yourface.com: C:\Program Files (x86)\2YourFace\ffextension [2012/01/29 03:12:44 | 000,000,000 | ---D | M]

    [2012/01/29 03:31:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\india\AppData\Roaming\mozilla\Extensions
    [2012/02/15 07:38:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions
    [2012/01/01 16:51:30 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
    [2012/02/13 02:32:57 | 000,000,000 | ---D | M] (WinZipBar Community Toolbar) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}
    [2012/01/09 00:13:12 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
    [2012/01/29 03:31:31 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
    [2012/01/20 22:50:26 | 000,000,000 | ---D | M] (Winiti) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\BlocagePublicite@winiti.com
    [2011/09/18 15:22:53 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\ffxtlbr@babylon.com
    [2012/01/31 21:04:30 | 000,000,921 | ---- | M] () -- C:\Users\india\AppData\Roaming\Mozilla\Firefox\Profiles\8hdwkypk.default\searchplugins\conduit.xml
    [2012/01/29 03:31:25 | 000,002,519 | ---- | M] () -- C:\Users\india\AppData\Roaming\Mozilla\Firefox\Profiles\8hdwkypk.default\searchplugins\Search_Results.xml
    [2012/01/29 03:31:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2012/01/29 03:12:59 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{0994e754-fbb0-c4c4-1c15-b823990eb20f}
    [2012/01/29 03:13:16 | 000,000,000 | ---D | M] ("Babylon Spelling and Proofreading") -- C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@babylontc.com
    [2012/01/29 03:13:09 | 000,000,000 | ---D | M] (Babylon Translation Activation) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ocr@babylon.com
    [2012/01/29 03:12:44 | 000,000,000 | ---D | M] (2YourFace) -- C:\PROGRAM FILES (X86)\2YOURFACE\FFEXTENSION
    [2011/10/26 18:19:28 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
    [2012/01/29 03:31:35 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES (X86)\WINDOWS ILIVID TOOLBAR\DATAMNGR\FIREFOXEXTENSION
    [2012/01/09 00:13:22 | 000,000,000 | ---D | M] ("RewardsArcade Suite") -- C:\USERS\INDIA\APPDATA\LOCAL\REWARDSARCADESUITE\1950\FIREFOX
    [2011/10/25 19:57:18 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
    [2012/01/29 03:12:38 | 000,002,351 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    [2011/10/25 19:57:18 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2011/10/25 19:57:18 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
    [2012/01/29 03:31:25 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
    [2011/10/25 19:57:18 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2011/10/25 19:57:18 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\india\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
    O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll (SFR)
    O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\india\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
    O2 - BHO: (2YourFace Addon) - {1185823F-F22F-4027-80E5-4F68ACD5DE5E} - C:\Program Files (x86)\2YourFace\bho.dll ()
    O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.3\PriceGongIE.dll (PriceGong)
    O2 - BHO: (PCTBHO Class) - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} - C:\Program Files (x86)\PCTuto\pctutoBHO.dll (PCTUTO)
    O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
    O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    O2 - BHO: (WinZipBar Toolbar) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
    O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
    O2 - BHO: (RewardsArcadeSuite) - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files (x86)\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (WinZipBar Toolbar) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
    O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKU\S-1-5-21-1657895859-445539507-710052843-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
    O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
    O4 - HKLM..\Run: [Boxore Client] C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe (Boxore OU)
    O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [offerbox] C:\Program Files (x86)\OfferBox\OfferBox.exe (Aedge Performance BCN SL)
    O4 - HKLM..\Run: [PCTuto] C:\Program Files (x86)\PCTuto\pctuto.exe (PCTUTO)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-1657895859-445539507-710052843-1001..\Run: [Connexion SFR 9props.exe] C:\Program Files (x86)\SFR\Kit\9props.exe (SFR)
    O4 - HKU\S-1-5-21-1657895859-445539507-710052843-1001..\Run: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
    O4 - HKU\S-1-5-21-1657895859-445539507-710052843-1001..\Run: [MsnMsgr] "C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background File not found
    O4 - HKU\S-1-5-21-1657895859-445539507-710052843-1001..\Run: [Neuf Media Center] C:\Program Files (x86)\SFR\Media Center\MediaCenter.exe (SFR)
    O4 - HKU\S-1-5-21-1657895859-445539507-710052843-1001..\Run: [WinitiHelper] C:\Program Files (x86)\6PEO\Winiti\Winiti.exe ()
    O4 - HKLM..\RunOnce: [autoupdater] C:\Users\india\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe (PCTuto)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O8:64bit: - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O8 - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O9 - Extra Button: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Users\india\Desktop\PMU Poker.lnk ()
    O9 - Extra 'Tools' menuitem : PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Users\india\Desktop\PMU Poker.lnk ()
    O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6505F37E-6DE2-4038-85CB-9FA53DA553BC}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6505F37E-6DE2-4038-85CB-9FA53DA553BC}: NameServer = 208.67.222.222,208.67.220.220
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) -C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) -C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - H:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/02/15 07:50:34 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\india\Desktop\OTL.exe
    [2012/02/13 19:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\scrabbleproB1.1
    [2012/02/13 19:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\scrabbleproB1.1
    [2012/02/13 02:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
    [2012/02/13 02:32:40 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\Conduit
    [2012/02/13 02:32:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZipBar
    [2012/02/13 02:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
    [2012/02/13 02:32:00 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\WinZip
    [2012/02/13 02:31:44 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
    [2012/02/13 02:31:40 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
    [2012/02/13 02:23:03 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
    [2012/02/13 02:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP270 series
    [2012/02/13 02:22:35 | 000,336,896 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLM9X.DLL
    [2012/02/13 02:22:32 | 000,244,736 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMIU9X.DLL
    [2012/02/13 02:22:26 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
    [2012/02/12 17:22:00 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{BA39EE10-99C8-4440-BC1E-E017C7487872}
    [2012/02/12 17:21:58 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{3E9B9899-DE19-4A2D-B40F-E28B5B41396C}
    [2012/02/12 05:21:46 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{B6396682-153D-4142-879E-CA8DE232545B}
    [2012/02/12 05:21:43 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{5AA90DC2-DEDD-4CCE-AFF0-B2F670CD31CD}
    [2012/02/11 17:21:36 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{3989F899-B829-438F-938F-1387DA21BB14}
    [2012/02/11 17:21:35 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{176C8096-B24F-4259-BAA1-EA31F19E37C7}
    [2012/01/29 03:32:50 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\Ilivid Player
    [2012/01/29 03:32:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
    [2012/01/29 03:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
    [2012/01/29 03:31:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid
    [2012/01/29 03:31:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows iLivid Toolbar
    [2012/01/29 03:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
    [2012/01/29 03:31:12 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\PackageAware
    [2012/01/29 03:16:40 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\Babylon
    [2012/01/29 03:13:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Boxore
    [2012/01/29 03:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
    [2012/01/29 03:12:55 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon
    [2012/01/29 03:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Babylon
    [2012/01/29 03:12:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2YourFace
    [2012/01/29 03:12:15 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\Software
    [2012/01/29 03:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Software
    [2012/01/29 03:12:10 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayerPlus
    [2012/01/29 03:12:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayerPlus
    [2012/01/25 21:36:15 | 000,000,000 | R--D | C] -- C:\Users\india\Documents\Notes
    [2012/01/22 15:55:35 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{2FDAAC27-1000-4F94-AB51-10B523FF0C5E}
    [2012/01/22 15:55:33 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{B9752D6F-41CC-40F4-A3CE-3B45A5C5E694}
    [2012/01/21 22:08:05 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{6CC5D241-9FCF-4430-8043-80AE6DDCD64F}
    [2012/01/21 22:07:39 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{E2C86E15-8D5B-4AF5-9006-09CECE9B7980}
    [2012/01/21 09:58:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winiti
    [2012/01/21 09:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\6PEO
    [2012/01/18 06:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
    [2012/01/18 06:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
    [2012/01/18 06:50:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
    [2012/01/18 06:50:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
    [2012/01/18 06:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
    [2012/01/18 06:44:52 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\Microsoft Help
    [2012/01/18 06:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
    [2012/01/18 06:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
    [3 C:\Users\india\Desktop\*.tmp files -> C:\Users\india\Desktop\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/02/15 07:50:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\india\Desktop\OTL.exe
    [2012/02/15 07:42:03 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
    [2012/02/15 07:41:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/02/15 07:28:01 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
    [2012/02/15 07:27:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/02/14 22:31:33 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/02/14 22:31:33 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/02/14 22:28:23 | 001,524,562 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/02/14 22:28:23 | 000,695,004 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2012/02/14 22:28:23 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/02/14 22:28:23 | 000,127,684 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2012/02/14 22:28:23 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/02/14 22:24:19 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/02/14 22:23:52 | 3193,393,152 | -HS- | M] () -- C:\hiberfil.sys
    [2012/02/13 19:24:40 | 000,000,995 | ---- | M] () -- C:\Users\india\Desktop\scrabbleproB.lnk
    [2012/02/13 02:32:11 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
    [2012/02/08 16:23:09 | 000,129,024 | ---- | M] () -- C:\Windows\RegBootClean64.exe
    [2012/02/08 16:04:45 | 000,800,882 | ---- | M] () -- C:\Users\india\AppData\Local\census.cache
    [2012/02/08 16:03:04 | 000,107,101 | ---- | M] () -- C:\Users\india\AppData\Local\ars.cache
    [2012/02/08 15:27:07 | 000,000,036 | ---- | M] () -- C:\Users\india\AppData\Local\housecall.guid.cache
    [2012/01/29 03:32:49 | 000,000,114 | ---- | M] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url
    [2012/01/29 03:32:01 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
    [2012/01/29 03:13:00 | 000,075,562 | ---- | M] () -- C:\Windows\SysWow64\abe20ca9.exe
    [2012/01/29 03:12:56 | 002,551,808 | ---- | M] () -- C:\Windows\SysWow64\d9986ca9.dll
    [2012/01/29 03:12:51 | 000,000,712 | ---- | M] () -- C:\user.js
    [2012/01/29 03:12:11 | 000,001,031 | ---- | M] () -- C:\Users\india\Desktop\PlayerPlus.exe.lnk
    [2012/01/24 21:31:17 | 000,002,753 | ---- | M] () -- C:\Users\india\Desktop\Microsoft Office Word 2007.lnk
    [2012/01/24 13:04:56 | 001,606,656 | ---- | M] () -- C:\Users\india\Desktop\SetupWebPlayer.msi
    [2012/01/20 22:43:18 | 004,862,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [3 C:\Users\india\Desktop\*.tmp files -> C:\Users\india\Desktop\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/02/13 19:24:40 | 000,000,995 | ---- | C] () -- C:\Users\india\Desktop\scrabbleproB.lnk
    [2012/02/13 02:32:11 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
    [2012/02/08 16:23:09 | 000,129,024 | ---- | C] () -- C:\Windows\RegBootClean64.exe
    [2012/02/08 16:04:45 | 000,800,882 | ---- | C] () -- C:\Users\india\AppData\Local\census.cache
    [2012/02/08 16:03:04 | 000,107,101 | ---- | C] () -- C:\Users\india\AppData\Local\ars.cache
    [2012/02/08 15:27:07 | 000,000,036 | ---- | C] () -- C:\Users\india\AppData\Local\housecall.guid.cache
    [2012/01/29 03:32:49 | 000,000,114 | ---- | C] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url
    [2012/01/29 03:32:01 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
    [2012/01/29 03:13:00 | 000,075,562 | ---- | C] () -- C:\Windows\SysWow64\abe20ca9.exe
    [2012/01/29 03:12:56 | 002,551,808 | ---- | C] () -- C:\Windows\SysWow64\d9986ca9.dll
    [2012/01/29 03:12:25 | 000,001,084 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
    [2012/01/29 03:12:23 | 000,001,080 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
    [2012/01/29 03:12:11 | 000,001,031 | ---- | C] () -- C:\Users\india\Desktop\PlayerPlus.exe.lnk
    [2012/01/25 00:18:56 | 001,606,656 | ---- | C] () -- C:\Users\india\Desktop\SetupWebPlayer.msi
    [2012/01/24 21:31:17 | 000,002,753 | ---- | C] () -- C:\Users\india\Desktop\Microsoft Office Word 2007.lnk
    [2011/12/15 17:38:33 | 000,000,132 | ---- | C] () -- C:\Users\india\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
    [2011/08/18 19:06:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

    ========== LOP Check ==========

    [2012/01/29 22:38:55 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\Babylon
    [2012/02/13 02:36:44 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\BitZipper
    [2011/12/16 09:52:24 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2011/12/10 14:20:30 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    [2012/01/01 16:51:17 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\Complitly
    [2011/12/15 22:20:46 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\mojosoft
    [2012/02/14 22:24:42 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\OfferBox
    [2011/08/18 20:22:25 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\PCtuto
    [2012/01/09 00:14:06 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\VideoBuzz
    [2012/01/13 11:09:51 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\OfferBox
    [2009/07/14 06:08:49 | 000,015,376 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2012/02/15 07:42:03 | 000,001,080 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
    [2012/02/15 07:28:01 | 000,001,084 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job

    ========== Purity Check ==========



    < End of report >
    15 Février 2012 08:44:08

    OTL logfile created on: 15/02/2012 07:57:20 - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\india\Desktop
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    3,97 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 48,99% Memory free
    4,86 Gb Paging File | 2,44 Gb Available in Paging File | 50,30% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 93,16 Gb Total Space | 3,52 Gb Free Space | 3,78% Space Free | Partition Type: NTFS
    Drive E: | 100,00 Mb Total Space | 69,79 Mb Free Space | 69,79% Space Free | Partition Type: NTFS
    Drive H: | 232,73 Gb Total Space | 43,68 Gb Free Space | 18,77% Space Free | Partition Type: NTFS
    Drive I: | 232,93 Gb Total Space | 1,78 Gb Free Space | 0,76% Space Free | Partition Type: NTFS

    Computer Name: INDIA-PC | User Name: india | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/02/15 07:50:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\india\Desktop\OTL.exe
    PRC - [2012/01/24 08:37:46 | 003,189,360 | ---- | M] (Babylon Ltd.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe
    PRC - [2012/01/14 08:38:18 | 000,307,312 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    PRC - [2011/12/28 16:47:00 | 000,175,976 | ---- | M] (Aedge Performance BCN SL) -- C:\Program Files (x86)\OfferBox\OfferBoxHTTPProxy.exe
    PRC - [2011/12/28 16:46:58 | 003,084,648 | ---- | M] (Aedge Performance BCN SL) -- C:\Program Files (x86)\OfferBox\OfferBox.exe
    PRC - [2011/12/15 14:22:24 | 000,526,192 | ---- | M] () -- C:\Program Files (x86)\6PEO\Winiti\Winiti.exe
    PRC - [2011/12/09 19:06:18 | 000,513,200 | ---- | M] (Boxore OU) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe
    PRC - [2011/12/06 11:17:56 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
    PRC - [2011/11/02 05:13:14 | 000,210,744 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\ytbb.exe
    PRC - [2011/08/31 12:07:34 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    PRC - [2011/06/10 07:23:52 | 000,959,880 | ---- | M] (SFR) -- C:\Program Files (x86)\SFR\Kit\9props.exe
    PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2011/04/21 06:55:37 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    PRC - [2011/04/21 06:55:20 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2011/04/14 12:40:06 | 000,663,168 | ---- | M] (PCTuto) -- C:\Users\india\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe
    PRC - [2011/04/14 12:40:04 | 000,982,656 | ---- | M] (PCTUTO) -- C:\Program Files (x86)\PCTuto\pctuto.exe
    PRC - [2011/04/01 10:14:30 | 000,391,432 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
    PRC - [2011/04/01 10:14:30 | 000,259,336 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
    PRC - [2011/03/28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    PRC - [2011/02/17 11:36:48 | 001,347,912 | ---- | M] (Comfort Software Group) -- C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
    PRC - [2010/04/29 23:08:14 | 000,742,720 | ---- | M] (SFR) -- C:\Program Files (x86)\SFR\Media Center\MediaCenter.exe
    PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    PRC - [2007/09/05 07:59:02 | 000,024,635 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\SFR\Media Center\httpd\httpd.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/01/16 13:36:00 | 000,085,312 | ---- | M] () -- C:\Program Files (x86)\2YourFace\bho.dll
    MOD - [2011/12/15 14:22:24 | 000,526,192 | ---- | M] () -- C:\Program Files (x86)\6PEO\Winiti\Winiti.exe
    MOD - [2011/10/31 14:37:30 | 000,088,976 | ---- | M] () -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll
    MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    MOD - [2011/06/10 07:24:04 | 000,079,240 | ---- | M] () -- C:\Program Files (x86)\SFR\Kit\9unelevate.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2009/08/18 01:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2012/01/29 03:17:51 | 000,138,416 | ---- | M] (Boxore OU.) [Auto | Stopped] -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe -- (supdate) Software Update Service (supdate)
    SRV - [2011/08/31 12:07:34 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/04/21 06:55:37 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2011/04/01 10:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
    SRV - [2011/03/28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
    SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
    SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/08/31 12:07:35 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
    DRV:64bit: - [2011/08/31 12:07:35 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
    DRV:64bit: - [2011/05/13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2009/08/18 02:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
    DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/20 03:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT310677...
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B FB 59 56 D5 5D CC 01 [binary data]
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKU\S-1-5-21-1657895859-445539507-710052843-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:56847

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Search Results"
    FF - prefs.js..browser.search.defaultthis.engineName: "WinZipBar Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT310677...{searchTerms}"
    FF - prefs.js..browser.search.order.1: "Search Results"
    FF - prefs.js..browser.search.selectedEngine: "WinZipBar Customized Web Search"
    FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
    FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
    FF - prefs.js..extensions.enabledItems: {33e0daa6-3af3-d8b5-6752-10e949c61516}:1.1
    FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.5.3
    FF - prefs.js..extensions.enabledItems: crossriderapp1950@crossrider.com:0.78.15
    FF - prefs.js..extensions.enabledItems: BlocagePublicite@winiti.com:1.1
    FF - prefs.js..extensions.enabledItems: adapter@babylontc.com:1.0.0.1
    FF - prefs.js..extensions.enabledItems: ocr@babylon.com:1.1
    FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
    FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.5.1.00
    FF - prefs.js..extensions.enabledItems: support@2yourface.com:1
    FF - prefs.js..extensions.enabledItems: {0994e754-fbb0-c4c4-1c15-b823990eb20f}:4.6.8.3
    FF - prefs.js..extensions.enabledItems: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37}:3.9.0.3
    FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=189&syst..."

    FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q="

    FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8: C:\Program Files (x86)\Software\Update\1.2.195.0\npSoftwareOneClick8.dll (Boxore OU.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/10/26 18:19:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp1950@crossrider.com: C:\Users\india\AppData\Local\RewardsArcadeSuite\1950\Firefox [2012/01/09 00:13:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@2yourface.com: C:\Program Files (x86)\2YourFace\ffextension [2012/01/29 03:12:44 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/03 15:36:29 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.26\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/02/03 15:36:29 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\support@2yourface.com: C:\Program Files (x86)\2YourFace\ffextension [2012/01/29 03:12:44 | 000,000,000 | ---D | M]

    [2012/01/29 03:31:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\india\AppData\Roaming\mozilla\Extensions
    [2012/02/15 07:38:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions
    [2012/01/01 16:51:30 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
    [2012/02/13 02:32:57 | 000,000,000 | ---D | M] (WinZipBar Community Toolbar) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37}
    [2012/01/09 00:13:12 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
    [2012/01/29 03:31:31 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
    [2012/01/20 22:50:26 | 000,000,000 | ---D | M] (Winiti) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\BlocagePublicite@winiti.com
    [2011/09/18 15:22:53 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\india\AppData\Roaming\mozilla\Firefox\Profiles\8hdwkypk.default\extensions\ffxtlbr@babylon.com
    [2012/01/31 21:04:30 | 000,000,921 | ---- | M] () -- C:\Users\india\AppData\Roaming\Mozilla\Firefox\Profiles\8hdwkypk.default\searchplugins\conduit.xml
    [2012/01/29 03:31:25 | 000,002,519 | ---- | M] () -- C:\Users\india\AppData\Roaming\Mozilla\Firefox\Profiles\8hdwkypk.default\searchplugins\Search_Results.xml
    [2012/01/29 03:31:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2012/01/29 03:12:59 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{0994e754-fbb0-c4c4-1c15-b823990eb20f}
    [2012/01/29 03:13:16 | 000,000,000 | ---D | M] ("Babylon Spelling and Proofreading") -- C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@babylontc.com
    [2012/01/29 03:13:09 | 000,000,000 | ---D | M] (Babylon Translation Activation) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ocr@babylon.com
    [2012/01/29 03:12:44 | 000,000,000 | ---D | M] (2YourFace) -- C:\PROGRAM FILES (X86)\2YOURFACE\FFEXTENSION
    [2011/10/26 18:19:28 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
    [2012/01/29 03:31:35 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES (X86)\WINDOWS ILIVID TOOLBAR\DATAMNGR\FIREFOXEXTENSION
    [2012/01/09 00:13:22 | 000,000,000 | ---D | M] ("RewardsArcade Suite") -- C:\USERS\INDIA\APPDATA\LOCAL\REWARDSARCADESUITE\1950\FIREFOX
    [2011/10/25 19:57:18 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
    [2012/01/29 03:12:38 | 000,002,351 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
    [2011/10/25 19:57:18 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2011/10/25 19:57:18 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
    [2012/01/29 03:31:25 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
    [2011/10/25 19:57:18 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2011/10/25 19:57:18 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\india\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
    O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll (SFR)
    O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\india\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
    O2 - BHO: (2YourFace Addon) - {1185823F-F22F-4027-80E5-4F68ACD5DE5E} - C:\Program Files (x86)\2YourFace\bho.dll ()
    O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.3\PriceGongIE.dll (PriceGong)
    O2 - BHO: (PCTBHO Class) - {293A63F7-C3B6-423a-9845-901AC0A7EE6E} - C:\Program Files (x86)\PCTuto\pctutoBHO.dll (PCTUTO)
    O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
    O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    O2 - BHO: (WinZipBar Toolbar) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
    O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
    O2 - BHO: (RewardsArcadeSuite) - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files (x86)\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (WinZipBar Toolbar) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
    O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKU\S-1-5-21-1657895859-445539507-710052843-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
    O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
    O4 - HKLM..\Run: [Boxore Client] C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe (Boxore OU)
    O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [offerbox] C:\Program Files (x86)\OfferBox\OfferBox.exe (Aedge Performance BCN SL)
    O4 - HKLM..\Run: [PCTuto] C:\Program Files (x86)\PCTuto\pctuto.exe (PCTUTO)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-1657895859-445539507-710052843-1001..\Run: [Connexion SFR 9props.exe] C:\Program Files (x86)\SFR\Kit\9props.exe (SFR)
    O4 - HKU\S-1-5-21-1657895859-445539507-710052843-1001..\Run: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
    O4 - HKU\S-1-5-21-1657895859-445539507-710052843-1001..\Run: [MsnMsgr] "C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background File not found
    O4 - HKU\S-1-5-21-1657895859-445539507-710052843-1001..\Run: [Neuf Media Center] C:\Program Files (x86)\SFR\Media Center\MediaCenter.exe (SFR)
    O4 - HKU\S-1-5-21-1657895859-445539507-710052843-1001..\Run: [WinitiHelper] C:\Program Files (x86)\6PEO\Winiti\Winiti.exe ()
    O4 - HKLM..\RunOnce: [autoupdater] C:\Users\india\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe (PCTuto)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O8:64bit: - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O8 - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O9 - Extra Button: PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Users\india\Desktop\PMU Poker.lnk ()
    O9 - Extra 'Tools' menuitem : PMU Poker - {06568ceb-5721-47d4-9d93-7e604fcbaeab} - C:\Users\india\Desktop\PMU Poker.lnk ()
    O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6505F37E-6DE2-4038-85CB-9FA53DA553BC}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6505F37E-6DE2-4038-85CB-9FA53DA553BC}: NameServer = 208.67.222.222,208.67.220.220
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) -C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) -C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - H:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/02/15 07:50:34 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\india\Desktop\OTL.exe
    [2012/02/13 19:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\scrabbleproB1.1
    [2012/02/13 19:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\scrabbleproB1.1
    [2012/02/13 02:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
    [2012/02/13 02:32:40 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\Conduit
    [2012/02/13 02:32:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZipBar
    [2012/02/13 02:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
    [2012/02/13 02:32:00 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\WinZip
    [2012/02/13 02:31:44 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
    [2012/02/13 02:31:40 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
    [2012/02/13 02:23:03 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
    [2012/02/13 02:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP270 series
    [2012/02/13 02:22:35 | 000,336,896 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLM9X.DLL
    [2012/02/13 02:22:32 | 000,244,736 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMIU9X.DLL
    [2012/02/13 02:22:26 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
    [2012/02/12 17:22:00 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{BA39EE10-99C8-4440-BC1E-E017C7487872}
    [2012/02/12 17:21:58 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{3E9B9899-DE19-4A2D-B40F-E28B5B41396C}
    [2012/02/12 05:21:46 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{B6396682-153D-4142-879E-CA8DE232545B}
    [2012/02/12 05:21:43 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{5AA90DC2-DEDD-4CCE-AFF0-B2F670CD31CD}
    [2012/02/11 17:21:36 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{3989F899-B829-438F-938F-1387DA21BB14}
    [2012/02/11 17:21:35 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{176C8096-B24F-4259-BAA1-EA31F19E37C7}
    [2012/01/29 03:32:50 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\Ilivid Player
    [2012/01/29 03:32:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
    [2012/01/29 03:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
    [2012/01/29 03:31:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid
    [2012/01/29 03:31:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows iLivid Toolbar
    [2012/01/29 03:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
    [2012/01/29 03:31:12 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\PackageAware
    [2012/01/29 03:16:40 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\Babylon
    [2012/01/29 03:13:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Boxore
    [2012/01/29 03:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
    [2012/01/29 03:12:55 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon
    [2012/01/29 03:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Babylon
    [2012/01/29 03:12:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2YourFace
    [2012/01/29 03:12:15 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\Software
    [2012/01/29 03:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Software
    [2012/01/29 03:12:10 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayerPlus
    [2012/01/29 03:12:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayerPlus
    [2012/01/25 21:36:15 | 000,000,000 | R--D | C] -- C:\Users\india\Documents\Notes
    [2012/01/22 15:55:35 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{2FDAAC27-1000-4F94-AB51-10B523FF0C5E}
    [2012/01/22 15:55:33 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{B9752D6F-41CC-40F4-A3CE-3B45A5C5E694}
    [2012/01/21 22:08:05 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{6CC5D241-9FCF-4430-8043-80AE6DDCD64F}
    [2012/01/21 22:07:39 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\{E2C86E15-8D5B-4AF5-9006-09CECE9B7980}
    [2012/01/21 09:58:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winiti
    [2012/01/21 09:58:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\6PEO
    [2012/01/18 06:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
    [2012/01/18 06:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
    [2012/01/18 06:50:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
    [2012/01/18 06:50:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
    [2012/01/18 06:45:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
    [2012/01/18 06:44:52 | 000,000,000 | ---D | C] -- C:\Users\india\AppData\Local\Microsoft Help
    [2012/01/18 06:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
    [2012/01/18 06:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
    [3 C:\Users\india\Desktop\*.tmp files -> C:\Users\india\Desktop\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/02/15 07:50:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\india\Desktop\OTL.exe
    [2012/02/15 07:42:03 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
    [2012/02/15 07:41:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/02/15 07:28:01 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
    [2012/02/15 07:27:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/02/14 22:31:33 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/02/14 22:31:33 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/02/14 22:28:23 | 001,524,562 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/02/14 22:28:23 | 000,695,004 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2012/02/14 22:28:23 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/02/14 22:28:23 | 000,127,684 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2012/02/14 22:28:23 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/02/14 22:24:19 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/02/14 22:23:52 | 3193,393,152 | -HS- | M] () -- C:\hiberfil.sys
    [2012/02/13 19:24:40 | 000,000,995 | ---- | M] () -- C:\Users\india\Desktop\scrabbleproB.lnk
    [2012/02/13 02:32:11 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
    [2012/02/08 16:23:09 | 000,129,024 | ---- | M] () -- C:\Windows\RegBootClean64.exe
    [2012/02/08 16:04:45 | 000,800,882 | ---- | M] () -- C:\Users\india\AppData\Local\census.cache
    [2012/02/08 16:03:04 | 000,107,101 | ---- | M] () -- C:\Users\india\AppData\Local\ars.cache
    [2012/02/08 15:27:07 | 000,000,036 | ---- | M] () -- C:\Users\india\AppData\Local\housecall.guid.cache
    [2012/01/29 03:32:49 | 000,000,114 | ---- | M] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url
    [2012/01/29 03:32:01 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
    [2012/01/29 03:13:00 | 000,075,562 | ---- | M] () -- C:\Windows\SysWow64\abe20ca9.exe
    [2012/01/29 03:12:56 | 002,551,808 | ---- | M] () -- C:\Windows\SysWow64\d9986ca9.dll
    [2012/01/29 03:12:51 | 000,000,712 | ---- | M] () -- C:\user.js
    [2012/01/29 03:12:11 | 000,001,031 | ---- | M] () -- C:\Users\india\Desktop\PlayerPlus.exe.lnk
    [2012/01/24 21:31:17 | 000,002,753 | ---- | M] () -- C:\Users\india\Desktop\Microsoft Office Word 2007.lnk
    [2012/01/24 13:04:56 | 001,606,656 | ---- | M] () -- C:\Users\india\Desktop\SetupWebPlayer.msi
    [2012/01/20 22:43:18 | 004,862,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [3 C:\Users\india\Desktop\*.tmp files -> C:\Users\india\Desktop\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/02/13 19:24:40 | 000,000,995 | ---- | C] () -- C:\Users\india\Desktop\scrabbleproB.lnk
    [2012/02/13 02:32:11 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
    [2012/02/08 16:23:09 | 000,129,024 | ---- | C] () -- C:\Windows\RegBootClean64.exe
    [2012/02/08 16:04:45 | 000,800,882 | ---- | C] () -- C:\Users\india\AppData\Local\census.cache
    [2012/02/08 16:03:04 | 000,107,101 | ---- | C] () -- C:\Users\india\AppData\Local\ars.cache
    [2012/02/08 15:27:07 | 000,000,036 | ---- | C] () -- C:\Users\india\AppData\Local\housecall.guid.cache
    [2012/01/29 03:32:49 | 000,000,114 | ---- | C] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url
    [2012/01/29 03:32:01 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
    [2012/01/29 03:13:00 | 000,075,562 | ---- | C] () -- C:\Windows\SysWow64\abe20ca9.exe
    [2012/01/29 03:12:56 | 002,551,808 | ---- | C] () -- C:\Windows\SysWow64\d9986ca9.dll
    [2012/01/29 03:12:25 | 000,001,084 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
    [2012/01/29 03:12:23 | 000,001,080 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
    [2012/01/29 03:12:11 | 000,001,031 | ---- | C] () -- C:\Users\india\Desktop\PlayerPlus.exe.lnk
    [2012/01/25 00:18:56 | 001,606,656 | ---- | C] () -- C:\Users\india\Desktop\SetupWebPlayer.msi
    [2012/01/24 21:31:17 | 000,002,753 | ---- | C] () -- C:\Users\india\Desktop\Microsoft Office Word 2007.lnk
    [2011/12/15 17:38:33 | 000,000,132 | ---- | C] () -- C:\Users\india\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
    [2011/08/18 19:06:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

    ========== LOP Check ==========

    [2012/01/29 22:38:55 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\Babylon
    [2012/02/13 02:36:44 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\BitZipper
    [2011/12/16 09:52:24 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2011/12/10 14:20:30 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    [2012/01/01 16:51:17 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\Complitly
    [2011/12/15 22:20:46 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\mojosoft
    [2012/02/14 22:24:42 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\OfferBox
    [2011/08/18 20:22:25 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\PCtuto
    [2012/01/09 00:14:06 | 000,000,000 | ---D | M] -- C:\Users\india\AppData\Roaming\VideoBuzz
    [2012/01/13 11:09:51 | 000,000,000 | ---D | M] -- C:\Users\Invité\AppData\Roaming\OfferBox
    [2009/07/14 06:08:49 | 000,015,376 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2012/02/15 07:42:03 | 000,001,080 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
    [2012/02/15 07:28:01 | 000,001,084 | ---- | M] () -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job

    ========== Purity Check ==========



    < End of report >
    15 Février 2012 08:54:30

    bonjour, je viens just de te poster les deux rapports, peux tu m'aider. si oui merci d'avance
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS