Se connecter / S'enregistrer
Votre question

Pc Infecter avec pub intempestive

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
2 Mai 2011 13:02:32

Bonjour,
Mon pc est infecter et il présente de nombreux symptômes telle que les bug ou encore lorsque une page inter s'affiche c'est des site de rencontre qui la remplace et voila c'est vraiment lourd donc j'aimerais savoir si quelqu'un peut m'aider .

Autres pages sur : infecter pub intempestive

a c 267 8 Sécurité
2 Mai 2011 13:05:32

Bonjour,

On va regarder ça de plus près :

  • Télécharge OTL (par OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prend pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres Bloc-notes vont s'ouvrir : OTL.txt et Extras.txt. Ils se trouvent au même endroit qu'OTL.

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    2 Mai 2011 13:06:41

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 13:05:30, on 02/05/2011
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16766)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Windows\MicrosoftFolder\Microframework.exe
    C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    C:\Windows\System32\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\explorer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\hakim\Downloads\HiJackThis.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.3.62.1\facemoods.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [DowNiT - Microframework] C:\Windows\MicrosoftFolder\Microframework.exe
    O4 - HKLM\..\Run: [DowNiT - Microframework] C:\Windows\MicrosoftFolder\Microframework.exe
    O4 - HKLM\..\Run: [DowNiT - DofVictime2] C:\Windows\MicrosoftFolder\DofVictime2.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
    O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
    O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - Unknown owner - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
    O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
    O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    --
    End of file - 25840 bytes
    Contenus similaires
    2 Mai 2011 13:10:58

    Merci de ton aide voila le raport :

    OTL logfile created on: 02/05/2011 13:07:20 - Run 3
    OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\hakim\Downloads
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free
    3,00 Gb Paging File | 3,00 Gb Available in Paging File | 77,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 179,32 Gb Total Space | 114,66 Gb Free Space | 63,94% Space Free | Partition Type: NTFS
    Drive D: | 6,96 Gb Total Space | 1,03 Gb Free Space | 14,72% Space Free | Partition Type: FAT32
    Unable to calculate disk information.

    Computer Name: HAKIM-PC | User Name: hakim | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\hakim\Downloads\OTL(2).exe (OldTimer Tools)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Windows\MicrosoftFolder\Microframework.exe ()
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
    PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
    PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
    PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
    PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\hakim\Downloads\OTL(2).exe (OldTimer Tools)
    MOD - C:\Users\hakim\AppData\Local\cleanhdd.dll (Microsoft Corporation)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (Hamachi2Svc) -- File not found
    SRV - (Bonjour Service) -- File not found
    SRV - (Sony Ericsson PCCompanion) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
    SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
    SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
    SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
    SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (wampmysqld) -- c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe ()
    SRV - (wampapache) -- c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe (Apache Software Foundation)


    ========== Driver Services (SafeList) ==========

    DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
    DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
    DRV - (RTL8187B) -- C:\Windows\System32\drivers\RTL8187B.sys (Realtek Semiconductor Corporation )
    DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
    DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 4F 97 EA B0 6B CB 01 [binary data]
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Bing"
    FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
    FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.0.4
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}:1.0
    FF - prefs.js..extensions.enabledItems: HBLite@HBLite.com:11.0.0.0
    FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="

    FF - HKLM\software\mozilla\Firefox\Extensions\\HBLite@HBLite.com: C:\Program Files\HBLite\bin\11.0.363.0\firefox\extensions [2011/04/10 00:17:37 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 11:41:59 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 11:41:59 | 000,000,000 | ---D | M]

    [2010/11/08 22:39:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hakim\AppData\Roaming\mozilla\Extensions
    [2010/11/08 22:39:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hakim\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
    [2010/11/01 00:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hakim\AppData\Roaming\mozilla\Firefox\Profiles\2d2m7r13.default\extensions
    [2010/10/17 07:38:26 | 000,001,832 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\Mozilla\Firefox\Profiles\2d2m7r13.default\searchplugins\bing.xml
    [2011/05/02 09:55:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
    [2010/10/17 23:41:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2011/04/10 00:19:47 | 000,000,000 | ---D | M] (ScanQuery) -- C:\Program Files\mozilla firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}
    [2010/11/21 21:45:21 | 000,000,000 | ---D | M] (Facemoods) -- C:\Program Files\mozilla firefox\extensions\ffxtlbr@Facemoods.com
    [2011/04/10 00:17:37 | 000,000,000 | ---D | M] (Hotbar Component) -- C:\PROGRAM FILES\HBLITE\BIN\11.0.363.0\FIREFOX\EXTENSIONS
    [2010/10/17 23:40:58 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2010/09/14 23:32:19 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2010/09/14 23:32:19 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/09/14 23:32:19 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2010/09/14 23:32:19 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2010/09/14 23:32:19 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2011/03/06 15:39:53 | 000,007,826 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.10 www.ripway.com
    O1 - Hosts: 127.0.0.11 www.rapidshare.com
    O1 - Hosts: 127.0.0.12 www.hotfile.com
    O1 - Hosts: 127.0.0.13 www.progenic.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.18 www.freeforums.org
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 127.0.0.23 www.tumblr.com
    O1 - Hosts: 127.0.0.4 www.total.com
    O1 - Hosts: 127.0.0.7 www.friendster.com
    O1 - Hosts: 127.0.0.8 www.twitter.com
    O1 - Hosts: 127.0.0.10 www.ripway.com
    O1 - Hosts: 127.0.0.11 www.rapidshare.com
    O1 - Hosts: 127.0.0.12 www.hotfile.com
    O1 - Hosts: 127.0.0.13 www.progenic.com
    O1 - Hosts: 127.0.0.25 www.esetnod32keys.com
    O1 - Hosts: 127.0.0.18 www.freeforums.org
    O1 - Hosts: 127.0.0.20 www.fortiguard.com
    O1 - Hosts: 127.0.0.21 www.mediafire.com
    O1 - Hosts: 127.0.0.22 www.webs.com
    O1 - Hosts: 321 more lines...
    O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.3.62.1\facemoods.dll (facemoods.com)
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [DowNiT - DofVictime2] C:\Windows\MicrosoftFolder\DofVictime2.exe ()
    O4 - HKLM..\Run: [DowNiT - Microframework] C:\Windows\MicrosoftFolder\Microframework.exe ()
    O4 - Startup: C:\Users\hakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - File not found
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2001/07/27 08:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
    O33 - MountPoints2\{5ee940df-f652-11df-ae15-001fd0da5085}\Shell - "" = AutoRun
    O33 - MountPoints2\{5ee940df-f652-11df-ae15-001fd0da5085}\Shell\AutoRun\command - "" = J:\Startme.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/05/01 10:14:51 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\la mise à jour du 29 avril
    [2011/04/30 22:27:03 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{FAC3AAB0-50E4-448A-B380-01218499CDCB}
    [2011/04/29 16:35:20 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\QuickScan
    [2011/04/29 16:30:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
    [2011/04/29 07:52:22 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{30DB717E-0937-47A4-B2A8-36D1258A3E00}
    [2011/04/28 15:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Infusion-Paradise
    [2011/04/28 08:14:31 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{2C6ACCBD-7459-45E8-B83B-966DB088974B}
    [2011/04/27 20:48:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
    [2011/04/27 20:48:31 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
    [2011/04/27 20:48:31 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
    [2011/04/27 20:48:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
    [2011/04/27 20:48:27 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
    [2011/04/27 20:48:26 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
    [2011/04/27 20:13:43 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{A4658DD7-94B3-439C-9309-C9DC16BED132}
    [2011/04/27 00:23:50 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{5FDA2566-63B1-42F9-8C02-4EC54F0B4688}
    [2011/04/26 15:47:58 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyProduct
    [2011/04/26 12:23:15 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{69AFD0F8-8170-4845-B8B9-2B7EB154C005}
    [2011/04/25 21:32:44 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arkos
    [2011/04/25 18:07:31 | 000,000,000 | -H-D | C] -- C:\Windows\MicrosoftFolder
    [2011/04/25 17:39:43 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{B11E884D-AFE3-40CE-919D-C06413A396A3}
    [2011/04/25 01:15:10 | 000,000,000 | R--D | C] -- C:\Users\hakim\Contacts
    [2011/04/24 14:32:42 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{92F9E309-FA69-492C-8AFD-F43FE37B4782}
    [2011/04/23 08:33:39 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{13AA431E-5751-4321-BE28-22476895FBEF}
    [2011/04/22 06:53:45 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{2820834E-9267-43AB-BBCD-2F9F70F838E5}
    [2011/04/21 12:29:40 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{2029653C-0152-4591-B622-EB1C7D53B40A}
    [2011/04/21 11:47:46 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
    [2011/04/21 11:47:45 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
    [2011/04/20 20:28:07 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2011/04/20 12:23:46 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{16E63020-C54F-4F92-B931-494FE0629BEE}
    [2011/04/20 00:23:10 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{F3B933C7-52CA-4255-A931-C8CD279A3E4F}
    [2011/04/19 12:22:35 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{2E588A38-42B6-41E9-92CB-3C2A5CC8105A}
    [2011/04/17 13:48:23 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{46E36AD6-3CBE-4B18-A321-9DA31D60BAD0}
    [2011/04/17 01:47:27 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{847E8CDB-7F2B-42CB-92F8-38C60AE3CF5D}
    [2011/04/16 13:07:42 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{EF2506FA-3D69-4213-8C73-BFDBE0924A3A}
    [2011/04/16 01:07:06 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{1920E9FD-CA92-4129-AF5C-992DEB7192D5}
    [2011/04/15 13:06:15 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{4EABB21D-A65D-4B16-9889-5382F8AF529A}
    [2011/04/15 01:05:21 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{B5C84786-BA99-4491-96E0-BCF4D5184CCC}
    [2011/04/14 13:04:44 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{65DCE058-0244-410B-80AB-A77ADE0D0EE5}
    [2011/04/14 06:46:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2011/04/14 06:46:28 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2011/04/14 06:46:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
    [2011/04/14 06:46:26 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
    [2011/04/14 06:46:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
    [2011/04/14 06:46:20 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2011/04/14 06:46:20 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
    [2011/04/14 06:46:20 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2011/04/14 06:46:20 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2011/04/14 06:46:20 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2011/04/14 06:46:20 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2011/04/14 06:46:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2011/04/14 06:46:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2011/04/14 06:46:20 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2011/04/14 06:46:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2011/04/14 06:46:20 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2011/04/14 06:46:05 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2011/04/14 06:46:04 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
    [2011/04/14 06:46:03 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
    [2011/04/14 06:46:01 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
    [2011/04/14 06:46:01 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
    [2011/04/13 20:54:17 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{86B52191-DDAA-487B-B9E9-1F9FA91D854B}
    [2011/04/13 20:42:45 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dofus 2
    [2011/04/13 20:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\Dofus 2
    [2011/04/12 07:16:30 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{DBF7A7A6-20F2-4FA5-941E-1F722BE603A1}
    [2011/04/11 19:15:55 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{3952B4E0-3D18-4F5E-A6AB-C7985ED75141}
    [2011/04/11 07:15:06 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{684BF04E-5C69-45A5-BC1B-E59F45504703}
    [2011/04/10 11:55:23 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{86D8B5A8-DA40-4406-81E7-1172346D3F41}
    [2011/04/10 00:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar
    [2011/04/10 00:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\HBLiteSA
    [2011/04/10 00:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
    [2011/04/10 00:17:36 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\HBLite
    [2011/04/10 00:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\HBLite
    [2011/04/10 00:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\ShoppingReport2
    [2011/04/09 23:54:38 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{8C9164A2-7268-4431-952C-3EAA56E826DA}
    [2011/04/09 07:59:33 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualZ Launcher
    [2011/04/09 03:27:52 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{E9190AE6-DA2D-4E7D-9395-A26839940496}
    [2011/04/08 20:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gost-Serveur
    [2011/04/08 20:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\Gost-Serveur
    [2011/04/08 15:27:14 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{43C18AEF-102F-4298-A466-31F23DD03BEA}
    [2011/04/07 19:58:03 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiiXion'S Installateur
    [2011/04/07 19:32:25 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{9E017016-CED7-47EC-BDC0-E0F936148345}
    [2011/04/06 07:48:33 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{63EF63CE-DE84-4145-AFD5-3D3365E65EFB}
    [2011/04/05 19:47:59 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{68D31AD4-263F-44FF-82FF-D81F73B03FC5}
    [2011/04/04 16:52:44 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{E1DC8395-5E7D-4463-8381-5C5C1E97CB27}
    [2011/04/03 19:22:43 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{0FEEDC9B-C306-4BBE-9CDD-137E5D3B869E}
    [2011/04/03 00:37:08 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{813BDADA-84E1-4BC1-A126-BC97E1253C92}

    ========== Files - Modified Within 30 Days ==========

    [2011/05/02 09:32:46 | 000,019,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/05/02 09:32:46 | 000,019,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/05/02 09:31:22 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2011/05/02 09:31:22 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2011/05/02 09:31:22 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2011/05/02 09:31:22 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2011/05/02 09:25:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/05/02 09:25:20 | 1408,933,888 | -HS- | M] () -- C:\hiberfil.sys
    [2011/04/29 21:56:42 | 000,575,561 | ---- | M] () -- C:\ProgramData\bdinstall.bin
    [2011/04/29 19:41:49 | 000,000,234 | ---- | M] () -- C:\ProgramData\search_result.xml
    [2011/04/29 18:57:55 | 000,001,885 | ---- | M] () -- C:\Users\hakim\Desktop\Mozilla Firefox.lnk
    [2011/04/29 17:05:19 | 000,000,000 | ---- | M] () -- C:\Windows\System32\imblacklist.dat
    [2011/04/29 17:04:00 | 000,000,415 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
    [2011/04/27 18:44:49 | 001,352,456 | ---- | M] () -- C:\Users\hakim\Documents\bitdefender-antivirus-2011_bitdefender_antivirus_2011_francais_35804.65&h=3970cd834333fe4bd611446f18f9d344
    [2011/04/26 14:36:41 | 000,000,968 | ---- | M] () -- C:\Users\hakim\Desktop\Dofus.lnk
    [2011/04/26 11:00:43 | 000,000,008 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_1
    [2011/04/26 11:00:03 | 000,000,169 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\D2Info0
    [2011/04/26 09:50:08 | 000,000,008 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_2
    [2011/04/25 18:07:49 | 000,000,008 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_3
    [2011/04/25 17:53:15 | 000,294,400 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\All-hack-habbo V3 Release.exe
    [2011/04/25 12:31:45 | 003,812,471 | ---- | M] () -- C:\Users\hakim\Desktop\116 - Be Faithful - Fatman Scoop Ft the Crooklyn Clan.mp3
    [2011/04/24 13:17:31 | 000,000,008 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_4
    [2011/04/22 11:30:58 | 000,920,054 | ---- | M] () -- C:\Users\hakim\Desktop\22042011057.JPG
    [2011/04/22 11:30:54 | 000,918,751 | ---- | M] () -- C:\Users\hakim\Desktop\22042011056.JPG
    [2011/04/22 11:30:40 | 000,964,324 | ---- | M] () -- C:\Users\hakim\Desktop\22042011055.JPG
    [2011/04/22 11:30:34 | 000,904,220 | ---- | M] () -- C:\Users\hakim\Desktop\22042011054.JPG
    [2011/04/20 21:12:11 | 000,000,008 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_5
    [2011/04/17 16:14:39 | 001,429,722 | ---- | M] () -- C:\Users\hakim\Desktop\17042011028.JPG
    [2011/04/17 15:59:06 | 001,202,846 | ---- | M] () -- C:\Users\hakim\Desktop\17042011029.JPG
    [2011/04/17 15:58:54 | 001,120,257 | ---- | M] () -- C:\Users\hakim\Desktop\17042011030.JPG
    [2011/04/15 19:40:33 | 000,002,210 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
    [2011/04/15 03:22:13 | 000,289,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2011/04/11 23:23:37 | 923,736,112 | ---- | M] () -- C:\Users\hakim\Desktop\FUNK_MAXI_COM.rar
    [2011/04/07 20:19:37 | 000,085,386 | ---- | M] () -- C:\Program Files\Uninstal.exe
    [2011/04/03 18:14:43 | 004,706,594 | ---- | M] () -- C:\Users\hakim\Desktop\Magic-Afr.rar

    ========== Files Created - No Company Name ==========

    [2011/04/29 19:41:40 | 000,000,234 | ---- | C] () -- C:\ProgramData\search_result.xml
    [2011/04/29 18:57:55 | 000,001,885 | ---- | C] () -- C:\Users\hakim\Desktop\Mozilla Firefox.lnk
    [2011/04/29 17:05:19 | 000,000,000 | ---- | C] () -- C:\Windows\System32\imblacklist.dat
    [2011/04/29 17:04:00 | 000,000,415 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
    [2011/04/29 16:30:14 | 000,575,561 | ---- | C] () -- C:\ProgramData\bdinstall.bin
    [2011/04/27 18:44:44 | 001,352,456 | ---- | C] () -- C:\Users\hakim\Documents\bitdefender-antivirus-2011_bitdefender_antivirus_2011_francais_35804.65&h=3970cd834333fe4bd611446f18f9d344
    [2011/04/26 14:36:41 | 000,000,968 | ---- | C] () -- C:\Users\hakim\Desktop\Dofus.lnk
    [2011/04/25 17:53:15 | 000,294,400 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\All-hack-habbo V3 Release.exe
    [2011/04/25 12:31:27 | 003,812,471 | ---- | C] () -- C:\Users\hakim\Desktop\116 - Be Faithful - Fatman Scoop Ft the Crooklyn Clan.mp3
    [2011/04/22 11:33:07 | 000,964,324 | ---- | C] () -- C:\Users\hakim\Desktop\22042011055.JPG
    [2011/04/22 11:33:07 | 000,920,054 | ---- | C] () -- C:\Users\hakim\Desktop\22042011057.JPG
    [2011/04/22 11:33:07 | 000,918,751 | ---- | C] () -- C:\Users\hakim\Desktop\22042011056.JPG
    [2011/04/22 11:33:07 | 000,904,220 | ---- | C] () -- C:\Users\hakim\Desktop\22042011054.JPG
    [2011/04/20 20:28:07 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_5
    [2011/04/17 16:03:54 | 001,120,257 | ---- | C] () -- C:\Users\hakim\Desktop\17042011030.JPG
    [2011/04/17 15:59:43 | 001,429,722 | ---- | C] () -- C:\Users\hakim\Desktop\17042011028.JPG
    [2011/04/17 15:59:43 | 001,202,846 | ---- | C] () -- C:\Users\hakim\Desktop\17042011029.JPG
    [2011/04/12 17:49:21 | 006,046,284 | ---- | C] () -- C:\Users\hakim\Desktop\Aaron Broomfield - don't cover up your feelings.mp3
    [2011/04/12 17:49:20 | 006,640,399 | ---- | C] () -- C:\Users\hakim\Desktop\Xavier, Work That Sucker To Death.mp3
    [2011/04/12 17:49:20 | 006,634,978 | ---- | C] () -- C:\Users\hakim\Desktop\Zebrass - Feel so good.mp3
    [2011/04/12 17:49:20 | 005,281,836 | ---- | C] () -- C:\Users\hakim\Desktop\Yasuko Agawa - L. A. Nights.mp3
    [2011/04/12 17:49:19 | 006,228,723 | ---- | C] () -- C:\Users\hakim\Desktop\Victor Tavares - Show me.mp3
    [2011/04/12 17:49:18 | 005,546,404 | ---- | C] () -- C:\Users\hakim\Desktop\Vicky D.-This Beat Is Mine .mp3
    [2011/04/12 17:49:17 | 005,676,021 | ---- | C] () -- C:\Users\hakim\Desktop\Uk Players - Love's Gonna Get You.mp3
    [2011/04/12 17:49:17 | 005,524,050 | ---- | C] () -- C:\Users\hakim\Desktop\Unique - You make me feel so good (UL) g.mp3
    [2011/04/12 17:49:17 | 004,999,087 | ---- | C] () -- C:\Users\hakim\Desktop\unlimited touch - feel the music.mp3
    [2011/04/12 17:49:16 | 005,865,307 | ---- | C] () -- C:\Users\hakim\Desktop\tyrone brunson - the smurf.mp3
    [2011/04/12 17:49:16 | 005,534,515 | ---- | C] () -- C:\Users\hakim\Desktop\tracy Weber- Sure Shot .mp3
    [2011/04/12 17:49:16 | 003,689,202 | ---- | C] () -- C:\Users\hakim\Desktop\ts Monk - Bon Bon Vie .mp3
    [2011/04/12 17:49:15 | 005,731,756 | ---- | C] () -- C:\Users\hakim\Desktop\tony jackson - Steppin' out on the groove.mp3
    [2011/04/12 17:49:14 | 007,615,734 | ---- | C] () -- C:\Users\hakim\Desktop\The System - This Is For You.mp3
    [2011/04/12 17:49:13 | 006,812,820 | ---- | C] () -- C:\Users\hakim\Desktop\The O' Jays - Put our heads together.mp3
    [2011/04/12 17:49:13 | 003,700,966 | ---- | C] () -- C:\Users\hakim\Desktop\The Limit - She's so divine.mp3
    [2011/04/12 17:49:12 | 010,862,305 | ---- | C] () -- C:\Users\hakim\Desktop\the gents - for you my baby love.mp3
    [2011/04/12 17:49:12 | 003,816,430 | ---- | C] () -- C:\Users\hakim\Desktop\The Dazz Band - Let It All Blow.mp3
    [2011/04/12 17:49:11 | 005,503,250 | ---- | C] () -- C:\Users\hakim\Desktop\tavares - i got to find my way back to you.mp3
    [2011/04/12 17:49:11 | 005,442,318 | ---- | C] () -- C:\Users\hakim\Desktop\The Band AKA - Joy 5313.mp3
    [2011/04/12 17:49:11 | 001,396,854 | ---- | C] () -- C:\Users\hakim\Desktop\Temper - No Favours.mp3
    [2011/04/12 17:49:10 | 004,946,633 | ---- | C] () -- C:\Users\hakim\Desktop\Taste Of Honey - Sayonara.mp3
    [2011/04/12 17:49:08 | 015,345,790 | ---- | C] () -- C:\Users\hakim\Desktop\Taana Gardner - When You Touch Me.mp3
    [2011/04/12 17:49:07 | 007,364,843 | ---- | C] () -- C:\Users\hakim\Desktop\t c curtic - You should have known better.mp3
    [2011/04/12 17:49:07 | 005,579,423 | ---- | C] () -- C:\Users\hakim\Desktop\sos band - S.O.S..mp3
    [2011/04/12 17:49:06 | 006,460,690 | ---- | C] () -- C:\Users\hakim\Desktop\Silver Platinum - Party's Over.mp3
    [2011/04/12 17:49:06 | 006,242,998 | ---- | C] () -- C:\Users\hakim\Desktop\slave Just a Touch of Love .mp3
    [2011/04/12 17:49:06 | 006,108,968 | ---- | C] () -- C:\Users\hakim\Desktop\Skyy - Call Me.mp3
    [2011/04/12 17:49:05 | 008,642,144 | ---- | C] () -- C:\Users\hakim\Desktop\Sharon Brown - I Specialize In Love.mp3
    [2011/04/12 17:49:04 | 006,637,848 | ---- | C] () -- C:\Users\hakim\Desktop\Serge Ponsar - Out In The Night.mp3
    [2011/04/12 17:49:04 | 004,976,768 | ---- | C] () -- C:\Users\hakim\Desktop\Shalamar - A Night To Remember.mp3
    [2011/04/12 17:49:04 | 003,901,852 | ---- | C] () -- C:\Users\hakim\Desktop\Shania Twain - Im Gonna Getcha (Good)! Real Version.mp3
    [2011/04/12 17:49:03 | 007,394,548 | ---- | C] () -- C:\Users\hakim\Desktop\Secret Weapon - Must Be The Music.mp3
    [2011/04/12 17:49:03 | 004,609,340 | ---- | C] () -- C:\Users\hakim\Desktop\Second Image - dance dance dance.mp3
    [2011/04/12 17:49:02 | 006,189,515 | ---- | C] () -- C:\Users\hakim\Desktop\Rocket - I Wanna Know.mp3
    [2011/04/12 17:49:02 | 004,104,862 | ---- | C] () -- C:\Users\hakim\Desktop\Sadane - Sit Up.mp3
    [2011/04/12 17:49:01 | 005,528,014 | ---- | C] () -- C:\Users\hakim\Desktop\Richard Jon Smith - Stay with me tonight.mp3
    [2011/04/12 17:49:01 | 004,616,445 | ---- | C] () -- C:\Users\hakim\Desktop\Rhyze - Do you dance.mp3
    [2011/04/12 17:49:01 | 003,265,055 | ---- | C] () -- C:\Users\hakim\Desktop\Ritchie Family - I'll do my best.mp3
    [2011/04/12 17:49:00 | 006,299,149 | ---- | C] () -- C:\Users\hakim\Desktop\raw silk - Do It To The Music.mp3
    [2011/04/12 17:49:00 | 004,359,818 | ---- | C] () -- C:\Users\hakim\Desktop\Ray Parker Jr. And Raydio - For Those Who Like To Groove.mp3
    [2011/04/12 17:48:59 | 006,539,893 | ---- | C] () -- C:\Users\hakim\Desktop\rah band - Clouds Across The Moon (Tiefschwarz Cloudy Vocal .mp3
    [2011/04/12 17:48:57 | 007,266,725 | ---- | C] () -- C:\Users\hakim\Desktop\Pure Energy - One Hot Night.mp3
    [2011/04/12 17:48:57 | 007,139,665 | ---- | C] () -- C:\Users\hakim\Desktop\radiance - you're my number one1.mp3
    [2011/04/12 17:48:56 | 006,963,948 | ---- | C] () -- C:\Users\hakim\Desktop\positive force - we got the funk.mp3
    [2011/04/12 17:48:56 | 005,069,513 | ---- | C] () -- C:\Users\hakim\Desktop\Plush - Free and easy.mp3
    [2011/04/12 17:48:56 | 004,206,009 | ---- | C] () -- C:\Users\hakim\Desktop\Phyllis St James - Ain't No Turn Back.mp3
    [2011/04/12 17:48:56 | 002,982,483 | ---- | C] () -- C:\Users\hakim\Desktop\pleasure - Stone Love.mp3
    [2011/04/12 17:48:55 | 005,706,482 | ---- | C] () -- C:\Users\hakim\Desktop\Patti Jo - Ain't No Love Lost.mp3
    [2011/04/12 17:48:55 | 004,499,834 | ---- | C] () -- C:\Users\hakim\Desktop\Patrice Rushen - Forget Me Nots.mp3
    [2011/04/12 17:48:54 | 010,985,145 | ---- | C] () -- C:\Users\hakim\Desktop\Passion - Don't stop my love.mp3
    [2011/04/12 17:48:54 | 006,543,655 | ---- | C] () -- C:\Users\hakim\Desktop\Ozone - Gigolette.mp3
    [2011/04/12 17:48:53 | 006,734,662 | ---- | C] () -- C:\Users\hakim\Desktop\Output - Move for me.mp3
    [2011/04/12 17:48:53 | 005,657,530 | ---- | C] () -- C:\Users\hakim\Desktop\Orient Express - Shine On.mp3
    [2011/04/12 17:48:52 | 006,951,972 | ---- | C] () -- C:\Users\hakim\Desktop\One Way -Music.mp3
    [2011/04/12 17:48:52 | 004,259,074 | ---- | C] () -- C:\Users\hakim\Desktop\One on One - Gotta thang.mp3
    [2011/04/12 17:48:51 | 002,917,023 | ---- | C] () -- C:\Users\hakim\Desktop\Oliver Cheatham - Get down Saturday Night.mp3
    [2011/04/12 17:48:50 | 007,823,101 | ---- | C] () -- C:\Users\hakim\Desktop\North End - Happy Days.mp3
    [2011/04/12 17:48:50 | 001,628,798 | ---- | C] () -- C:\Users\hakim\Desktop\norman connors - Take It To The Limit.mp3
    [2011/04/12 17:48:49 | 006,197,167 | ---- | C] () -- C:\Users\hakim\Desktop\New Jersey Connection - love don't come easy.mp3
    [2011/04/12 17:48:49 | 004,994,279 | ---- | C] () -- C:\Users\hakim\Desktop\Network - I Need You.mp3
    [2011/04/12 17:48:48 | 006,800,253 | ---- | C] () -- C:\Users\hakim\Desktop\mystic merlin - Can't stop dancin'.mp3
    [2011/04/12 17:48:48 | 005,721,947 | ---- | C] () -- C:\Users\hakim\Desktop\Mtume - Juicy Fruit.mp3
    [2011/04/12 17:48:47 | 007,553,184 | ---- | C] () -- C:\Users\hakim\Desktop\mike francis - Let's Not Talk About It.mp3
    [2011/04/12 17:48:47 | 006,535,714 | ---- | C] () -- C:\Users\hakim\Desktop\Mike & Brenda Sutton - Don't let go off me.mp3
    [2011/04/12 17:48:46 | 007,798,682 | ---- | C] () -- C:\Users\hakim\Desktop\Maxine Singleton - You Can't Run From My Love.mp3
    [2011/04/12 17:48:46 | 003,904,660 | ---- | C] () -- C:\Users\hakim\Desktop\melba moore - Love Me Right.mp3
    [2011/04/12 17:47:47 | 006,033,745 | ---- | C] () -- C:\Users\hakim\Desktop\Advance - Take Me to the Top .mp3
    [2011/04/11 22:29:35 | 923,736,112 | ---- | C] () -- C:\Users\hakim\Desktop\FUNK_MAXI_COM.rar
    [2011/04/07 20:19:37 | 000,085,386 | ---- | C] () -- C:\Program Files\Uninstal.exe
    [2011/02/13 09:43:37 | 000,000,261 | ---- | C] () -- C:\Windows\WPE PRO - modified.INI
    [2011/01/02 18:40:01 | 000,099,548 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
    [2010/12/27 13:54:45 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
    [2010/12/06 22:34:42 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId1_3
    [2010/12/06 22:23:46 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId1_1
    [2010/12/06 22:19:06 | 000,000,177 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\D2Info1
    [2010/12/06 22:19:06 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId1_2
    [2010/11/25 18:23:20 | 000,000,724 | ---- | C] () -- C:\Program Files\Bibliothèques - Raccourci.lnk
    [2010/11/19 13:01:45 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_4
    [2010/11/10 19:40:17 | 000,000,023 | ---- | C] () -- C:\Windows\SWFDecompiler.INI
    [2010/11/05 13:40:01 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_3
    [2010/11/05 12:50:32 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_1
    [2010/11/05 08:30:50 | 000,000,169 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\D2Info0
    [2010/11/05 08:30:50 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_2
    [2010/11/04 08:40:50 | 000,000,000 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\chrtmp
    [2010/10/29 13:22:58 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
    [2009/07/14 10:39:49 | 000,704,242 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
    [2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
    [2009/07/14 10:39:49 | 000,130,548 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
    [2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
    [2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/14 06:33:53 | 000,289,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
    [2009/07/14 04:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat
    [2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
    [2009/07/14 04:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
    [2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
    [2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
    [2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
    [2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
    [2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
    [2006/01/26 10:17:54 | 000,000,114 | -H-- | C] () -- C:\Users\hakim\AppData\Roaming\logs.dat

    ========== LOP Check ==========

    [2010/11/05 08:30:52 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\app
    [2011/04/22 06:57:04 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus 2
    [2010/11/20 16:45:36 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/11/05 13:40:01 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/11/19 13:01:45 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2011/04/20 20:28:07 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/11/20 16:46:07 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2011/02/20 10:51:36 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus2Beta
    [2010/12/06 22:19:06 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\DofusBeta-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/12/06 22:34:42 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\DofusBeta-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/12/06 22:23:46 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\DofusBeta.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2011/04/10 00:17:36 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\HBLite
    [2010/10/17 23:42:34 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\OpenOffice.org
    [2011/03/06 20:40:52 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\PhotoFiltre Studio X
    [2011/04/29 16:35:20 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\QuickScan
    [2010/11/05 08:30:52 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/12/06 22:19:10 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\RegBeta.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/11/08 22:48:45 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Shareaza
    [2011/03/26 20:10:53 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Sony
    [2010/12/21 19:02:29 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\TeamViewer
    [2011/04/29 19:39:38 | 000,000,000 | RHSD | M] -- C:\Users\hakim\AppData\Roaming\zlvp
    [2011/04/02 12:32:26 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Files - Unicode (All) ==========
    [2011/04/29 17:02:24 | 000,000,000 | ---- | M] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污
    [2011/04/29 17:02:24 | 000,000,000 | ---- | C] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 16 bytes -> C:\Users\hakim\Downloads:Shareaza.GUID
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0C1EFF69

    < End of report >
    a c 267 8 Sécurité
    2 Mai 2011 13:18:37

    Citation :
    O4 - HKLM\..\Run: [DowNiT - DofVictime2] C:\Windows\MicrosoftFolder\DofVictime2.exe ()
    O4 - HKLM\..\Run: [DowNiT - Microframework] C:\Windows\MicrosoftFolder\Microframework.exe ()

    --> Je ne connais pas ces processus, peux-tu m'éclairer ?

    Je vois des adwares.

  • Utilise l'option "Scanner" d'Ad-Remover et poste le rapport :
    http://www.teamxscript.org/adremoverTelechargement.html
    2 Mai 2011 13:24:58

    Mince je le trouve pas ?
    a c 267 8 Sécurité
    2 Mai 2011 13:39:20

    Tant pis pour le rapport Extras, on fera sans.
    2 Mai 2011 20:38:19

    Pour les processus que tu ma citer sa doit etre mon petit frère qui a télécharger des prog pour dofus d'ailleurs a chaque lancement du pc j'ai des message pour en exécuter .

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 20:33:50 le 02/05/2011, Mode normal

    Microsoft Windows 7 Édition Familiale Premium (X86)
    hakim@HAKIM-PC (Gigabyte Technology Co., Ltd. M61PME-S2)

    ============== RECHERCHE ==============


    Dossier trouvé: C:\Program Files\Mozilla FireFox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}
    Dossier trouvé: C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
    Dossier trouvé: C:\Users\hakim\AppData\Roaming\HBLite
    Dossier trouvé: C:\Program Files\HBLite
    Dossier trouvé: C:\ProgramData\HBLiteSA
    Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar
    Dossier trouvé: C:\Users\hakim\AppData\LocalLow\ShoppingReport2
    Dossier trouvé: C:\Program Files\ShoppingReport2

    Clé trouvée: HKLM\Software\Classes\CLSID\{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE}
    Clé trouvée: HKLM\Software\Classes\CLSID\{4E674574-3F0B-491d-8AE3-F90B43A34FD6}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4E674574-3F0B-491d-8AE3-F90B43A34FD6}
    Clé trouvée: HKLM\Software\Classes\HBLiteAx.Info
    Clé trouvée: HKLM\Software\Classes\HBLiteAx.Info.1
    Clé trouvée: HKLM\Software\Classes\HBLiteAX.UserProfiles
    Clé trouvée: HKLM\Software\Classes\HBLiteAX.UserProfiles.1
    Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbAx
    Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbAx.1
    Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand
    Clé trouvée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand.1
    Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButton
    Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButton.1
    Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButtonA
    Clé trouvée: HKLM\Software\Classes\ShoppingReport2.IEButtonA.1
    Clé trouvée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl
    Clé trouvée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl.1
    Clé trouvée: HKLM\Software\HBLite
    Clé trouvée: HKLM\Software\ScanQuery
    Clé trouvée: HKLM\Software\ShoppingReport2
    Clé trouvée: HKCU\Software\HBliteSA
    Clé trouvée: HKCU\Software\ShoppingReport2
    Clé trouvée: HKCU\Software\AppDataLow\Software\ShoppingReport2
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6}


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.6.17 (fr)] ****

    HKLM_MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0 (x)
    Extensions\ffxtlbr@Facemoods.com (Facemoods)
    Extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64} (ScanQuery)
    HKLM_Extensions|HBLite@HBLite.com - C:\Program Files\HBLite\bin\11.0.363.0\firefox\extensions

    -- C:\Users\hakim\AppData\Roaming\Mozilla\FireFox\Profiles\2d2m7r13.default --
    Prefs.js - browser.download.lastDir, C:\\Users\\hakim\\Pictures
    Prefs.js - browser.search.defaultenginename, Bing
    Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
    Prefs.js - browser.search.selectedEngine, Google
    Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.17
    Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=

    ========================================

    **** Internet Explorer Version [8.0.7600.16385] ****

    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (x)
    HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (x)
    HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (x)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (x)
    HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (x)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} - C:\Program Files\HBLite\bin\11.0.363.0\Weather.exe (x)
    HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (x)
    HKLM_Extensions\{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - "Sothink SWF Catcher" (C:\Program Files\Common Files\SourceTec\SWF Catcher\SWFCatcher.dll,128)
    BHO\{64182481-4F71-486b-A045-B233BD0DA8FC} - "CescrtHlpr Object" (C:\Program Files\facemoods.com\facemoods\1.3.62.1\facemoods.dll)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 02/05/2011 20:34:11 (5631 Octet(s))

    Fin à: 20:35:54, 02/05/2011

    ============== E.O.F ==============
    a c 267 8 Sécurité
    2 Mai 2011 20:47:15

    Ok, relance Ad-Remover, choisis "Nettoyer" et poste le rapport.
    2 Mai 2011 22:41:44

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:34:26 le 02/05/2011, Mode normal

    Microsoft Windows 7 Édition Familiale Premium (X86)
    hakim@HAKIM-PC (Gigabyte Technology Co., Ltd. M61PME-S2)

    ============== ACTION(S) ==============


    Erreur suppression dossier: C:\Program Files\Mozilla FireFox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}
    Dossier supprimé: C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
    Dossier supprimé: C:\Users\hakim\AppData\Roaming\HBLite
    Dossier supprimé: C:\Program Files\HBLite
    Dossier supprimé: C:\ProgramData\HBLiteSA
    Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar
    Dossier supprimé: C:\Users\hakim\AppData\LocalLow\ShoppingReport2
    Dossier supprimé: C:\Program Files\ShoppingReport2

    (!) -- Fichiers temporaires supprimés.


    Clé supprimée: HKLM\Software\Classes\CLSID\{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE}
    Clé supprimée: HKLM\Software\Classes\CLSID\{4E674574-3F0B-491d-8AE3-F90B43A34FD6}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4E674574-3F0B-491d-8AE3-F90B43A34FD6}
    Clé supprimée: HKLM\Software\Classes\HBLiteAx.Info
    Clé supprimée: HKLM\Software\Classes\HBLiteAx.Info.1
    Clé supprimée: HKLM\Software\Classes\HBLiteAX.UserProfiles
    Clé supprimée: HKLM\Software\Classes\HBLiteAX.UserProfiles.1
    Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbAx
    Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbAx.1
    Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand
    Clé supprimée: HKLM\Software\Classes\ShoppingReport2.HbInfoBand.1
    Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButton
    Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButton.1
    Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButtonA
    Clé supprimée: HKLM\Software\Classes\ShoppingReport2.IEButtonA.1
    Clé supprimée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl
    Clé supprimée: HKLM\Software\Classes\ShoppingReport2.RprtCtrl.1
    Clé supprimée: HKLM\Software\HBLite
    Clé supprimée: HKLM\Software\ScanQuery
    Clé supprimée: HKLM\Software\ShoppingReport2
    Clé supprimée: HKCU\Software\HBliteSA
    Clé supprimée: HKCU\Software\ShoppingReport2
    Clé supprimée: HKCU\Software\AppDataLow\Software\ShoppingReport2
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6}


    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.6.17 (fr)] ****

    HKLM_MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0 (x)
    Extensions\ffxtlbr@Facemoods.com (Facemoods)
    Extensions - "{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}" (?)
    HKLM_Extensions|HBLite@HBLite.com - C:\Program Files\HBLite\bin\11.0.363.0\firefox\extensions (x)

    -- C:\Users\hakim\AppData\Roaming\Mozilla\FireFox\Profiles\2d2m7r13.default --
    Prefs.js - browser.download.lastDir, C:\\Users\\hakim\\Pictures
    Prefs.js - browser.search.defaultenginename, Bing
    Prefs.js - browser.search.defaulturl, hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
    Prefs.js - browser.search.selectedEngine, Google
    Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.17
    Prefs.js - keyword.URL, hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=

    ========================================

    **** Internet Explorer Version [8.0.7600.16385] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (x)
    HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (x)
    HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (x)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (x)
    HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (x)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (x)
    HKLM_Extensions\{E19ADC6E-3909-43E4-9A89-B7B676377EE3} - "Sothink SWF Catcher" (C:\Program Files\Common Files\SourceTec\SWF Catcher\SWFCatcher.dll,128)
    BHO\{64182481-4F71-486b-A045-B233BD0DA8FC} - "CescrtHlpr Object" (C:\Program Files\facemoods.com\facemoods\1.3.62.1\facemoods.dll)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 19 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 02/05/2011 22:34:29 (6098 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 02/05/2011 20:34:11 (5769 Octet(s))

    Fin à: 22:40:34, 02/05/2011

    ============== E.O.F ==============
    3 Mai 2011 17:10:04

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 6494

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    03/05/2011 15:39:13
    mbam-log-2011-05-03 (15-39-13).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 377825
    Temps écoulé: 49 minute(s), 46 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a c 267 8 Sécurité
    3 Mai 2011 19:36:52

  • Télécharge HostsXpert sur ton Bureau.
  • Décompresse-le (Clic droit >> Extraire ici).
  • Double-clique sur HostsXpert pour le lancer.
  • Clique sur le bouton Restore MS Hosts File puis ferme le programme.

    PS : avant de cliquer sur le bouton Restore MS Hosts File, vérifie que le cadenas en haut à gauche soit ouvert sinon tu vas avoir un message d'erreur.

  • Refais un scan OTL et poste le rapport OTL.
    3 Mai 2011 22:55:51

    J'arrive pas a le lancer ?
    a c 267 8 Sécurité
    3 Mai 2011 23:07:34

    Comment ça ?
    4 Mai 2011 01:55:59

    Je double clike dessus mais rien ne se passe.
    4 Mai 2011 16:06:32

    Maintenant quand je lance une recherche avec google sa m'affiche une page avec mon ip etc.. comme quoi google a détecter un trafic de réseau exceptionnel avec des robot ....
    5 Mai 2011 02:03:15

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 6494

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    04/05/2011 23:12:56
    mbam-log-2011-05-04 (23-12-56).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 378697
    Temps écoulé: 1 heure(s), 9 minute(s), 29 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    5 Mai 2011 20:58:12

    C'est bon ?
    6 Mai 2011 17:43:26

    Oulaa c'est compliquer la jvais essayer de modifier mais jpense pas y arriver .
    6 Mai 2011 21:44:39

    Ah ok c'est fait.
    a c 267 8 Sécurité
    6 Mai 2011 23:24:38

    Puis poste un nouveau rapport OTL.
    7 Mai 2011 12:59:33

    OTL logfile created on: 07/05/2011 12:57:05 - Run 4
    OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\hakim\Downloads
    Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 67,00% Memory free
    3,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 179,32 Gb Total Space | 118,44 Gb Free Space | 66,05% Space Free | Partition Type: NTFS
    Drive D: | 6,96 Gb Total Space | 1,03 Gb Free Space | 14,72% Space Free | Partition Type: FAT32

    Computer Name: HAKIM-PC | User Name: hakim | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
    PRC - C:\Windows\MicrosoftFolder\Microframework.exe ()
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
    PRC - C:\Users\hakim\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
    PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
    PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
    PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\hakim\AppData\Local\cleanhdd.dll (Microsoft Corporation)
    MOD - C:\Users\hakim\Downloads\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe File not found
    SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe File not found
    SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
    SRV - (Sony Ericsson PCCompanion) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
    SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
    SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
    SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
    SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
    SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
    SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
    SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
    SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
    SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
    SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
    SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
    SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
    SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
    SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
    SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
    SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
    SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
    SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
    SRV - (AxInstSV) Programme d’installation ActiveX (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
    SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
    SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
    SRV - (wampmysqld) -- c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe ()
    SRV - (wampapache) -- c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe (Apache Software Foundation)


    ========== Driver Services (SafeList) ==========

    DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
    DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
    DRV - (iaStorV) -- C:\Windows\system32\drivers\iaStorV.sys (Intel Corporation)
    DRV - (amdsata) -- C:\Windows\system32\drivers\amdsata.sys (Advanced Micro Devices)
    DRV - (amdxata) -- C:\Windows\system32\drivers\amdxata.sys (Advanced Micro Devices)
    DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
    DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
    DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
    DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
    DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
    DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
    DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
    DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
    DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
    DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
    DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
    DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
    DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
    DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
    DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
    DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
    DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
    DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
    DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
    DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
    DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
    DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
    DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
    DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
    DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
    DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
    DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
    DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
    DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
    DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
    DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
    DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
    DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
    DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
    DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
    DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
    DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
    DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
    DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
    DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
    DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
    DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
    DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
    DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
    DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
    DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
    DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
    DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
    DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
    DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
    DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
    DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
    DRV - (RTL8187B) -- C:\Windows\System32\drivers\RTL8187B.sys (Realtek Semiconductor Corporation )
    DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
    DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
    DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
    DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
    DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 4F 97 EA B0 6B CB 01 [binary data]
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Bing"
    FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"
    FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.0.4
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="

    FF - HKLM\software\mozilla\Firefox\Extensions\\HBLite@HBLite.com: C:\Program Files\HBLite\bin\11.0.363.0\firefox\extensions
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/04 08:51:59 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 11:41:59 | 000,000,000 | ---D | M]

    [2010/11/08 22:39:17 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\mozilla\Extensions
    [2010/11/08 22:39:17 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
    [2010/11/01 00:02:30 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\mozilla\Firefox\Profiles\2d2m7r13.default\extensions
    [2010/10/17 07:38:26 | 000,001,832 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\Mozilla\FireFox\Profiles\2d2m7r13.default\searchplugins\bing.xml
    [2011/05/07 10:48:21 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
    [2010/10/17 23:41:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/11/21 21:45:21 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\ffxtlbr@Facemoods.com
    [2010/10/17 23:40:58 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2010/09/14 23:32:19 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2010/09/14 23:32:19 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/09/14 23:32:19 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2010/09/14 23:32:19 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2010/09/14 23:32:19 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2010/11/21 15:59:18 | 000,000,089 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.3.62.1\facemoods.dll (facemoods.com)
    O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [DowNiT - DofVictime2] C:\Windows\MicrosoftFolder\DofVictime2.exe ()
    O4 - HKLM..\Run: [DowNiT - Microframework] C:\Windows\MicrosoftFolder\Microframework.exe ()
    O4 - HKCU..\Run: [Google - GoogleUpdater] C:\Users\hakim\AppData\Roaming\Google\GoogleUpdater.exe ()
    O4 - Startup: C:\Users\hakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
    O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll File not found
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/fl... (Shockwave Flash Object)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\LIVESSP.DLL (Microsoft Corp.)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2011/05/06 08:09:48 | 000,000,003 | ---- | M] () - C:\autorun.inf -- [ NTFS ]
    O32 - AutoRun File - [2001/07/27 08:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
    O32 - AutoRun File - [2011/05/06 04:23:28 | 000,000,003 | ---- | M] () - D:\autorun.inf -- [ FAT32 ]
    O33 - MountPoints2\{5ee940df-f652-11df-ae15-001fd0da5085}\Shell - "" = AutoRun
    O33 - MountPoints2\{5ee940df-f652-11df-ae15-001fd0da5085}\Shell\AutoRun\command - "" = J:\Startme.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/05/07 08:28:16 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{4F63ED36-6BE7-4702-B1DE-B717C6EF4D4C}
    [2011/05/06 12:30:08 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\PhotoFiltre
    [2011/05/06 12:30:06 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre
    [2011/05/06 10:29:05 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{1FB8B59C-747E-4AD3-A66D-BEF72FA93C4D}
    [2011/05/05 20:50:20 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{ACE167D7-DE7B-4C03-806F-4EEC0D0A041C}
    [2011/05/05 18:16:11 | 000,000,000 | ---D | C] -- C:\sys
    [2011/05/05 18:16:06 | 000,000,000 | -H-D | C] -- C:\Users\hakim\AppData\Roaming\Google
    [2011/05/05 08:49:38 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{DDFC33C3-2979-4E54-A79E-20EB99E45B1F}
    [2011/05/04 10:38:25 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{CEAD81D3-6C79-47AF-B02D-581B6A1AA005}
    [2011/05/03 09:39:39 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{245E86A2-9E5E-4E7A-A6B8-E0AC14222F54}
    [2011/04/30 22:27:03 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{FAC3AAB0-50E4-448A-B380-01218499CDCB}
    [2011/04/29 16:35:20 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\QuickScan
    [2011/04/29 16:30:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BitDefender
    [2011/04/29 07:52:22 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{30DB717E-0937-47A4-B2A8-36D1258A3E00}
    [2011/04/28 15:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Infusion-Paradise
    [2011/04/28 08:14:31 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{2C6ACCBD-7459-45E8-B83B-966DB088974B}
    [2011/04/27 20:48:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
    [2011/04/27 20:48:31 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
    [2011/04/27 20:48:31 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
    [2011/04/27 20:48:31 | 000,143,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys
    [2011/04/27 20:48:31 | 000,117,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys
    [2011/04/27 20:48:31 | 000,080,256 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdsata.sys
    [2011/04/27 20:48:30 | 000,332,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys
    [2011/04/27 20:48:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
    [2011/04/27 20:48:30 | 000,022,400 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdxata.sys
    [2011/04/27 20:48:27 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
    [2011/04/27 20:48:26 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
    [2011/04/27 20:13:43 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{A4658DD7-94B3-439C-9309-C9DC16BED132}
    [2011/04/27 00:23:50 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{5FDA2566-63B1-42F9-8C02-4EC54F0B4688}
    [2011/04/26 12:23:15 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{69AFD0F8-8170-4845-B8B9-2B7EB154C005}
    [2011/04/25 18:07:31 | 000,000,000 | -H-D | C] -- C:\Windows\MicrosoftFolder
    [2011/04/25 17:39:43 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{B11E884D-AFE3-40CE-919D-C06413A396A3}
    [2011/04/25 01:15:10 | 000,000,000 | R--D | C] -- C:\Users\hakim\Contacts
    [2011/04/24 14:32:42 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{92F9E309-FA69-492C-8AFD-F43FE37B4782}
    [2011/04/23 08:33:39 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{13AA431E-5751-4321-BE28-22476895FBEF}
    [2011/04/22 06:53:45 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{2820834E-9267-43AB-BBCD-2F9F70F838E5}
    [2011/04/21 12:29:40 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{2029653C-0152-4591-B622-EB1C7D53B40A}
    [2011/04/21 11:47:46 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
    [2011/04/21 11:47:45 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
    [2011/04/21 11:47:45 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
    [2011/04/20 20:28:07 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2011/04/20 12:23:46 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{16E63020-C54F-4F92-B931-494FE0629BEE}
    [2011/04/20 00:23:10 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{F3B933C7-52CA-4255-A931-C8CD279A3E4F}
    [2011/04/19 12:22:35 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{2E588A38-42B6-41E9-92CB-3C2A5CC8105A}
    [2011/04/17 13:48:23 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{46E36AD6-3CBE-4B18-A321-9DA31D60BAD0}
    [2011/04/17 01:47:27 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{847E8CDB-7F2B-42CB-92F8-38C60AE3CF5D}
    [2011/04/16 13:07:42 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{EF2506FA-3D69-4213-8C73-BFDBE0924A3A}
    [2011/04/16 01:07:06 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{1920E9FD-CA92-4129-AF5C-992DEB7192D5}
    [2011/04/15 13:06:15 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{4EABB21D-A65D-4B16-9889-5382F8AF529A}
    [2011/04/15 01:05:21 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{B5C84786-BA99-4491-96E0-BCF4D5184CCC}
    [2011/04/14 13:04:44 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{65DCE058-0244-410B-80AB-A77ADE0D0EE5}
    [2011/04/14 06:46:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2011/04/14 06:46:28 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2011/04/14 06:46:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
    [2011/04/14 06:46:26 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
    [2011/04/14 06:46:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
    [2011/04/14 06:46:20 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2011/04/14 06:46:20 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
    [2011/04/14 06:46:20 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2011/04/14 06:46:20 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2011/04/14 06:46:20 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2011/04/14 06:46:20 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2011/04/14 06:46:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2011/04/14 06:46:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2011/04/14 06:46:20 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2011/04/14 06:46:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2011/04/14 06:46:20 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2011/04/14 06:46:05 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2011/04/14 06:46:04 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
    [2011/04/14 06:46:03 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
    [2011/04/14 06:46:01 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
    [2011/04/14 06:46:01 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
    [2011/04/13 20:54:17 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{86B52191-DDAA-487B-B9E9-1F9FA91D854B}
    [2011/04/13 20:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\Dofus 2
    [2011/04/12 07:16:30 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{DBF7A7A6-20F2-4FA5-941E-1F722BE603A1}
    [2011/04/11 19:15:55 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{3952B4E0-3D18-4F5E-A6AB-C7985ED75141}
    [2011/04/11 07:15:06 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{684BF04E-5C69-45A5-BC1B-E59F45504703}
    [2011/04/10 11:55:23 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{86D8B5A8-DA40-4406-81E7-1172346D3F41}
    [2011/04/09 23:54:38 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{8C9164A2-7268-4431-952C-3EAA56E826DA}
    [2011/04/09 03:27:52 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{E9190AE6-DA2D-4E7D-9395-A26839940496}
    [2011/04/08 20:15:28 | 000,000,000 | ---D | C] -- C:\Program Files\Gost-Serveur
    [2011/04/08 15:27:14 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{43C18AEF-102F-4298-A466-31F23DD03BEA}
    [2011/04/07 19:32:25 | 000,000,000 | ---D | C] -- C:\Users\hakim\AppData\Local\{9E017016-CED7-47EC-BDC0-E0F936148345}

    ========== Files - Modified Within 30 Days ==========

    [2011/05/07 08:24:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/05/06 21:11:16 | 000,019,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/05/06 21:11:16 | 000,019,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/05/06 15:10:13 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2011/05/06 15:10:13 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2011/05/06 15:10:13 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2011/05/06 15:10:13 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2011/05/06 15:04:09 | 1408,933,888 | -HS- | M] () -- C:\hiberfil.sys
    [2011/05/06 15:03:04 | 087,130,316 | ---- | M] () -- C:\Users\hakim\Desktop\__rar_00.019
    [2011/05/06 12:30:07 | 000,001,001 | ---- | M] () -- C:\Users\hakim\Desktop\PhotoFiltre.lnk
    [2011/05/06 08:09:48 | 000,000,003 | ---- | M] () -- C:\autorun.inf
    [2011/04/29 21:56:42 | 000,575,561 | ---- | M] () -- C:\ProgramData\bdinstall.bin
    [2011/04/29 19:41:49 | 000,000,234 | ---- | M] () -- C:\ProgramData\search_result.xml
    [2011/04/29 18:57:55 | 000,001,885 | ---- | M] () -- C:\Users\hakim\Desktop\Mozilla Firefox.lnk
    [2011/04/29 17:05:19 | 000,000,000 | ---- | M] () -- C:\Windows\System32\imblacklist.dat
    [2011/04/29 17:04:00 | 000,000,415 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
    [2011/04/27 18:44:49 | 001,352,456 | ---- | M] () -- C:\Users\hakim\Documents\bitdefender-antivirus-2011_bitdefender_antivirus_2011_francais_35804.65&h=3970cd834333fe4bd611446f18f9d344
    [2011/04/26 14:36:41 | 000,000,968 | ---- | M] () -- C:\Users\hakim\Desktop\Dofus.lnk
    [2011/04/26 11:00:43 | 000,000,008 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_1
    [2011/04/26 11:00:03 | 000,000,169 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\D2Info0
    [2011/04/26 09:50:08 | 000,000,008 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_2
    [2011/04/25 18:07:49 | 000,000,008 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_3
    [2011/04/25 17:53:15 | 000,294,400 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\All-hack-habbo V3 Release.exe
    [2011/04/25 12:31:45 | 003,812,471 | ---- | M] () -- C:\Users\hakim\Desktop\116 - Be Faithful - Fatman Scoop Ft the Crooklyn Clan.mp3
    [2011/04/24 13:17:31 | 000,000,008 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_4
    [2011/04/22 11:30:58 | 000,920,054 | ---- | M] () -- C:\Users\hakim\Desktop\22042011057.JPG
    [2011/04/22 11:30:54 | 000,918,751 | ---- | M] () -- C:\Users\hakim\Desktop\22042011056.JPG
    [2011/04/22 11:30:40 | 000,964,324 | ---- | M] () -- C:\Users\hakim\Desktop\22042011055.JPG
    [2011/04/22 11:30:34 | 000,904,220 | ---- | M] () -- C:\Users\hakim\Desktop\22042011054.JPG
    [2011/04/20 21:12:11 | 000,000,008 | ---- | M] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_5
    [2011/04/17 16:14:39 | 001,429,722 | ---- | M] () -- C:\Users\hakim\Desktop\17042011028.JPG
    [2011/04/17 15:59:06 | 001,202,846 | ---- | M] () -- C:\Users\hakim\Desktop\17042011029.JPG
    [2011/04/17 15:58:54 | 001,120,257 | ---- | M] () -- C:\Users\hakim\Desktop\17042011030.JPG
    [2011/04/15 19:40:33 | 000,002,210 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
    [2011/04/15 03:22:13 | 000,289,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2011/04/11 23:23:37 | 923,736,112 | ---- | M] () -- C:\Users\hakim\Desktop\FUNK_MAXI_COM.rar
    [2011/04/07 20:19:37 | 000,085,386 | ---- | M] () -- C:\Program Files\Uninstal.exe

    ========== Files Created - No Company Name ==========

    [2011/05/06 15:02:39 | 087,130,316 | ---- | C] () -- C:\Users\hakim\Desktop\__rar_00.019
    [2011/05/06 12:30:07 | 000,001,001 | ---- | C] () -- C:\Users\hakim\Desktop\PhotoFiltre.lnk
    [2011/05/05 18:16:11 | 000,000,003 | ---- | C] () -- C:\autorun.inf
    [2011/04/29 19:41:40 | 000,000,234 | ---- | C] () -- C:\ProgramData\search_result.xml
    [2011/04/29 18:57:55 | 000,001,885 | ---- | C] () -- C:\Users\hakim\Desktop\Mozilla Firefox.lnk
    [2011/04/29 17:05:19 | 000,000,000 | ---- | C] () -- C:\Windows\System32\imblacklist.dat
    [2011/04/29 17:04:00 | 000,000,415 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
    [2011/04/29 16:30:14 | 000,575,561 | ---- | C] () -- C:\ProgramData\bdinstall.bin
    [2011/04/27 18:44:44 | 001,352,456 | ---- | C] () -- C:\Users\hakim\Documents\bitdefender-antivirus-2011_bitdefender_antivirus_2011_francais_35804.65&h=3970cd834333fe4bd611446f18f9d344
    [2011/04/26 14:36:41 | 000,000,968 | ---- | C] () -- C:\Users\hakim\Desktop\Dofus.lnk
    [2011/04/25 17:53:15 | 000,294,400 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\All-hack-habbo V3 Release.exe
    [2011/04/25 12:31:27 | 003,812,471 | ---- | C] () -- C:\Users\hakim\Desktop\116 - Be Faithful - Fatman Scoop Ft the Crooklyn Clan.mp3
    [2011/04/22 11:33:07 | 000,964,324 | ---- | C] () -- C:\Users\hakim\Desktop\22042011055.JPG
    [2011/04/22 11:33:07 | 000,920,054 | ---- | C] () -- C:\Users\hakim\Desktop\22042011057.JPG
    [2011/04/22 11:33:07 | 000,918,751 | ---- | C] () -- C:\Users\hakim\Desktop\22042011056.JPG
    [2011/04/22 11:33:07 | 000,904,220 | ---- | C] () -- C:\Users\hakim\Desktop\22042011054.JPG
    [2011/04/20 20:28:07 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_5
    [2011/04/17 16:03:54 | 001,120,257 | ---- | C] () -- C:\Users\hakim\Desktop\17042011030.JPG
    [2011/04/17 15:59:43 | 001,429,722 | ---- | C] () -- C:\Users\hakim\Desktop\17042011028.JPG
    [2011/04/17 15:59:43 | 001,202,846 | ---- | C] () -- C:\Users\hakim\Desktop\17042011029.JPG
    [2011/04/12 17:49:21 | 006,046,284 | ---- | C] () -- C:\Users\hakim\Desktop\Aaron Broomfield - don't cover up your feelings.mp3
    [2011/04/12 17:49:20 | 006,640,399 | ---- | C] () -- C:\Users\hakim\Desktop\Xavier, Work That Sucker To Death.mp3
    [2011/04/12 17:49:20 | 006,634,978 | ---- | C] () -- C:\Users\hakim\Desktop\Zebrass - Feel so good.mp3
    [2011/04/12 17:49:20 | 005,281,836 | ---- | C] () -- C:\Users\hakim\Desktop\Yasuko Agawa - L. A. Nights.mp3
    [2011/04/12 17:49:19 | 006,228,723 | ---- | C] () -- C:\Users\hakim\Desktop\Victor Tavares - Show me.mp3
    [2011/04/12 17:49:18 | 005,546,404 | ---- | C] () -- C:\Users\hakim\Desktop\Vicky D.-This Beat Is Mine .mp3
    [2011/04/12 17:49:17 | 005,676,021 | ---- | C] () -- C:\Users\hakim\Desktop\Uk Players - Love's Gonna Get You.mp3
    [2011/04/12 17:49:17 | 005,524,050 | ---- | C] () -- C:\Users\hakim\Desktop\Unique - You make me feel so good (UL) g.mp3
    [2011/04/12 17:49:17 | 004,999,087 | ---- | C] () -- C:\Users\hakim\Desktop\unlimited touch - feel the music.mp3
    [2011/04/12 17:49:16 | 005,865,307 | ---- | C] () -- C:\Users\hakim\Desktop\tyrone brunson - the smurf.mp3
    [2011/04/12 17:49:16 | 005,534,515 | ---- | C] () -- C:\Users\hakim\Desktop\tracy Weber- Sure Shot .mp3
    [2011/04/12 17:49:16 | 003,689,202 | ---- | C] () -- C:\Users\hakim\Desktop\ts Monk - Bon Bon Vie .mp3
    [2011/04/12 17:49:15 | 005,731,756 | ---- | C] () -- C:\Users\hakim\Desktop\tony jackson - Steppin' out on the groove.mp3
    [2011/04/12 17:49:14 | 007,615,734 | ---- | C] () -- C:\Users\hakim\Desktop\The System - This Is For You.mp3
    [2011/04/12 17:49:13 | 006,812,820 | ---- | C] () -- C:\Users\hakim\Desktop\The O' Jays - Put our heads together.mp3
    [2011/04/12 17:49:13 | 003,700,966 | ---- | C] () -- C:\Users\hakim\Desktop\The Limit - She's so divine.mp3
    [2011/04/12 17:49:12 | 010,862,305 | ---- | C] () -- C:\Users\hakim\Desktop\the gents - for you my baby love.mp3
    [2011/04/12 17:49:12 | 003,816,430 | ---- | C] () -- C:\Users\hakim\Desktop\The Dazz Band - Let It All Blow.mp3
    [2011/04/12 17:49:11 | 005,503,250 | ---- | C] () -- C:\Users\hakim\Desktop\tavares - i got to find my way back to you.mp3
    [2011/04/12 17:49:11 | 005,442,318 | ---- | C] () -- C:\Users\hakim\Desktop\The Band AKA - Joy 5313.mp3
    [2011/04/12 17:49:11 | 001,396,854 | ---- | C] () -- C:\Users\hakim\Desktop\Temper - No Favours.mp3
    [2011/04/12 17:49:10 | 004,946,633 | ---- | C] () -- C:\Users\hakim\Desktop\Taste Of Honey - Sayonara.mp3
    [2011/04/12 17:49:08 | 015,345,790 | ---- | C] () -- C:\Users\hakim\Desktop\Taana Gardner - When You Touch Me.mp3
    [2011/04/12 17:49:07 | 007,364,843 | ---- | C] () -- C:\Users\hakim\Desktop\t c curtic - You should have known better.mp3
    [2011/04/12 17:49:07 | 005,579,423 | ---- | C] () -- C:\Users\hakim\Desktop\sos band - S.O.S..mp3
    [2011/04/12 17:49:06 | 006,460,690 | ---- | C] () -- C:\Users\hakim\Desktop\Silver Platinum - Party's Over.mp3
    [2011/04/12 17:49:06 | 006,242,998 | ---- | C] () -- C:\Users\hakim\Desktop\slave Just a Touch of Love .mp3
    [2011/04/12 17:49:06 | 006,108,968 | ---- | C] () -- C:\Users\hakim\Desktop\Skyy - Call Me.mp3
    [2011/04/12 17:49:05 | 008,642,144 | ---- | C] () -- C:\Users\hakim\Desktop\Sharon Brown - I Specialize In Love.mp3
    [2011/04/12 17:49:04 | 006,637,848 | ---- | C] () -- C:\Users\hakim\Desktop\Serge Ponsar - Out In The Night.mp3
    [2011/04/12 17:49:04 | 004,976,768 | ---- | C] () -- C:\Users\hakim\Desktop\Shalamar - A Night To Remember.mp3
    [2011/04/12 17:49:04 | 003,901,852 | ---- | C] () -- C:\Users\hakim\Desktop\Shania Twain - Im Gonna Getcha (Good)! Real Version.mp3
    [2011/04/12 17:49:03 | 007,394,548 | ---- | C] () -- C:\Users\hakim\Desktop\Secret Weapon - Must Be The Music.mp3
    [2011/04/12 17:49:03 | 004,609,340 | ---- | C] () -- C:\Users\hakim\Desktop\Second Image - dance dance dance.mp3
    [2011/04/12 17:49:02 | 006,189,515 | ---- | C] () -- C:\Users\hakim\Desktop\Rocket - I Wanna Know.mp3
    [2011/04/12 17:49:02 | 004,104,862 | ---- | C] () -- C:\Users\hakim\Desktop\Sadane - Sit Up.mp3
    [2011/04/12 17:49:01 | 005,528,014 | ---- | C] () -- C:\Users\hakim\Desktop\Richard Jon Smith - Stay with me tonight.mp3
    [2011/04/12 17:49:01 | 004,616,445 | ---- | C] () -- C:\Users\hakim\Desktop\Rhyze - Do you dance.mp3
    [2011/04/12 17:49:01 | 003,265,055 | ---- | C] () -- C:\Users\hakim\Desktop\Ritchie Family - I'll do my best.mp3
    [2011/04/12 17:49:00 | 006,299,149 | ---- | C] () -- C:\Users\hakim\Desktop\raw silk - Do It To The Music.mp3
    [2011/04/12 17:49:00 | 004,359,818 | ---- | C] () -- C:\Users\hakim\Desktop\Ray Parker Jr. And Raydio - For Those Who Like To Groove.mp3
    [2011/04/12 17:48:59 | 006,539,893 | ---- | C] () -- C:\Users\hakim\Desktop\rah band - Clouds Across The Moon (Tiefschwarz Cloudy Vocal .mp3
    [2011/04/12 17:48:57 | 007,266,725 | ---- | C] () -- C:\Users\hakim\Desktop\Pure Energy - One Hot Night.mp3
    [2011/04/12 17:48:57 | 007,139,665 | ---- | C] () -- C:\Users\hakim\Desktop\radiance - you're my number one1.mp3
    [2011/04/12 17:48:56 | 006,963,948 | ---- | C] () -- C:\Users\hakim\Desktop\positive force - we got the funk.mp3
    [2011/04/12 17:48:56 | 005,069,513 | ---- | C] () -- C:\Users\hakim\Desktop\Plush - Free and easy.mp3
    [2011/04/12 17:48:56 | 004,206,009 | ---- | C] () -- C:\Users\hakim\Desktop\Phyllis St James - Ain't No Turn Back.mp3
    [2011/04/12 17:48:56 | 002,982,483 | ---- | C] () -- C:\Users\hakim\Desktop\pleasure - Stone Love.mp3
    [2011/04/12 17:48:55 | 005,706,482 | ---- | C] () -- C:\Users\hakim\Desktop\Patti Jo - Ain't No Love Lost.mp3
    [2011/04/12 17:48:55 | 004,499,834 | ---- | C] () -- C:\Users\hakim\Desktop\Patrice Rushen - Forget Me Nots.mp3
    [2011/04/12 17:48:54 | 010,985,145 | ---- | C] () -- C:\Users\hakim\Desktop\Passion - Don't stop my love.mp3
    [2011/04/12 17:48:54 | 006,543,655 | ---- | C] () -- C:\Users\hakim\Desktop\Ozone - Gigolette.mp3
    [2011/04/12 17:48:53 | 006,734,662 | ---- | C] () -- C:\Users\hakim\Desktop\Output - Move for me.mp3
    [2011/04/12 17:48:53 | 005,657,530 | ---- | C] () -- C:\Users\hakim\Desktop\Orient Express - Shine On.mp3
    [2011/04/12 17:48:52 | 006,951,972 | ---- | C] () -- C:\Users\hakim\Desktop\One Way -Music.mp3
    [2011/04/12 17:48:52 | 004,259,074 | ---- | C] () -- C:\Users\hakim\Desktop\One on One - Gotta thang.mp3
    [2011/04/12 17:48:51 | 002,917,023 | ---- | C] () -- C:\Users\hakim\Desktop\Oliver Cheatham - Get down Saturday Night.mp3
    [2011/04/12 17:48:50 | 007,823,101 | ---- | C] () -- C:\Users\hakim\Desktop\North End - Happy Days.mp3
    [2011/04/12 17:48:50 | 001,628,798 | ---- | C] () -- C:\Users\hakim\Desktop\norman connors - Take It To The Limit.mp3
    [2011/04/12 17:48:49 | 006,197,167 | ---- | C] () -- C:\Users\hakim\Desktop\New Jersey Connection - love don't come easy.mp3
    [2011/04/12 17:48:49 | 004,994,279 | ---- | C] () -- C:\Users\hakim\Desktop\Network - I Need You.mp3
    [2011/04/12 17:48:48 | 006,800,253 | ---- | C] () -- C:\Users\hakim\Desktop\mystic merlin - Can't stop dancin'.mp3
    [2011/04/12 17:48:48 | 005,721,947 | ---- | C] () -- C:\Users\hakim\Desktop\Mtume - Juicy Fruit.mp3
    [2011/04/12 17:48:47 | 007,553,184 | ---- | C] () -- C:\Users\hakim\Desktop\mike francis - Let's Not Talk About It.mp3
    [2011/04/12 17:48:47 | 006,535,714 | ---- | C] () -- C:\Users\hakim\Desktop\Mike & Brenda Sutton - Don't let go off me.mp3
    [2011/04/12 17:48:46 | 007,798,682 | ---- | C] () -- C:\Users\hakim\Desktop\Maxine Singleton - You Can't Run From My Love.mp3
    [2011/04/12 17:48:46 | 003,904,660 | ---- | C] () -- C:\Users\hakim\Desktop\melba moore - Love Me Right.mp3
    [2011/04/12 17:47:47 | 006,033,745 | ---- | C] () -- C:\Users\hakim\Desktop\Advance - Take Me to the Top .mp3
    [2011/04/11 22:29:35 | 923,736,112 | ---- | C] () -- C:\Users\hakim\Desktop\FUNK_MAXI_COM.rar
    [2011/04/07 20:19:37 | 000,085,386 | ---- | C] () -- C:\Program Files\Uninstal.exe
    [2011/02/13 09:43:37 | 000,000,261 | ---- | C] () -- C:\Windows\WPE PRO - modified.INI
    [2010/12/06 22:34:42 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId1_3
    [2010/12/06 22:23:46 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId1_1
    [2010/12/06 22:19:06 | 000,000,177 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\D2Info1
    [2010/12/06 22:19:06 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId1_2
    [2010/11/30 13:45:16 | 000,000,005 | ---- | C] () -- C:\Program Files\Dofusversions.txt
    [2010/11/25 18:23:20 | 000,000,724 | ---- | C] () -- C:\Program Files\Bibliothèques - Raccourci.lnk
    [2010/11/19 13:01:45 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_4
    [2010/11/10 19:40:17 | 000,000,023 | ---- | C] () -- C:\Windows\SWFDecompiler.INI
    [2010/11/05 13:40:01 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_3
    [2010/11/05 12:50:32 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_1
    [2010/11/05 08:30:50 | 000,000,169 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\D2Info0
    [2010/11/05 08:30:50 | 000,000,008 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\DofusAppId0_2
    [2010/11/04 08:40:50 | 000,000,000 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\chrtmp
    [2010/10/29 13:22:58 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
    [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
    [2006/01/26 10:17:54 | 000,000,114 | -H-- | C] () -- C:\Users\hakim\AppData\Roaming\logs.dat

    ========== LOP Check ==========

    [2010/11/05 08:30:52 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\app
    [2011/05/05 18:16:06 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus 2
    [2010/11/20 16:45:36 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/11/05 13:40:01 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/11/19 13:01:45 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2011/04/20 20:28:07 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/11/20 16:46:07 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2011/02/20 10:51:36 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Dofus2Beta
    [2010/12/06 22:19:06 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\DofusBeta-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/12/06 22:34:42 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\DofusBeta-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/12/06 22:23:46 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\DofusBeta.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/10/17 23:42:34 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\OpenOffice.org
    [2011/05/06 12:30:44 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\PhotoFiltre
    [2011/03/06 20:40:52 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\PhotoFiltre Studio X
    [2011/04/29 16:35:20 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\QuickScan
    [2010/11/05 08:30:52 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/12/06 22:19:10 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\RegBeta.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/11/08 22:48:45 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Shareaza
    [2011/03/26 20:10:53 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\Sony
    [2010/12/21 19:02:29 | 000,000,000 | ---D | M] -- C:\Users\hakim\AppData\Roaming\TeamViewer
    [2011/04/29 19:39:38 | 000,000,000 | RHSD | M] -- C:\Users\hakim\AppData\Roaming\zlvp
    [2011/04/02 12:32:26 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Files - Unicode (All) ==========
    [2011/04/29 17:02:24 | 000,000,000 | ---- | M] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污
    [2011/04/29 17:02:24 | 000,000,000 | ---- | C] ()(C:\Windows\System32\?????) -- C:\Windows\System32\獷楬汢捯污

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 16 bytes -> C:\Users\hakim\Downloads:Shareaza.GUID
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0C1EFF69

    < End of report >
    a c 267 8 Sécurité
    7 Mai 2011 13:08:54

    C'est bien mieux, plus de souci ?

    Citation :
    C:\sys

    --> Il y a quoi dans ce dossier ?
    8 Mai 2011 03:06:27

    C'est vide est oui le pc semble bien ce comporter.
    a c 267 8 Sécurité
    8 Mai 2011 13:12:31

  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    FF - HKLM\software\mozilla\Firefox\Extensions\\HBLite@HBLite.com: C:\Program Files\HBLite\bin\11.0.363.0\firefox\extensions
    [2011/05/05 18:16:11 | 000,000,000 | ---D | C] -- C:\sys
    [2010/11/04 08:40:50 | 000,000,000 | ---- | C] () -- C:\Users\hakim\AppData\Roaming\chrtmp
    [2006/01/26 10:17:54 | 000,000,114 | -H-- | C] () -- C:\Users\hakim\AppData\Roaming\logs.dat

    :commands
    [emptytemp]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS