Se connecter / S'enregistrer
Votre question

(Résolu) Difficultés pour aller sur des sites

Tags :
  • Acer
  • Sécurité
Dernière réponse : dans Sécurité et virus
8 Avril 2011 12:32:48

Bonjour, voilà depuis quelques temps via google je n'arrive que 1 fois sur 20 au moins a accéder a des sites comme le votre. Une pub toujours différente apparait furtivement dans la barre d'adresse, rien ne ce passe et je suis redirigé vers google. Je rage car j'ai essayé beaucoup de chose et rien n'y fait. Merci par avance de votre aide. (J'ai mis ce message dans Virus car je pense que je suis infecté et que ce n'est pas seulement un probleme de publicité) ps : si je me suis trompé, merci de me le faire savoir.

Je poste le dernier rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:23:38, on 08/04/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\vVX1000.exe
C:\Windows\VM305_STI.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DNA\btdna.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe
C:\Windows\system32\wuauclt.exe
C:\Users\les supers cools\Desktop\Documents\Mes fichiers reçus\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=v...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=v...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.muuler.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - (no file)
R3 - URLSearchHook: (no name) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Setresolution] C:\ACER\config\1440x900.cmd
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [BigDog305] C:\Windows\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Bureau\AdobeReader9.3\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Bureau\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [conhost] C:\Users\les supers cools\AppData\Roaming\Microsoft\conhost.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - (no file)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Avira AntiVir Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (file missing)
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

--
End of file - 8041 bytes

Autres pages sur : resolu difficultes aller sites

9 Avril 2011 20:11:37

Merci pour votre aide. Voilà le rapport. Il n'y a rien mais je l'ai fait il y a 3jrs et j'avais 39 choses infectés. J'ai tout supprimé dont sound32.dll. J'ai peut-etre fait une érreure.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6320

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

09/04/2011 20:09:17
mbam-log-2011-04-09 (20-09-17).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 266069
Temps écoulé: 47 minute(s), 8 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Contenus similaires
a c 295 8 Sécurité
9 Avril 2011 22:33:46

Dans Malwarebytes' Anti-Malware, dans l'onglet Rapports/Logs, tu peux récupérer l'ancien rapport. Je le voudrais.
10 Avril 2011 03:02:26

Voilà l'ancien rapport...merci.

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 6299

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

07/04/2011 16:14:09
mbam-log-2011-04-07 (16-14-09).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 265103
Temps écoulé: 41 minute(s), 27 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 27

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{018B7EC3-EECA-11D3-8E71-0000E82C6C0D} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Nvchost (Trojan.Goldun) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Value: Load -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\conhost (Trojan.Agent) -> Value: conhost -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\sound32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\common files\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\161B.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\442B.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\6CDF.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\73FD.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\76B2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\887D.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\A3AD.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\B33D.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\B9AB.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\BEB1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\csrss.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\D3C3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\EB77.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\EEE9.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Local\Temp\FCD7.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Roaming\dwm.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Roaming\setupv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Roaming\EoRezo\softwareupdate\softwareupdate.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Roaming\EoRezo\softwareupdate\softwareupdatehp.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Users\les supers cools\AppData\Roaming\microsoft\conhost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Windows\winlogon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\systemrestore\frstaging\Windows\System32\config\systemprofile\AppData\Local\windows internet name service\wins.exe (Trojan.P2P) -> Quarantined and deleted successfully.
c:\Users\les supers cools\AppData\Roaming\EoRezo\softwareupdate\softwareupdate.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\Users\les supers cools\AppData\Roaming\EoRezo\softwareupdate\softwareupdatehp.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\Windows\resumedhp.ini (Malware.Trace) -> Quarantined and deleted successfully.
a c 295 8 Sécurité
10 Avril 2011 11:09:06

  • Télécharge OTL (par OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prend pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres Bloc-notes vont s'ouvrir : OTL.txt et Extras.txt. Ils se trouvent au même endroit qu'OTL.

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    10 Avril 2011 13:43:33

    J'ai remarqué sa :
    Citation :
    [2011/03/23 11:55:30 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\EoRezo

    Mais je n'ai pas le droit de t'aider , je laisse Destrio5 . J'ai poster ce message juste pour savoir si je me suis amélioré et si j'ai juste .
    10 Avril 2011 16:47:32

    Voilà ..

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 08/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 16:45:52 le 10/04/2011, Mode normal

    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86)
    les supers cools@PCLOULOU-MAMAN (Acer Aspire M1201)

    ============== RECHERCHE ==============


    Dossier trouvé: C:\Users\les supers cools\AppData\LocalLow\Conduit
    Dossier trouvé: C:\Program Files\Conduit
    Dossier trouvé: C:\Users\les supers cools\AppData\Roaming\OpenCandy
    Dossier trouvé: C:\Users\les supers cools\AppData\Local\OpenCandy
    Dossier trouvé: C:\Users\les supers cools\AppData\LocalLow\PriceGong
    Dossier trouvé: C:\Users\les supers cools\AppData\LocalLow\Toolbar4
    Dossier trouvé: C:\ProgramData\Trymedia
    Dossier trouvé: C:\Users\les supers cools\AppData\Roaming\EoRezo
    Fichier trouvé: C:\Users\les supers cools\AppData\Local\rosoafb.bat

    Clé trouvée: HKLM\Software\Classes\Interface\{384FE458-A963-450D-9187-EEFF81913FD0}
    Clé trouvée: HKLM\Software\Classes\TypeLib\{AA2E16F2-387A-415F-BA95-B89BAF3AF109}
    Clé trouvée: HKLM\Software\Classes\Conduit.Engine
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT2456781
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT2542115
    Clé trouvée: HKLM\Software\GamesBarSetup
    Clé trouvée: HKLM\Software\PopCap
    Clé trouvée: HKLM\Software\Trymedia Systems
    Clé trouvée: HKCU\Software\PopCap
    Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong
    Clé trouvée: HKLM\Software\Canneverbe Limited\OpenCandy
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9A7CF03-2DF1-46a1-9466-E7C96581BCA2}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A93C934-025B-4C3A-B38E-9654A7003239}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}

    Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp
    Valeur trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc
    Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine
    Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
    Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


    ============== SCAN ADDITIONNEL ==============

    **** Internet Explorer Version [7.0.6002.18005] ****

    HKCU_Main|Default_Page_URL - hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=1&o=vb32&d=0908&m=aspire_m1201
    HKCU_Main|Start Page - hxxp://www.google.fr/
    HKLM_Main|Default_Page_URL - hxxp://fr.fr.acer.yahoo.com
    HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Start Page - hxxp://www.muuler.com/
    AboutUrls|Tabs - hxxp://home.speedbit.com/tab/?aff=205
    HKCU_URLSearchHooks|{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} (x)
    HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} (x)
    HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Jeux.fr Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
    HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
    HKCU_Toolbar\ShellBrowser|{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} (x)
    HKCU_Toolbar\WebBrowser|{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (x)
    HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
    HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
    HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
    HKCU_Toolbar\WebBrowser|{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} (x)
    HKLM_Toolbar|{0BF43445-2F28-4351-9252-17FE6E806AA0} (x)
    HKLM_Toolbar|{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} (x)
    HKCU_ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} - C:\Program Files\SpeedBit Video Downloader\Converter.exe (x)
    HKCU_ElevationPolicy\{F5C9B1C4-95EA-4849-A900-FA9B0045965C} - C:\Users\les supers cools\Desktop\Documents\eMule\emule.exe (x)
    HKCU_ElevationPolicy\{F911C030-47BF-4628-9D7A-C5F2FB071CA0} - C:\Program Files\eMule\emule.exe (x)
    HKLM_ElevationPolicy\98d7ba9c-a40d-430b-a103-989dc9b8946d - C:\Program Files\Jeux.fr\Jeux.frToolbarHelper.exe (x)
    HKLM_ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} - C:\Program Files\SpeedBit Video Downloader\Converter.exe (x)
    HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
    HKLM_ElevationPolicy\{A9A7CF03-2DF1-46a1-9466-E7C96581BCA2} - C:\Program Files\Fast Browser Search\IE\ClearRecycleBin.exe (x)
    BHO\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} (?)
    BHO\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} (?)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 10/04/2011 16:46:02 (5954 Octet(s))

    Fin à: 16:46:36, 10/04/2011

    ============== E.O.F ==============
    a c 295 8 Sécurité
    10 Avril 2011 19:01:00

    Ok, relance Ad-Remover, choisis "Nettoyer" et poste le rapport.
    10 Avril 2011 20:18:14

    Désolé, j'ai fait comme demandé au dessus "nettoyer), ca m'a demander de redemarrer mon ordinateur j'ai mis oui car s'était recommandé et du coup je n'ai pas le rapport... que faire ?
    a c 295 8 Sécurité
    10 Avril 2011 20:27:13

    Il est situé dans C:\Ad-Report-CLEAN.log
    10 Avril 2011 20:33:43

    Destrio5 a dit :
    Ok, relance Ad-Remover, choisis "Nettoyer" et poste le rapport.


    J'ai fait un autre scann du coup...j'espere que ca ira.

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 08/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 20:14:44 le 10/04/2011, Mode normal

    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86)
    les supers cools@PCLOULOU-MAMAN (Acer Aspire M1201)

    ============== RECHERCHE ==============


    Fichier trouvé: C:\Users\les supers cools\AppData\Local\sfzfb.bat



    ============== SCAN ADDITIONNEL ==============

    **** Internet Explorer Version [7.0.6002.18005] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://google.fr/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} (x)
    HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
    HKCU_Toolbar\ShellBrowser|{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} (x)
    HKCU_Toolbar\WebBrowser|{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (x)
    HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
    HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
    HKCU_Toolbar\WebBrowser|{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} (x)
    HKLM_Toolbar|{0BF43445-2F28-4351-9252-17FE6E806AA0} (x)
    HKLM_Toolbar|{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} (x)
    HKCU_ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} - C:\Program Files\SpeedBit Video Downloader\Converter.exe (x)
    HKCU_ElevationPolicy\{F5C9B1C4-95EA-4849-A900-FA9B0045965C} - C:\Users\les supers cools\Desktop\Documents\eMule\emule.exe (x)
    HKCU_ElevationPolicy\{F911C030-47BF-4628-9D7A-C5F2FB071CA0} - C:\Program Files\eMule\emule.exe (x)
    HKLM_ElevationPolicy\98d7ba9c-a40d-430b-a103-989dc9b8946d - C:\Program Files\Jeux.fr\Jeux.frToolbarHelper.exe (x)
    HKLM_ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} - C:\Program Files\SpeedBit Video Downloader\Converter.exe (x)
    HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
    BHO\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} (?)
    BHO\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} (?)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 53 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 18 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 10/04/2011 20:05:33 (6024 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 10/04/2011 16:46:02 (6092 Octet(s))
    C:\Ad-Report-SCAN[2].txt - 10/04/2011 20:21:23 (3088 Octet(s))

    Fin à: 20:21:55, 10/04/2011

    ============== E.O.F ==============
    10 Avril 2011 20:35:36

    Destrio5 a dit :
    Il est situé dans C:\Ad-Report-CLEAN.log


    OK merci je crois que c'est celui-la.

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 08/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:05:28 le 10/04/2011, Mode normal

    Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 2 (X86)
    les supers cools@PCLOULOU-MAMAN (Acer Aspire M1201)

    ============== ACTION(S) ==============


    Dossier supprimé: C:\Users\les supers cools\AppData\LocalLow\Conduit
    Dossier supprimé: C:\Program Files\Conduit
    Dossier supprimé: C:\Users\les supers cools\AppData\Roaming\OpenCandy
    Dossier supprimé: C:\Users\les supers cools\AppData\Local\OpenCandy
    Dossier supprimé: C:\Users\les supers cools\AppData\LocalLow\PriceGong
    Dossier supprimé: C:\Users\les supers cools\AppData\LocalLow\Toolbar4
    Dossier supprimé: C:\ProgramData\Trymedia
    Dossier supprimé: C:\Users\les supers cools\AppData\Roaming\EoRezo
    Fichier supprimé: C:\Users\les supers cools\AppData\Local\rosoafb.bat

    (!) -- Fichiers temporaires supprimés.


    Clé supprimée: HKLM\Software\Classes\Interface\{384FE458-A963-450D-9187-EEFF81913FD0}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{AA2E16F2-387A-415F-BA95-B89BAF3AF109}
    Clé supprimée: HKLM\Software\Classes\Conduit.Engine
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT2456781
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
    Clé supprimée: HKLM\Software\GamesBarSetup
    Clé supprimée: HKLM\Software\PopCap
    Clé supprimée: HKLM\Software\Trymedia Systems
    Clé supprimée: HKCU\Software\PopCap
    Clé supprimée: HKCU\Software\AppDataLow\Software\PriceGong
    Clé supprimée: HKLM\Software\Canneverbe Limited\OpenCandy
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9A7CF03-2DF1-46a1-9466-E7C96581BCA2}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A93C934-025B-4C3A-B38E-9654A7003239}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}

    Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo hpfanicgkffmccehnpkikogcffaepkfp
    Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing\Trust Database\0|goicfboogidikkejccmclpieicihhlpo dgnckdmmolaijpbbakmplfhlfpdhglgc
    Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eoengine
    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}
    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


    ============== SCAN ADDITIONNEL ==============

    **** Internet Explorer Version [7.0.6002.18005] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} (x)
    HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
    HKCU_Toolbar\ShellBrowser|{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} (x)
    HKCU_Toolbar\WebBrowser|{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (x)
    HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
    HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
    HKCU_Toolbar\WebBrowser|{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} (x)
    HKLM_Toolbar|{0BF43445-2F28-4351-9252-17FE6E806AA0} (x)
    HKLM_Toolbar|{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} (x)
    HKCU_ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} - C:\Program Files\SpeedBit Video Downloader\Converter.exe (x)
    HKCU_ElevationPolicy\{F5C9B1C4-95EA-4849-A900-FA9B0045965C} - C:\Users\les supers cools\Desktop\Documents\eMule\emule.exe (x)
    HKCU_ElevationPolicy\{F911C030-47BF-4628-9D7A-C5F2FB071CA0} - C:\Program Files\eMule\emule.exe (x)
    HKLM_ElevationPolicy\98d7ba9c-a40d-430b-a103-989dc9b8946d - C:\Program Files\Jeux.fr\Jeux.frToolbarHelper.exe (x)
    HKLM_ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953} - C:\Program Files\SpeedBit Video Downloader\Converter.exe (x)
    HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
    BHO\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} (?)
    BHO\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} (?)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 53 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 10/04/2011 20:05:33 (5820 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 10/04/2011 16:46:02 (6092 Octet(s))

    Fin à: 20:07:09, 10/04/2011

    ============== E.O.F ==============
    a c 295 8 Sécurité
    10 Avril 2011 21:02:50

    Ok, refais un nettoyage Ad-Remover puis désinstalle-le.

    Tu as l'air d'avoir désinstallé AntiVir. Il y a Avast qui est pas mal en ce moment.

    Fais un nouveau scan OTL et poste le rapport OTL.
    10 Avril 2011 21:23:10


    Oui j'avais antivir...j'ai pris avast free ya pas tres longtemps mais il me mettais des messages pour me dire que j'avais des virus, trojan ou autres toutes les heures a peu pres...bon c'est peut-etre qu'il faut que je le regle...je c'est pas trop...et je l'ai désinstaller... que pensais vous d'avast free ?



    OTL logfile created on: 10/04/2011 21:17:36 - Run 2
    OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\les supers cools\Desktop\Documents\Aides pour Problemes PC
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.6002.18005)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
    4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 113,36 Gb Total Space | 41,94 Gb Free Space | 37,00% Space Free | Partition Type: NTFS
    Drive D: | 170,08 Gb Total Space | 166,43 Gb Free Space | 97,86% Space Free | Partition Type: NTFS

    Computer Name: PCLOULOU-MAMAN | User Name: les supers cools | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\les supers cools\Desktop\Documents\Aides pour Problemes PC\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
    PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10m_ActiveX.exe (Adobe Systems, Inc.)
    PRC - C:\Bureau\AdobeReader9.3\Reader\reader_sl.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Windows\vVX1000.exe (Microsoft Corporation)
    PRC - C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
    PRC - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe ()
    PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
    PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    PRC - C:\Windows\VM305_STI.EXE (Vimicro)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\les supers cools\Desktop\Documents\Aides pour Problemes PC\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV - (NMIndexingService) -- File not found
    SRV - (Nero BackItUp Scheduler 4.0) -- File not found
    SRV - (Boonty Games) -- File not found
    SRV - (AntiVirService) -- File not found
    SRV - (AntiVirSchedulerService) -- File not found
    SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
    SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
    DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
    DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
    DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
    DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
    DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
    DRV - (zgwhsnmea) -- C:\Windows\System32\drivers\zgwhsnmea.sys (ZTE Incorporated)
    DRV - (zgwhsmdm) -- C:\Windows\System32\drivers\zgwhsmdm.sys (ZTE Incorporated)
    DRV - (zgwhsdiag) -- C:\Windows\System32\drivers\zgwhsdiag.sys (ZTE Incorporated)
    DRV - (VX1000) -- C:\Windows\System32\drivers\VX1000.sys (Microsoft Corporation)
    DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
    DRV - (WSVD) -- C:\Windows\System32\drivers\WSVD.sys (CyberLink)
    DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
    DRV - (tvicport) -- C:\Windows\System32\drivers\TVicPort.sys (EnTech Taiwan)
    DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)
    DRV - (ahcix86s) -- C:\Windows\system32\drivers\ahcix86s.sys (AMD Technologies Inc.)
    DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
    DRV - (ZSMC0305) -- C:\Windows\System32\drivers\usbVM305.sys (Vimicro Corporation)
    DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI)
    DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI)
    DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - Reg Error: Key error. File not found
    IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



    O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No CLSID value found.
    O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found.
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
    O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
    O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Bureau\AdobeReader9.3\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avgnt] File not found
    O4 - HKLM..\Run: [BigDog305] C:\Windows\VM305_STI.EXE (Vimicro)
    O4 - HKLM..\Run: [EmpoweringTechnology] File not found
    O4 - HKLM..\Run: [eRecoveryService] File not found
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [PEN] File not found
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [Setresolution] C:\ACER\Config\1440X900.CMD ()
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
    O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
    O4 - HKCU..\Run: [conhost] File not found
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
    O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - Reg Error: Key error. File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\les supers cools\Pictures\040723181909_14.jpg
    O24 - Desktop BackupWallPaper: C:\Users\les supers cools\Pictures\040723181909_14.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{481e5617-d138-11dd-82ee-00226804adce}\Shell - "" = AutoRun
    O33 - MountPoints2\{481e5617-d138-11dd-82ee-00226804adce}\Shell\AutoRun\command - "" = J:\autorun.exe
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/04/10 18:24:15 | 000,000,000 | ---D | C] -- C:\Users\les supers cools\Desktop\Documents\Aides pour Problemes PC
    [2011/04/08 12:24:02 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
    [2011/04/08 12:24:02 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
    [2011/04/08 12:23:53 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
    [2011/04/08 12:23:52 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
    [2011/04/08 12:23:52 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
    [2011/04/08 12:23:52 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
    [2011/04/08 00:14:49 | 000,000,000 | ---D | C] -- C:\Users\les supers cools\AppData\Local\Mozilla
    [2011/04/07 15:23:52 | 000,000,000 | ---D | C] -- C:\Users\les supers cools\AppData\Roaming\Malwarebytes
    [2011/04/07 15:23:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2011/04/07 15:23:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011/04/07 15:23:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2011/04/07 15:23:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2011/04/07 15:23:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011/04/06 15:46:08 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
    [2011/04/04 17:37:34 | 000,000,000 | ---D | C] -- C:\## aswSnx private storage
    [2011/04/04 12:26:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
    [2011/04/02 14:31:23 | 000,000,000 | ---D | C] -- C:\Users\les supers cools\Desktop\Documents\My Cheat Tables
    [2011/04/02 14:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6
    [2011/03/31 22:47:59 | 000,000,000 | ---D | C] -- C:\Program Files\alaplaya
    [2011/03/29 19:03:13 | 000,000,000 | ---D | C] -- C:\Users\les supers cools\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlorensiaEN
    [2011/03/29 17:36:37 | 000,000,000 | ---D | C] -- C:\Users\les supers cools\AppData\Roaming\updates
    [2011/03/29 17:36:31 | 000,000,000 | ---D | C] -- C:\Users\les supers cools\AppData\Roaming\xplspn1rzomwbhudnmzlpyv3hpvhhtb22
    [2011/03/25 00:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AlawarSouthpoint
    [2011/03/17 01:23:40 | 000,000,000 | ---D | C] -- C:\Users\les supers cools\AppData\Roaming\LolClient
    [2011/03/17 01:09:22 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
    [2011/03/17 01:09:22 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
    [2011/03/17 01:09:21 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
    [2011/03/17 01:09:21 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
    [2011/03/17 01:09:20 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
    [2011/03/17 01:05:11 | 000,000,000 | ---D | C] -- C:\Riot Games
    [2011/03/17 00:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
    [2009/11/11 12:13:08 | 001,654,869 | ---- | C] (Dynu Systems Inc.) -- C:\ProgramData\DynuEncrypt.dll
    [2008/07/22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
    [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [2 C:\*.tmp files -> C:\*.tmp -> ]
    [13 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/04/10 21:16:04 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/04/10 21:15:52 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/04/10 21:15:52 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/04/10 21:15:51 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
    [2011/04/10 21:15:44 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
    [2011/04/10 20:40:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/04/10 20:14:52 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2011/04/10 20:14:52 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2011/04/10 20:14:52 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2011/04/10 20:14:52 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2011/04/07 23:59:59 | 000,001,666 | ---- | M] () -- C:\Users\les supers cools\Desktop\RomStation.lnk
    [2011/04/07 16:19:20 | 000,000,813 | ---- | M] () -- C:\Users\les supers cools\Desktop\emule.lnk
    [2011/04/07 10:58:59 | 000,080,896 | ---- | M] () -- C:\Users\les supers cools\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/04/06 11:32:31 | 000,028,650 | ---- | M] () -- C:\Users\les supers cools\AppData\Roaming\4F4E.7A1
    [2011/04/04 17:31:50 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2011/03/29 17:37:40 | 000,000,112 | ---- | M] () -- C:\ProgramData\2iG6gr3.dat
    [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [2 C:\*.tmp files -> C:\*.tmp -> ]
    [13 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/04/07 16:20:38 | 000,001,666 | ---- | C] () -- C:\Users\les supers cools\Desktop\RomStation.lnk
    [2011/04/07 16:19:20 | 000,000,813 | ---- | C] () -- C:\Users\les supers cools\Desktop\emule.lnk
    [2011/03/29 17:37:40 | 000,000,112 | ---- | C] () -- C:\ProgramData\2iG6gr3.dat
    [2011/03/04 16:43:38 | 000,060,928 | --S- | C] () -- C:\Windows\System32\2914.dll
    [2011/03/04 16:43:35 | 000,009,728 | --S- | C] () -- C:\Windows\System32\1AFF.dll
    [2011/03/04 16:43:20 | 000,009,728 | --S- | C] () -- C:\Windows\System32\E243.dll
    [2011/03/02 15:11:53 | 000,028,650 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\4F4E.7A1
    [2011/02/15 22:19:52 | 003,686,400 | ---- | C] () -- C:\Program Files\Zone4_Setup_V.1.4.exe
    [2011/02/14 17:53:16 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe
    [2011/02/14 17:45:31 | 000,000,036 | ---- | C] () -- C:\Users\les supers cools\AppData\Local\housecall.guid.cache
    [2011/02/02 20:35:27 | 000,005,024 | ---- | C] () -- C:\Windows\System32\FilterData.dat
    [2011/01/19 09:36:22 | 000,000,068 | ---- | C] () -- C:\Windows\eurogunzstartgame.INI
    [2010/12/06 16:59:22 | 000,000,008 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\DofusAppId0_5
    [2010/11/20 19:57:17 | 000,000,008 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\DofusAppId0_4
    [2010/11/20 13:25:40 | 000,000,008 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\DofusAppId0_3
    [2010/10/01 14:52:10 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
    [2010/09/07 20:10:25 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
    [2010/04/21 15:16:43 | 000,000,008 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\DofusAppId0_1
    [2010/04/21 13:50:39 | 000,000,189 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\D2Info0
    [2010/04/21 13:50:39 | 000,000,008 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\DofusAppId0_2
    [2010/04/02 09:24:42 | 000,000,035 | ---- | C] () -- C:\Windows\popcinfo.dat
    [2010/01/15 13:29:20 | 000,000,032 | ---- | C] () -- C:\Windows\cdtIDC.ini
    [2010/01/13 20:33:34 | 000,000,185 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\D2Info3
    [2010/01/13 20:33:34 | 000,000,008 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\DofusAppId3_1
    [2010/01/11 21:30:49 | 000,000,058 | ---- | C] () -- C:\Windows\FSaver.ini
    [2010/01/11 21:30:47 | 000,000,106 | ---- | C] () -- C:\Windows\ffxet.ini
    [2009/11/20 22:48:10 | 000,000,076 | ---- | C] () -- C:\Windows\GunzLauncher.INI
    [2009/11/06 04:14:42 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
    [2009/09/13 14:04:27 | 000,002,516 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
    [2009/06/16 19:00:40 | 000,000,134 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\default.rss
    [2009/06/16 18:59:43 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
    [2009/06/16 18:24:54 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
    [2009/05/31 11:54:42 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
    [2009/05/27 18:18:42 | 000,000,680 | ---- | C] () -- C:\Users\les supers cools\AppData\Local\d3d9caps.dat
    [2009/04/12 14:51:55 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI
    [2009/03/16 18:47:29 | 000,000,033 | ---- | C] () -- C:\Windows\Multimedia manager.INI
    [2009/03/04 09:35:29 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
    [2009/03/04 09:24:36 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
    [2008/12/23 21:49:01 | 000,046,616 | ---- | C] () -- C:\Windows\wininit.ini
    [2008/12/18 17:41:17 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
    [2008/11/25 01:20:14 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
    [2008/11/17 15:35:59 | 000,080,896 | ---- | C] () -- C:\Users\les supers cools\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/11/16 21:15:05 | 000,001,152 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\wklnhst.dat
    [2008/09/30 03:29:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2008/08/28 02:59:48 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
    [2008/08/28 02:59:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2008/04/09 08:14:46 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
    [2008/04/09 08:14:45 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
    [2008/04/09 08:14:43 | 000,168,886 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
    [2008/04/09 08:14:43 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
    [2008/03/16 23:59:35 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
    [2008/03/16 23:59:35 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
    [2008/03/16 23:23:17 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
    [2008/03/16 23:20:40 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
    [2008/03/16 23:20:40 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
    [2008/03/16 23:20:40 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat
    [2008/01/21 09:23:37 | 000,678,804 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
    [2008/01/21 09:23:37 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
    [2008/01/21 09:23:37 | 000,126,420 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
    [2008/01/21 09:23:37 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
    [2007/04/10 23:46:52 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
    [2006/11/02 14:53:49 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat
    [2006/11/02 14:44:53 | 000,325,448 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
    [2006/11/02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
    [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
    [2006/11/02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
    [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
    [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
    [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
    [2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
    [2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
    [2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
    [2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

    ========== LOP Check ==========

    [2009/07/15 22:04:04 | 000,000,000 | -HSD | M] -- C:\Users\les supers cools\AppData\Roaming\.#
    [2008/03/16 23:29:47 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Acer GameZone Console
    [2010/01/13 20:33:38 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\app
    [2011/04/07 14:31:08 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Audacity
    [2011/04/07 14:31:08 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\BitTorrent
    [2010/06/30 15:46:12 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Blumentals
    [2009/06/12 09:59:30 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Boomzap
    [2011/01/07 23:28:26 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Canneverbe Limited
    [2011/04/10 21:10:29 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\DNA
    [2011/01/21 00:18:39 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Dofus 2
    [2010/04/21 13:50:40 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/11/20 13:25:40 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/11/20 19:57:17 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/12/06 16:59:22 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/04/21 15:16:43 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2009/01/14 21:25:11 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Dragon Altar Games
    [2010/02/24 13:46:55 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\eMule
    [2010/06/25 16:20:40 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\ERS G-Studio
    [2011/04/07 14:31:08 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\FreeVideoConverter
    [2011/04/07 14:31:08 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\gtk-2.0
    [2010/08/03 11:12:15 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Jetdogs Studios
    [2011/03/17 01:23:40 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\LolClient
    [2009/10/23 20:28:36 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Magic Seeds
    [2010/07/18 15:26:51 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\MP3Rocket
    [2009/03/06 11:03:27 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\MusicNet
    [2010/08/03 16:39:56 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\My Games
    [2009/11/17 19:44:42 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\NeopleLauncherDFO
    [2011/04/07 14:31:10 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Notepad++
    [2011/02/02 18:10:24 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\OpenArena
    [2009/11/05 17:27:40 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\OpenOffice.org
    [2010/01/16 18:20:42 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\QUAD Utilities
    [2010/01/13 20:33:38 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/07/25 12:45:19 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Samsung
    [2009/10/05 15:14:53 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\ShinyTales
    [2009/05/30 21:32:22 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\StoneLoopsBF
    [2008/11/17 12:58:49 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Template
    [2009/01/16 15:55:11 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\TheScruffs
    [2011/04/04 13:14:06 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\updates
    [2009/03/31 17:44:53 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\URSE Games
    [2010/09/03 17:04:21 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\VendelGAMES
    [2009/10/11 18:34:54 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\ViquaSoft
    [2009/05/31 11:54:45 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\Wildfire
    [2011/04/04 13:14:07 | 000,000,000 | ---D | M] -- C:\Users\les supers cools\AppData\Roaming\xplspn1rzomwbhudnmzlpyv3hpvhhtb22
    [2011/04/10 21:14:56 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:538A9F02
    @Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:B6DD2C7E
    @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:A3E39C6A
    @Alternate Data Stream - 252 bytes -> C:\ProgramData\TEMP:957E9765
    @Alternate Data Stream - 227 bytes -> C:\ProgramData\TEMP:059167AF
    @Alternate Data Stream - 222 bytes -> C:\ProgramData\TEMP:0AC32449
    @Alternate Data Stream - 220 bytes -> C:\ProgramData\TEMP:9857FAE3
    @Alternate Data Stream - 205 bytes -> C:\ProgramData\TEMP:6B50A605
    @Alternate Data Stream - 202 bytes -> C:\ProgramData\TEMP:5CE2502D
    @Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:CAF8DAC8
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:E411AA0D
    @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:D 8F9D810
    @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:A1023D41
    @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:CF1334B0
    @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:BACB6B6C
    @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:D 0D17155
    @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:5AE33054
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:EE7AAC75
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:EA7D76BE
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:A00BCDEF
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:4A966CC2
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:3AF262FC
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:2E45FA8F
    @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:FEEEFFAD
    @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:FB647F34
    @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:C35B4B19
    @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A5264343
    @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A2C4E5BC
    @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:2EA99C48
    @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:C6D0ABC3
    @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:2EC5D66C
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:F43B7E8F
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:C3392F75
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:9D5BB34A
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:6E11933F
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:4EE323A4
    @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:413E2927
    @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:EBFB51F1
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:CB16385F
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:66871744
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:639F0420
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0860D6D6
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:D F0BC727
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:A60D0FA6
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:517B507A
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:EF5B3572
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:ED9B661E
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C5E2BAEE
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:A561576B
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:7CEDF9F3
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:592D7272
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:3118E26B
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:11EFE63D
    @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:969C0C96
    @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:7B52659E
    @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:56F368C9
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:751D6870
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:61B54B15
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:315B4A13
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1A4BF204
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E5DE9C8F
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:AE2EA3C2
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:3B454A5C
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:0C988F7D
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:F19A4790
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:ECC979BD
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:A7B70C4E
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:46A2F27B
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:38FF076E
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:1AFC2166
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:07241935
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:010ADD2C
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A2907225
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:9D03192E
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:61F0C8FB
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:48977386
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:27F44544
    @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8DD36B71
    @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:708BB0FA
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:D E07152F
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:CA99FD89
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:BBF60A29
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9F50A55A
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:471AD3D0
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:063969F8
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:BABA07C2
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:5D10C56A
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:101708D3
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:097FF903
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C74009E5
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C611D6C8
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:BE6DC701
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:A26AFC00
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:3E06C78F
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:393F7B1E
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:38B32B54
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:178093AE
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:0E22C5DB
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:D 2A5A561
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:896E1EFF
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:663B62CA
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5216EF84
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:488F7244
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F986CC21
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F0762150
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:E6D148BC
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:C0DFB793
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:BFAD7A5D
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:AC0528D9
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:A6CDBCAC
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:2AFE7797
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:04BB186B
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:FECEF728
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:CE6885F1
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:9DB67071
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2FBB2B9B
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:1CB3187E
    @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:C3C72D5F
    @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:7881FECE
    @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:59286A3A
    @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:15752405
    @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:D FC3B090
    @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:8F067037
    @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:260575F1
    @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:213AFE42
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:ED194880
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:9AE67195
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:8BCF4DE2
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:7AF9CAEB
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:35C78DCC
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:12EA4DC9
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:F1F85068
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D 2397415
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:67421CB3
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:36A39835
    @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:569CEE83
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:9A524EE6
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:9547F1DB
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:8CCDAB14
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:1EE5EBCB
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:0C5BC70E
    @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:D 8DB81DC
    @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:4C49306C
    @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:E1D818F7
    @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:E07EA07E
    @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:D F30C7A6
    @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:C22674B6
    @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:43301D1D
    @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:CB0EB1DE
    @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:A1D3FEF0
    @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:D 1713795
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:F7F6E6CB
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:E32966C0
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:880F0FEF
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:614F17D3
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:59846E5E
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:57CC1FDC
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:52E1DB1D
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:2BC498A4
    @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:C86B29EB
    @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:53DF59D1
    @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:E41267F2
    @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:C7F5E798
    @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:9E50C1C9
    @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:70E897B5
    @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:8140CB50
    @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:98AE08EA
    @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:4363DE71
    @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:A688EF17
    @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:9026FFAC
    @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:8B51CAAE

    < End of report >
    a c 295 8 Sécurité
    10 Avril 2011 22:16:15

    Je pense que c'est le meilleur antivirus gratuit du moment.

  • Fais analyser ce fichier : C:\Windows\System32\2914.dll

  • Sur VirusTotal et poste le lien de l'analyse :
    http://www.virustotal.com/
    10 Avril 2011 22:30:32

    J'espere que c'est ce que vous me demandiez, je connais pas et tout est en anglais. J'ai pas trouvé le lien désolé.

    VT Community Sign in ▼ My account ▼ Sign out Signing out... Languages ▼
    VirusTotal's website has changed, we need new translations, do you feel like helping the community?
    info@virustotal.comSign in to VT Community
    Safety ratings and user comments (disinfection, in-the-wild locations, reverse engineering reports, etc.) on malware and URLs, free and easy.

    email
    password
    Keep me logged in
    Sign in
    Signing in, please wait...
    Login failed, please try again
    Forgot your password? Create an account
    Edit my profile
    View my profile
    Inbox

    Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...

    0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
    File name: 2914.dll
    Submission date: 2011-04-10 20:23:15 (UTC)
    Current status: finished
    Result: 1 /40 (2.5%)
    VT Community

    not reviewed
    Safety score: -

    Compact Print results
    Antivirus Version Last Update Result
    AhnLab-V3 2011.04.10.01 2011.04.10 -
    AntiVir 7.11.6.20 2011.04.10 -
    Antiy-AVL 2.0.3.7 2011.04.10 -
    Avast 4.8.1351.0 2011.04.10 -
    Avast5 5.0.677.0 2011.04.10 -
    BitDefender 7.2 2011.04.10 -
    CAT-QuickHeal 11.00 2011.04.10 -
    ClamAV 0.97.0.0 2011.04.10 -
    Commtouch 5.2.11.5 2011.04.06 -
    Comodo 8294 2011.04.10 -
    DrWeb 5.0.2.03300 2011.04.10 -
    Emsisoft 5.1.0.5 2011.04.10 -
    eTrust-Vet 36.1.8261 2011.04.08 -
    F-Prot 4.6.2.117 2011.04.10 -
    F-Secure 9.0.16440.0 2011.04.10 -
    Fortinet 4.2.254.0 2011.04.09 -
    GData 22 2011.04.10 -
    Ikarus T3.1.1.103.0 2011.04.10 -
    Jiangmin 13.0.900 2011.04.09 -
    K7AntiVirus 9.96.4347 2011.04.09 -
    Kaspersky 7.0.0.125 2011.04.10 -
    McAfee 5.400.0.1158 2011.04.10 -
    McAfee-GW-Edition 2010.1C 2011.04.10 -
    Microsoft 1.6702 2011.04.10 -
    NOD32 6031 2011.04.10 -
    Norman 6.07.07 2011.04.10 -
    Panda 10.0.3.5 2011.04.10 -
    PCTools 7.0.3.5 2011.04.07 -
    Prevx 3.0 2011.04.10 -
    Rising 23.52.06.03 2011.04.10 -
    Sophos 4.64.0 2011.04.10 -
    SUPERAntiSpyware 4.40.0.1006 2011.04.10 -
    Symantec 20101.3.2.89 2011.04.10 WS.Reputation.1
    TheHacker 6.7.0.1.171 2011.04.10 -
    TrendMicro 9.200.0.1012 2011.04.10 -
    TrendMicro-HouseCall 9.200.0.1012 2011.04.10 -
    VBA32 3.12.14.3 2011.04.08 -
    VIPRE 8980 2011.04.10 -
    ViRobot 2011.4.9.4402 2011.04.10 -
    VirusBuster 13.6.297.0 2011.04.10 -
    Additional informationShow all
    MD5 : 13904a08df81d99e98314891801d61c8
    SHA1 : a33de9c5a60657687f9e807617267f2f18f0884d
    SHA256: f0ea681d8e13a1a994f387e0aea9376dfd721603b8079e34a515756ac1e8677c
    ssdeep: 768:+f8MXxs7NMK/qD4d7JDD9qTHXrAbwhn4YykuUDna2mnhED74vPXTtmKs:S8MB2NFLJD4THE
    Un4YykBo9XTtmK
    File size : 60928 bytes
    First seen: 2010-11-20 10:35:41
    Last seen : 2011-04-10 20:23:15
    Magic: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit
    TrID:
    Win32 Executable MS Visual C++ (generic) (65.2%)
    Win32 Executable Generic (14.7%)
    Win32 Dynamic Link Library (generic) (13.1%)
    Generic Win/DOS Executable (3.4%)
    DOS Executable Generic (3.4%)
    sigcheck:
    publisher....: n/a
    copyright....: n/a
    product......: n/a
    description..: n/a
    original name: n/a
    internal name: n/a
    file version.: n/a
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned

    PEiD: -
    PEInfo: PE structure information

    [[ basic data ]]
    entrypointaddress: 0x2297
    timedatestamp....: 0x4CD36381 (Fri Nov 05 01:53:05 2010)
    machinetype......: 0x14C (Intel I386)

    [[ 5 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0x8F13, 0x9000, 6.5, b9f4c2bb5f5b2e6f52370b19e2f8aa8b
    .rdata, 0xA000, 0x30EA, 0x3200, 4.82, e374d9149eafbf22aee24a711e837bdb
    .data, 0xE000, 0x2CC0, 0x1000, 2.32, c013f5f56e02ea8ae0cc6683b0631baa
    .rsrc, 0x11000, 0x1B4, 0x200, 5.11, 8f6cf4b3320827b58e8f9612079d9520
    .reloc, 0x12000, 0x142C, 0x1600, 3.83, 87a9af41ce7d80bd6a939122ebfbf122

    [[ 1 import(s) ]]
    kernel32.dll: FindFirstFileA, FindClose, LoadLibraryA, FindNextFileA, GetCurrentDirectoryA, GetCurrentThreadId, DecodePointer, GetCommandLineA, RaiseException, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, EncodePointer, HeapAlloc, GetLastError, HeapFree, IsProcessorFeaturePresent, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, InterlockedIncrement, GetModuleHandleW, SetLastError, InterlockedDecrement, GetProcAddress, Sleep, ExitProcess, SetHandleCount, GetStdHandle, InitializeCriticalSectionAndSpinCount, GetFileType, GetStartupInfoW, DeleteCriticalSection, GetModuleFileNameA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, HeapCreate, HeapDestroy, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, SetFilePointer, WriteFile, GetConsoleCP, GetConsoleMode, EnterCriticalSection, LeaveCriticalSection, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, GetModuleFileNameW, RtlUnwind, HeapSize, HeapReAlloc, LoadLibraryW, SetStdHandle, WriteConsoleW, MultiByteToWideChar, LCMapStringW, GetStringTypeW, CreateFileW, CloseHandle, FlushFileBuffers

    ExifTool:
    file metadata
    CodeSize: 36864
    EntryPoint: 0x2297
    FileSize: 60 kB
    FileType: Win32 DLL
    ImageVersion: 0.0
    InitializedDataSize: 23040
    LinkerVersion: 10.0
    MIMEType: application/octet-stream
    MachineType: Intel 386 or later, and compatibles
    OSVersion: 5.1
    PEType: PE32
    Subsystem: Windows GUI
    SubsystemVersion: 5.1
    TimeStamp: 2010:11:05 02:53:05+01:00
    UninitializedDataSize: 0

    Symantec reputation:Suspicious.Insight


    VT Community

    0
    This file has never been reviewed by any VT Community member. Be the first one to comment on it!
    VirusTotal Team
    Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
    You can add basic styles to your comments using the following accepted bbcode tags:

    text -- bold
    text -- italics
    text -- underline
    text -- strikethrough
    1. text
    - preformatted text

    You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.

    Goodware Malware Spam attachment/link
    P2P download Propagating via IM Network worm
    Drive-by-download



    Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.

    Preview commentEdit comment Post comment Posting comment...
    Comment successfully posted







    ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
    VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com- TOS & Privacy Policy
    a c 295 8 Sécurité
    10 Avril 2011 22:56:35

    Plus de souci ?

  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    SRV - (NMIndexingService) -- File not found
    SRV - (Nero BackItUp Scheduler 4.0) -- File not found
    SRV - (Boonty Games) -- File not found
    SRV - (AntiVirService) -- File not found
    SRV - (AntiVirSchedulerService) -- File not found
    IE - HKCU\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - Reg Error: Key error. File not found
    IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No CLSID value found.
    O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
    O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
    O4 - HKLM\..\Run: [avgnt] File not found
    O4 - HKCU\..\Run: [conhost] File not found
    [2011/03/29 17:36:37 | 000,000,000 | ---D | C] -- C:\Users\les supers cools\AppData\Roaming\updates
    [2011/03/29 17:36:31 | 000,000,000 | ---D | C] -- C:\Users\les supers cools\AppData\Roaming\xplspn1rzomwbhudnmzlpyv3hpvhhtb22
    [2011/03/29 17:37:40 | 000,000,112 | ---- | C] () -- C:\ProgramData\2iG6gr3.dat
    [2011/03/04 16:43:38 | 000,060,928 | --S- | C] () -- C:\Windows\System32\2914.dll
    [2011/03/04 16:43:35 | 000,009,728 | --S- | C] () -- C:\Windows\System32\1AFF.dll
    [2011/03/04 16:43:20 | 000,009,728 | --S- | C] () -- C:\Windows\System32\E243.dll
    [2011/03/02 15:11:53 | 000,028,650 | ---- | C] () -- C:\Users\les supers cools\AppData\Roaming\4F4E.7A1
    @Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:538A9F02
    @Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:B6DD2C7E
    @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:A3E39C6A
    @Alternate Data Stream - 252 bytes -> C:\ProgramData\TEMP:957E9765
    @Alternate Data Stream - 227 bytes -> C:\ProgramData\TEMP:059167AF
    @Alternate Data Stream - 222 bytes -> C:\ProgramData\TEMP:0AC32449
    @Alternate Data Stream - 220 bytes -> C:\ProgramData\TEMP:9857FAE3
    @Alternate Data Stream - 205 bytes -> C:\ProgramData\TEMP:6B50A605
    @Alternate Data Stream - 202 bytes -> C:\ProgramData\TEMP:5CE2502D
    @Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:CAF8DAC8
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:E411AA0D
    @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:D8F9D810
    @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:A1023D41
    @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:CF1334B0
    @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:BACB6B6C
    @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:D0D17155
    @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:5AE33054
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:EE7AAC75
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:EA7D76BE
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:A00BCDEF
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:4A966CC2
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:3AF262FC
    @Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:2E45FA8F
    @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:FEEEFFAD
    @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:FB647F34
    @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:C35B4B19
    @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A5264343
    @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A2C4E5BC
    @Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:2EA99C48
    @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:C6D0ABC3
    @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:2EC5D66C
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:F43B7E8F
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:C3392F75
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:9D5BB34A
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:6E11933F
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:4EE323A4
    @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:413E2927
    @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:EBFB51F1
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:CB16385F
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:66871744
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:639F0420
    @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0860D6D6
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:DF0BC727
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:A60D0FA6
    @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:517B507A
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:EF5B3572
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:ED9B661E
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C5E2BAEE
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:A561576B
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:7CEDF9F3
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:592D7272
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:3118E26B
    @Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:11EFE63D
    @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:969C0C96
    @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:7B52659E
    @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:56F368C9
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:751D6870
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:61B54B15
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:315B4A13
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1A4BF204
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E5DE9C8F
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:AE2EA3C2
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:3B454A5C
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:0C988F7D
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:F19A4790
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:ECC979BD
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:A7B70C4E
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:46A2F27B
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:38FF076E
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:1AFC2166
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:07241935
    @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:010ADD2C
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A2907225
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:9D03192E
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:61F0C8FB
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:48977386
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:27F44544
    @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8DD36B71
    @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:708BB0FA
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:DE07152F
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:CA99FD89
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:BBF60A29
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9F50A55A
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:471AD3D0
    @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:063969F8
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:BABA07C2
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:5D10C56A
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:101708D3
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:097FF903
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C74009E5
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C611D6C8
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:BE6DC701
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:A26AFC00
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:3E06C78F
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:393F7B1E
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:38B32B54
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:178093AE
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:0E22C5DB
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:D2A5A561
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:896E1EFF
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:663B62CA
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5216EF84
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:488F7244
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F986CC21
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F0762150
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:E6D148BC
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:C0DFB793
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:BFAD7A5D
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:AC0528D9
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:A6CDBCAC
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:2AFE7797
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:04BB186B
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:FECEF728
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:CE6885F1
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:9DB67071
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2FBB2B9B
    @Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:1CB3187E
    @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:C3C72D5F
    @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:7881FECE
    @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:59286A3A
    @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:15752405
    @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:DFC3B090
    @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:8F067037
    @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:260575F1
    @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:213AFE42
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:ED194880
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:9AE67195
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:8BCF4DE2
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:7AF9CAEB
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:35C78DCC
    @Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:12EA4DC9
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:F1F85068
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D2397415
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:67421CB3
    @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:36A39835
    @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:569CEE83
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:9A524EE6
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:9547F1DB
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:8CCDAB14
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:1EE5EBCB
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:0C5BC70E
    @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:D8DB81DC
    @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:4C49306C
    @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:E1D818F7
    @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:E07EA07E
    @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:DF30C7A6
    @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:C22674B6
    @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:43301D1D
    @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:CB0EB1DE
    @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:A1D3FEF0
    @Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:D1713795
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:F7F6E6CB
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:E32966C0
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:880F0FEF
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:614F17D3
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:59846E5E
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:57CC1FDC
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:52E1DB1D
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:2BC498A4
    @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:C86B29EB
    @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:53DF59D1
    @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:E41267F2
    @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:C7F5E798
    @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:9E50C1C9
    @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:70E897B5
    @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:8140CB50
    @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:98AE08EA
    @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:4363DE71
    @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:A688EF17
    @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:9026FFAC
    @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:8B51CAAE

    :commands
    [emptytemp]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.
    10 Avril 2011 23:17:58

    Voila...

    All processes killed
    ========== OTL ==========
    Service NMIndexingService stopped successfully!
    Service NMIndexingService deleted successfully!
    File File not found not found.
    Service Nero BackItUp Scheduler 4.0 stopped successfully!
    Service Nero BackItUp Scheduler 4.0 deleted successfully!
    File File not found not found.
    Service Boonty Games stopped successfully!
    Service Boonty Games deleted successfully!
    File File not found not found.
    Service AntiVirService stopped successfully!
    Service AntiVirService deleted successfully!
    File File not found not found.
    Service AntiVirSchedulerService stopped successfully!
    Service AntiVirSchedulerService deleted successfully!
    File File not found not found.
    Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{4daac69c-cba7-45e2-9bc8-1044483d3352} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.
    Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0BF43445-2F28-4351-9252-17FE6E806AA0} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BF43445-2F28-4351-9252-17FE6E806AA0}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ not found.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
    Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
    Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
    C:\Users\les supers cools\AppData\Roaming\updates folder moved successfully.
    C:\Users\les supers cools\AppData\Roaming\xplspn1rzomwbhudnmzlpyv3hpvhhtb22 folder moved successfully.
    C:\ProgramData\2iG6gr3.dat moved successfully.
    C:\Windows\System32\2914.dll moved successfully.
    C:\Windows\System32\1AFF.dll moved successfully.
    C:\Windows\System32\E243.dll moved successfully.
    C:\Users\les supers cools\AppData\Roaming\4F4E.7A1 moved successfully.
    ADS C:\ProgramData\TEMP:538A9F02 deleted successfully.
    ADS C:\ProgramData\TEMP:B6DD2C7E deleted successfully.
    ADS C:\ProgramData\TEMP:A3E39C6A deleted successfully.
    ADS C:\ProgramData\TEMP:957E9765 deleted successfully.
    ADS C:\ProgramData\TEMP:059167AF deleted successfully.
    ADS C:\ProgramData\TEMP:0AC32449 deleted successfully.
    ADS C:\ProgramData\TEMP:9857FAE3 deleted successfully.
    ADS C:\ProgramData\TEMP:6B50A605 deleted successfully.
    ADS C:\ProgramData\TEMP:5CE2502D deleted successfully.
    ADS C:\ProgramData\TEMP:CAF8DAC8 deleted successfully.
    ADS C:\ProgramData\TEMP:E411AA0D deleted successfully.
    ADS C:\ProgramData\TEMP:D 8F9D810 deleted successfully.
    ADS C:\ProgramData\TEMP:A1023D41 deleted successfully.
    ADS C:\ProgramData\TEMP:CF1334B0 deleted successfully.
    ADS C:\ProgramData\TEMP:BACB6B6C deleted successfully.
    ADS C:\ProgramData\TEMP:D 0D17155 deleted successfully.
    ADS C:\ProgramData\TEMP:5AE33054 deleted successfully.
    ADS C:\ProgramData\TEMP:EE7AAC75 deleted successfully.
    ADS C:\ProgramData\TEMP:EA7D76BE deleted successfully.
    ADS C:\ProgramData\TEMP:A00BCDEF deleted successfully.
    ADS C:\ProgramData\TEMP:4A966CC2 deleted successfully.
    ADS C:\ProgramData\TEMP:3AF262FC deleted successfully.
    ADS C:\ProgramData\TEMP:2E45FA8F deleted successfully.
    ADS C:\ProgramData\TEMP:FEEEFFAD deleted successfully.
    ADS C:\ProgramData\TEMP:FB647F34 deleted successfully.
    ADS C:\ProgramData\TEMP:C35B4B19 deleted successfully.
    ADS C:\ProgramData\TEMP:A5264343 deleted successfully.
    ADS C:\ProgramData\TEMP:A2C4E5BC deleted successfully.
    ADS C:\ProgramData\TEMP:2EA99C48 deleted successfully.
    ADS C:\ProgramData\TEMP:C6D0ABC3 deleted successfully.
    ADS C:\ProgramData\TEMP:2EC5D66C deleted successfully.
    ADS C:\ProgramData\TEMP:F43B7E8F deleted successfully.
    ADS C:\ProgramData\TEMP:C3392F75 deleted successfully.
    ADS C:\ProgramData\TEMP:9D5BB34A deleted successfully.
    ADS C:\ProgramData\TEMP:6E11933F deleted successfully.
    ADS C:\ProgramData\TEMP:4EE323A4 deleted successfully.
    ADS C:\ProgramData\TEMP:413E2927 deleted successfully.
    ADS C:\ProgramData\TEMP:EBFB51F1 deleted successfully.
    ADS C:\ProgramData\TEMP:CB16385F deleted successfully.
    ADS C:\ProgramData\TEMP:66871744 deleted successfully.
    ADS C:\ProgramData\TEMP:639F0420 deleted successfully.
    ADS C:\ProgramData\TEMP:0860D6D6 deleted successfully.
    ADS C:\ProgramData\TEMP:D F0BC727 deleted successfully.
    ADS C:\ProgramData\TEMP:A60D0FA6 deleted successfully.
    ADS C:\ProgramData\TEMP:517B507A deleted successfully.
    ADS C:\ProgramData\TEMP:EF5B3572 deleted successfully.
    ADS C:\ProgramData\TEMP:ED9B661E deleted successfully.
    ADS C:\ProgramData\TEMP:C5E2BAEE deleted successfully.
    ADS C:\ProgramData\TEMP:A561576B deleted successfully.
    ADS C:\ProgramData\TEMP:7CEDF9F3 deleted successfully.
    ADS C:\ProgramData\TEMP:592D7272 deleted successfully.
    ADS C:\ProgramData\TEMP:3118E26B deleted successfully.
    ADS C:\ProgramData\TEMP:11EFE63D deleted successfully.
    ADS C:\ProgramData\TEMP:969C0C96 deleted successfully.
    ADS C:\ProgramData\TEMP:7B52659E deleted successfully.
    ADS C:\ProgramData\TEMP:56F368C9 deleted successfully.
    ADS C:\ProgramData\TEMP:751D6870 deleted successfully.
    ADS C:\ProgramData\TEMP:61B54B15 deleted successfully.
    ADS C:\ProgramData\TEMP:315B4A13 deleted successfully.
    ADS C:\ProgramData\TEMP:1A4BF204 deleted successfully.
    ADS C:\ProgramData\TEMP:E5DE9C8F deleted successfully.
    ADS C:\ProgramData\TEMP:AE2EA3C2 deleted successfully.
    ADS C:\ProgramData\TEMP:3B454A5C deleted successfully.
    ADS C:\ProgramData\TEMP:0C988F7D deleted successfully.
    ADS C:\ProgramData\TEMP:F19A4790 deleted successfully.
    ADS C:\ProgramData\TEMP:ECC979BD deleted successfully.
    ADS C:\ProgramData\TEMP:A7B70C4E deleted successfully.
    ADS C:\ProgramData\TEMP:46A2F27B deleted successfully.
    ADS C:\ProgramData\TEMP:38FF076E deleted successfully.
    ADS C:\ProgramData\TEMP:1AFC2166 deleted successfully.
    ADS C:\ProgramData\TEMP:07241935 deleted successfully.
    ADS C:\ProgramData\TEMP:010ADD2C deleted successfully.
    ADS C:\ProgramData\TEMP:A2907225 deleted successfully.
    ADS C:\ProgramData\TEMP:9D03192E deleted successfully.
    ADS C:\ProgramData\TEMP:61F0C8FB deleted successfully.
    ADS C:\ProgramData\TEMP:48977386 deleted successfully.
    ADS C:\ProgramData\TEMP:27F44544 deleted successfully.
    ADS C:\ProgramData\TEMP:8DD36B71 deleted successfully.
    ADS C:\ProgramData\TEMP:708BB0FA deleted successfully.
    ADS C:\ProgramData\TEMP:D E07152F deleted successfully.
    ADS C:\ProgramData\TEMP:CA99FD89 deleted successfully.
    ADS C:\ProgramData\TEMP:BBF60A29 deleted successfully.
    ADS C:\ProgramData\TEMP:9F50A55A deleted successfully.
    ADS C:\ProgramData\TEMP:471AD3D0 deleted successfully.
    ADS C:\ProgramData\TEMP:063969F8 deleted successfully.
    ADS C:\ProgramData\TEMP:BABA07C2 deleted successfully.
    ADS C:\ProgramData\TEMP:5D10C56A deleted successfully.
    ADS C:\ProgramData\TEMP:101708D3 deleted successfully.
    ADS C:\ProgramData\TEMP:097FF903 deleted successfully.
    ADS C:\ProgramData\TEMP:C74009E5 deleted successfully.
    ADS C:\ProgramData\TEMP:C611D6C8 deleted successfully.
    ADS C:\ProgramData\TEMP:BE6DC701 deleted successfully.
    ADS C:\ProgramData\TEMP:A26AFC00 deleted successfully.
    ADS C:\ProgramData\TEMP:3E06C78F deleted successfully.
    ADS C:\ProgramData\TEMP:393F7B1E deleted successfully.
    ADS C:\ProgramData\TEMP:38B32B54 deleted successfully.
    ADS C:\ProgramData\TEMP:178093AE deleted successfully.
    ADS C:\ProgramData\TEMP:0E22C5DB deleted successfully.
    ADS C:\ProgramData\TEMP:D 2A5A561 deleted successfully.
    ADS C:\ProgramData\TEMP:896E1EFF deleted successfully.
    ADS C:\ProgramData\TEMP:663B62CA deleted successfully.
    ADS C:\ProgramData\TEMP:5216EF84 deleted successfully.
    ADS C:\ProgramData\TEMP:488F7244 deleted successfully.
    ADS C:\ProgramData\TEMP:F986CC21 deleted successfully.
    ADS C:\ProgramData\TEMP:F0762150 deleted successfully.
    ADS C:\ProgramData\TEMP:E6D148BC deleted successfully.
    ADS C:\ProgramData\TEMP:C0DFB793 deleted successfully.
    ADS C:\ProgramData\TEMP:BFAD7A5D deleted successfully.
    ADS C:\ProgramData\TEMP:AC0528D9 deleted successfully.
    ADS C:\ProgramData\TEMP:A6CDBCAC deleted successfully.
    ADS C:\ProgramData\TEMP:2AFE7797 deleted successfully.
    ADS C:\ProgramData\TEMP:04BB186B deleted successfully.
    ADS C:\ProgramData\TEMP:FECEF728 deleted successfully.
    ADS C:\ProgramData\TEMP:CE6885F1 deleted successfully.
    ADS C:\ProgramData\TEMP:9DB67071 deleted successfully.
    ADS C:\ProgramData\TEMP:2FBB2B9B deleted successfully.
    ADS C:\ProgramData\TEMP:1CB3187E deleted successfully.
    ADS C:\ProgramData\TEMP:C3C72D5F deleted successfully.
    ADS C:\ProgramData\TEMP:7881FECE deleted successfully.
    ADS C:\ProgramData\TEMP:59286A3A deleted successfully.
    ADS C:\ProgramData\TEMP:15752405 deleted successfully.
    ADS C:\ProgramData\TEMP:D FC3B090 deleted successfully.
    ADS C:\ProgramData\TEMP:8F067037 deleted successfully.
    ADS C:\ProgramData\TEMP:260575F1 deleted successfully.
    ADS C:\ProgramData\TEMP:213AFE42 deleted successfully.
    ADS C:\ProgramData\TEMP:ED194880 deleted successfully.
    ADS C:\ProgramData\TEMP:9AE67195 deleted successfully.
    ADS C:\ProgramData\TEMP:8BCF4DE2 deleted successfully.
    ADS C:\ProgramData\TEMP:7AF9CAEB deleted successfully.
    ADS C:\ProgramData\TEMP:35C78DCC deleted successfully.
    ADS C:\ProgramData\TEMP:12EA4DC9 deleted successfully.
    ADS C:\ProgramData\TEMP:F1F85068 deleted successfully.
    ADS C:\ProgramData\TEMP:D 2397415 deleted successfully.
    ADS C:\ProgramData\TEMP:67421CB3 deleted successfully.
    ADS C:\ProgramData\TEMP:36A39835 deleted successfully.
    ADS C:\ProgramData\TEMP:569CEE83 deleted successfully.
    ADS C:\ProgramData\TEMP:9A524EE6 deleted successfully.
    ADS C:\ProgramData\TEMP:9547F1DB deleted successfully.
    ADS C:\ProgramData\TEMP:8CCDAB14 deleted successfully.
    ADS C:\ProgramData\TEMP:1EE5EBCB deleted successfully.
    ADS C:\ProgramData\TEMP:0C5BC70E deleted successfully.
    ADS C:\ProgramData\TEMP:D 8DB81DC deleted successfully.
    ADS C:\ProgramData\TEMP:4C49306C deleted successfully.
    ADS C:\ProgramData\TEMP:E1D818F7 deleted successfully.
    ADS C:\ProgramData\TEMP:E07EA07E deleted successfully.
    ADS C:\ProgramData\TEMP:D F30C7A6 deleted successfully.
    ADS C:\ProgramData\TEMP:C22674B6 deleted successfully.
    ADS C:\ProgramData\TEMP:43301D1D deleted successfully.
    ADS C:\ProgramData\TEMP:CB0EB1DE deleted successfully.
    ADS C:\ProgramData\TEMP:A1D3FEF0 deleted successfully.
    ADS C:\ProgramData\TEMP:D 1713795 deleted successfully.
    ADS C:\ProgramData\TEMP:F7F6E6CB deleted successfully.
    ADS C:\ProgramData\TEMP:E32966C0 deleted successfully.
    ADS C:\ProgramData\TEMP:880F0FEF deleted successfully.
    ADS C:\ProgramData\TEMP:614F17D3 deleted successfully.
    ADS C:\ProgramData\TEMP:59846E5E deleted successfully.
    ADS C:\ProgramData\TEMP:57CC1FDC deleted successfully.
    ADS C:\ProgramData\TEMP:52E1DB1D deleted successfully.
    ADS C:\ProgramData\TEMP:2BC498A4 deleted successfully.
    ADS C:\ProgramData\TEMP:C86B29EB deleted successfully.
    ADS C:\ProgramData\TEMP:53DF59D1 deleted successfully.
    ADS C:\ProgramData\TEMP:E41267F2 deleted successfully.
    ADS C:\ProgramData\TEMP:C7F5E798 deleted successfully.
    ADS C:\ProgramData\TEMP:9E50C1C9 deleted successfully.
    ADS C:\ProgramData\TEMP:70E897B5 deleted successfully.
    ADS C:\ProgramData\TEMP:8140CB50 deleted successfully.
    ADS C:\ProgramData\TEMP:98AE08EA deleted successfully.
    ADS C:\ProgramData\TEMP:4363DE71 deleted successfully.
    ADS C:\ProgramData\TEMP:A688EF17 deleted successfully.
    ADS C:\ProgramData\TEMP:9026FFAC deleted successfully.
    ADS C:\ProgramData\TEMP:8B51CAAE deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Flash cache emptied: 56502 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: les supers cools
    ->Temp folder emptied: 111284 bytes
    ->Java cache emptied: 49529844 bytes
    ->Google Chrome cache emptied: 9251782 bytes
    ->Flash cache emptied: 65147 bytes

    User: Public

    %systemdrive% .tmp files removed: 31212390 bytes
    %systemroot% .tmp files removed: 1556992 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 66016 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 88,00 mb


    OTL by OldTimer - Version 3.2.22.3 log created on 04102011_231336

    Files\Folders moved on Reboot...
    File\Folder C:\Users\les supers cools\AppData\Local\Temp\Low\~DFB00C.tmp not found!
    File\Folder C:\Users\les supers cools\AppData\Local\Temp\Low\~DFB01F.tmp not found!

    Registry entries deleted on Reboot...
    11 Avril 2011 00:04:53

    2011/04/10 23:58:15.0830 3744 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
    2011/04/10 23:58:16.0142 3744 ================================================================================
    2011/04/10 23:58:16.0142 3744 SystemInfo:
    2011/04/10 23:58:16.0142 3744
    2011/04/10 23:58:16.0142 3744 OS Version: 6.0.6002 ServicePack: 2.0
    2011/04/10 23:58:16.0142 3744 Product type: Workstation
    2011/04/10 23:58:16.0142 3744 ComputerName: PCLOULOU-MAMAN
    2011/04/10 23:58:16.0142 3744 UserName: les supers cools
    2011/04/10 23:58:16.0142 3744 Windows directory: C:\Windows
    2011/04/10 23:58:16.0142 3744 System windows directory: C:\Windows
    2011/04/10 23:58:16.0142 3744 Processor architecture: Intel x86
    2011/04/10 23:58:16.0142 3744 Number of processors: 2
    2011/04/10 23:58:16.0142 3744 Page size: 0x1000
    2011/04/10 23:58:16.0142 3744 Boot type: Normal boot
    2011/04/10 23:58:16.0142 3744 ================================================================================
    2011/04/10 23:58:16.0512 3744 Initialize success
    2011/04/10 23:58:49.0320 3760 ================================================================================
    2011/04/10 23:58:49.0320 3760 Scan started
    2011/04/10 23:58:49.0320 3760 Mode: Manual;
    2011/04/10 23:58:49.0320 3760 ================================================================================
    2011/04/10 23:58:49.0859 3760 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    2011/04/10 23:58:49.0910 3760 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    2011/04/10 23:58:49.0943 3760 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    2011/04/10 23:58:49.0974 3760 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    2011/04/10 23:58:50.0001 3760 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    2011/04/10 23:58:50.0069 3760 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
    2011/04/10 23:58:50.0112 3760 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    2011/04/10 23:58:50.0157 3760 ahcix86s (0dee2b628d4c6e23285bb91effdabfde) C:\Windows\system32\drivers\ahcix86s.sys
    2011/04/10 23:58:50.0183 3760 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    2011/04/10 23:58:50.0212 3760 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    2011/04/10 23:58:50.0242 3760 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    2011/04/10 23:58:50.0271 3760 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    2011/04/10 23:58:50.0292 3760 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    2011/04/10 23:58:50.0317 3760 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
    2011/04/10 23:58:50.0345 3760 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    2011/04/10 23:58:50.0391 3760 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    2011/04/10 23:58:50.0427 3760 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    2011/04/10 23:58:50.0467 3760 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    2011/04/10 23:58:50.0573 3760 atikmdag (8ae1745bfc7d383daa3f82fe8d7be7c0) C:\Windows\system32\DRIVERS\atikmdag.sys
    2011/04/10 23:58:50.0677 3760 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
    2011/04/10 23:58:50.0820 3760 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
    2011/04/10 23:58:50.0878 3760 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\Windows\system32\DRIVERS\avipbb.sys
    2011/04/10 23:58:50.0925 3760 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    2011/04/10 23:58:50.0966 3760 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    2011/04/10 23:58:50.0991 3760 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
    2011/04/10 23:58:51.0028 3760 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    2011/04/10 23:58:51.0048 3760 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    2011/04/10 23:58:51.0085 3760 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    2011/04/10 23:58:51.0112 3760 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    2011/04/10 23:58:51.0132 3760 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    2011/04/10 23:58:51.0157 3760 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    2011/04/10 23:58:51.0190 3760 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    2011/04/10 23:58:51.0234 3760 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    2011/04/10 23:58:51.0286 3760 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    2011/04/10 23:58:51.0318 3760 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    2011/04/10 23:58:51.0366 3760 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    2011/04/10 23:58:51.0411 3760 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    2011/04/10 23:58:51.0434 3760 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
    2011/04/10 23:58:51.0458 3760 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    2011/04/10 23:58:51.0485 3760 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    2011/04/10 23:58:51.0554 3760 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
    2011/04/10 23:58:51.0620 3760 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    2011/04/10 23:58:51.0684 3760 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    2011/04/10 23:58:51.0739 3760 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    2011/04/10 23:58:51.0781 3760 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    2011/04/10 23:58:51.0895 3760 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    2011/04/10 23:58:51.0939 3760 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    2011/04/10 23:58:51.0982 3760 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    2011/04/10 23:58:52.0071 3760 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    2011/04/10 23:58:52.0130 3760 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    2011/04/10 23:58:52.0165 3760 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    2011/04/10 23:58:52.0218 3760 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    2011/04/10 23:58:52.0234 3760 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    2011/04/10 23:58:52.0264 3760 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    2011/04/10 23:58:52.0315 3760 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    2011/04/10 23:58:52.0359 3760 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    2011/04/10 23:58:52.0388 3760 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    2011/04/10 23:58:52.0457 3760 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
    2011/04/10 23:58:52.0504 3760 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
    2011/04/10 23:58:52.0562 3760 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    2011/04/10 23:58:52.0586 3760 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    2011/04/10 23:58:52.0618 3760 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    2011/04/10 23:58:52.0660 3760 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    2011/04/10 23:58:52.0687 3760 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    2011/04/10 23:58:52.0734 3760 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
    2011/04/10 23:58:52.0764 3760 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    2011/04/10 23:58:52.0800 3760 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    2011/04/10 23:58:52.0825 3760 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    2011/04/10 23:58:52.0860 3760 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    2011/04/10 23:58:52.0929 3760 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
    2011/04/10 23:58:52.0990 3760 IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys
    2011/04/10 23:58:53.0101 3760 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    2011/04/10 23:58:53.0128 3760 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    2011/04/10 23:58:53.0178 3760 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2011/04/10 23:58:53.0228 3760 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    2011/04/10 23:58:53.0250 3760 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    2011/04/10 23:58:53.0277 3760 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    2011/04/10 23:58:53.0299 3760 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    2011/04/10 23:58:53.0346 3760 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    2011/04/10 23:58:53.0367 3760 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    2011/04/10 23:58:53.0391 3760 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    2011/04/10 23:58:53.0429 3760 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    2011/04/10 23:58:53.0477 3760 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
    2011/04/10 23:58:53.0537 3760 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    2011/04/10 23:58:53.0605 3760 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    2011/04/10 23:58:53.0656 3760 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    2011/04/10 23:58:53.0675 3760 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    2011/04/10 23:58:53.0716 3760 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    2011/04/10 23:58:53.0745 3760 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    2011/04/10 23:58:53.0780 3760 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    2011/04/10 23:58:53.0825 3760 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    2011/04/10 23:58:53.0867 3760 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    2011/04/10 23:58:53.0933 3760 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    2011/04/10 23:58:53.0982 3760 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    2011/04/10 23:58:54.0004 3760 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    2011/04/10 23:58:54.0029 3760 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    2011/04/10 23:58:54.0058 3760 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    2011/04/10 23:58:54.0104 3760 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    2011/04/10 23:58:54.0163 3760 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    2011/04/10 23:58:54.0207 3760 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    2011/04/10 23:58:54.0265 3760 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2011/04/10 23:58:54.0299 3760 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2011/04/10 23:58:54.0330 3760 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2011/04/10 23:58:54.0354 3760 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
    2011/04/10 23:58:54.0378 3760 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    2011/04/10 23:58:54.0426 3760 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    2011/04/10 23:58:54.0452 3760 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    2011/04/10 23:58:54.0502 3760 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    2011/04/10 23:58:54.0519 3760 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    2011/04/10 23:58:54.0548 3760 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    2011/04/10 23:58:54.0602 3760 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    2011/04/10 23:58:54.0633 3760 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    2011/04/10 23:58:54.0662 3760 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    2011/04/10 23:58:54.0711 3760 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    2011/04/10 23:58:54.0769 3760 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    2011/04/10 23:58:54.0839 3760 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    2011/04/10 23:58:54.0894 3760 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    2011/04/10 23:58:54.0920 3760 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    2011/04/10 23:58:54.0977 3760 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    2011/04/10 23:58:55.0003 3760 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    2011/04/10 23:58:55.0033 3760 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    2011/04/10 23:58:55.0086 3760 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    2011/04/10 23:58:55.0136 3760 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    2011/04/10 23:58:55.0213 3760 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    2011/04/10 23:58:55.0251 3760 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    2011/04/10 23:58:55.0327 3760 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    2011/04/10 23:58:55.0390 3760 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
    2011/04/10 23:58:55.0431 3760 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    2011/04/10 23:58:55.0458 3760 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    2011/04/10 23:58:55.0488 3760 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    2011/04/10 23:58:55.0510 3760 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    2011/04/10 23:58:55.0539 3760 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    2011/04/10 23:58:55.0632 3760 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
    2011/04/10 23:58:55.0671 3760 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    2011/04/10 23:58:55.0713 3760 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    2011/04/10 23:58:55.0745 3760 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    2011/04/10 23:58:55.0806 3760 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    2011/04/10 23:58:55.0858 3760 pciide (53da392e84a09cad3ff89a2ef9259ef8) C:\Windows\system32\drivers\pciide.sys
    2011/04/10 23:58:55.0859 3760 Suspicious file (Forged): C:\Windows\system32\drivers\pciide.sys. Real md5: 53da392e84a09cad3ff89a2ef9259ef8, Fake md5: 1636d43f10416aeb483bc6001097b26c
    2011/04/10 23:58:55.0865 3760 pciide - detected Rootkit.Win32.TDSS.tdl3 (0)
    2011/04/10 23:58:55.0895 3760 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    2011/04/10 23:58:55.0946 3760 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    2011/04/10 23:58:56.0052 3760 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    2011/04/10 23:58:56.0074 3760 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    2011/04/10 23:58:56.0144 3760 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    2011/04/10 23:58:56.0198 3760 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    2011/04/10 23:58:56.0246 3760 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    2011/04/10 23:58:56.0278 3760 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    2011/04/10 23:58:56.0295 3760 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    2011/04/10 23:58:56.0328 3760 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2011/04/10 23:58:56.0384 3760 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    2011/04/10 23:58:56.0435 3760 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    2011/04/10 23:58:56.0489 3760 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    2011/04/10 23:58:56.0517 3760 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2011/04/10 23:58:56.0550 3760 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    2011/04/10 23:58:56.0570 3760 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    2011/04/10 23:58:56.0611 3760 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
    2011/04/10 23:58:56.0663 3760 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    2011/04/10 23:58:56.0699 3760 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    2011/04/10 23:58:56.0757 3760 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2011/04/10 23:58:56.0792 3760 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    2011/04/10 23:58:56.0815 3760 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    2011/04/10 23:58:56.0839 3760 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    2011/04/10 23:58:56.0884 3760 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
    2011/04/10 23:58:56.0909 3760 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    2011/04/10 23:58:56.0934 3760 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
    2011/04/10 23:58:56.0960 3760 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    2011/04/10 23:58:57.0015 3760 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    2011/04/10 23:58:57.0042 3760 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    2011/04/10 23:58:57.0071 3760 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    2011/04/10 23:58:57.0133 3760 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    2011/04/10 23:58:57.0186 3760 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    2011/04/10 23:58:57.0251 3760 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys
    2011/04/10 23:58:57.0252 3760 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
    2011/04/10 23:58:57.0258 3760 sptd - detected Locked file (1)
    2011/04/10 23:58:57.0298 3760 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
    2011/04/10 23:58:57.0338 3760 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
    2011/04/10 23:58:57.0366 3760 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
    2011/04/10 23:58:57.0410 3760 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
    2011/04/10 23:58:57.0437 3760 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
    2011/04/10 23:58:57.0478 3760 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
    2011/04/10 23:58:57.0517 3760 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\Windows\system32\DRIVERS\ssmdrv.sys
    2011/04/10 23:58:57.0585 3760 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys
    2011/04/10 23:58:57.0611 3760 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    2011/04/10 23:58:57.0648 3760 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    2011/04/10 23:58:57.0674 3760 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    2011/04/10 23:58:57.0700 3760 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    2011/04/10 23:58:57.0770 3760 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
    2011/04/10 23:58:57.0820 3760 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
    2011/04/10 23:58:57.0857 3760 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
    2011/04/10 23:58:57.0879 3760 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    2011/04/10 23:58:57.0899 3760 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    2011/04/10 23:58:57.0948 3760 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    2011/04/10 23:58:57.0999 3760 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    2011/04/10 23:58:58.0080 3760 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2011/04/10 23:58:58.0125 3760 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    2011/04/10 23:58:58.0178 3760 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    2011/04/10 23:58:58.0214 3760 tvicport (97dd70feca64fb4f63de7bb7e66a80b1) C:\Windows\system32\drivers\tvicport.sys
    2011/04/10 23:58:58.0242 3760 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    2011/04/10 23:58:58.0292 3760 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    2011/04/10 23:58:58.0336 3760 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    2011/04/10 23:58:58.0366 3760 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    2011/04/10 23:58:58.0393 3760 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    2011/04/10 23:58:58.0421 3760 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    2011/04/10 23:58:58.0456 3760 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    2011/04/10 23:58:58.0527 3760 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
    2011/04/10 23:58:58.0572 3760 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    2011/04/10 23:58:58.0604 3760 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    2011/04/10 23:58:58.0660 3760 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    2011/04/10 23:58:58.0710 3760 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    2011/04/10 23:58:58.0743 3760 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
    2011/04/10 23:58:58.0767 3760 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
    2011/04/10 23:58:58.0820 3760 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2011/04/10 23:58:58.0850 3760 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    2011/04/10 23:58:58.0901 3760 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    2011/04/10 23:58:58.0924 3760 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    2011/04/10 23:58:58.0968 3760 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    2011/04/10 23:58:58.0993 3760 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    2011/04/10 23:58:59.0025 3760 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    2011/04/10 23:58:59.0053 3760 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    2011/04/10 23:58:59.0104 3760 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    2011/04/10 23:58:59.0152 3760 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    2011/04/10 23:58:59.0189 3760 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    2011/04/10 23:58:59.0274 3760 VX1000 (4cf855921c686fa5c91e80f3eab32884) C:\Windows\system32\DRIVERS\VX1000.sys
    2011/04/10 23:58:59.0341 3760 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    2011/04/10 23:58:59.0388 3760 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/04/10 23:58:59.0403 3760 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/04/10 23:58:59.0460 3760 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    2011/04/10 23:58:59.0501 3760 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    2011/04/10 23:58:59.0718 3760 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    2011/04/10 23:58:59.0798 3760 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    2011/04/10 23:58:59.0839 3760 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    2011/04/10 23:58:59.0977 3760 WSVD (084e0d335481c3c5172b2ae0ba5bb455) C:\Windows\system32\drivers\WSVD.sys
    2011/04/10 23:59:00.0051 3760 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2011/04/10 23:59:00.0628 3760 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
    2011/04/10 23:59:00.0734 3760 zgwhsdiag (f2c38cd7b6696566da0c3485a41b43dc) C:\Windows\system32\DRIVERS\zgwhsdiag.sys
    2011/04/10 23:59:00.0771 3760 zgwhsmdm (f2c38cd7b6696566da0c3485a41b43dc) C:\Windows\system32\DRIVERS\zgwhsmdm.sys
    2011/04/10 23:59:00.0792 3760 zgwhsnmea (f2c38cd7b6696566da0c3485a41b43dc) C:\Windows\system32\DRIVERS\zgwhsnmea.sys
    2011/04/10 23:59:00.0826 3760 zntport (40ac8590cc9006dbb99ffcb37879d4c6) C:\Windows\system32\drivers\zntport.sys
    2011/04/10 23:59:00.0870 3760 ZSMC0305 (c53cb6b30e8d7fe6d950707508aacfb9) C:\Windows\system32\Drivers\usbVM305.sys
    2011/04/10 23:59:00.0987 3760 ================================================================================
    2011/04/10 23:59:00.0987 3760 Scan finished
    2011/04/10 23:59:00.0987 3760 ================================================================================
    2011/04/10 23:59:01.0004 2724 Detected object count: 2
    2011/04/11 00:01:26.0790 2724 pciide (53da392e84a09cad3ff89a2ef9259ef8) C:\Windows\system32\drivers\pciide.sys
    2011/04/11 00:01:26.0790 2724 Suspicious file (Forged): C:\Windows\system32\drivers\pciide.sys. Real md5: 53da392e84a09cad3ff89a2ef9259ef8, Fake md5: 1636d43f10416aeb483bc6001097b26c
    2011/04/11 00:01:26.0945 2724 Backup copy found, using it..
    2011/04/11 00:01:26.0952 2724 C:\Windows\system32\drivers\pciide.sys - will be cured after reboot
    2011/04/11 00:01:26.0952 2724 Rootkit.Win32.TDSS.tdl3(pciide) - User select action: Cure
    2011/04/11 00:01:26.0952 2724 Locked file(sptd) - User select action: Skip
    2011/04/11 00:01:47.0804 3976 Deinitialize success
    a c 295 8 Sécurité
    11 Avril 2011 00:09:52

    Normalement, c'est bon à présent. Pour finir :


    1/

  • Télécharge DelFix sur ton Bureau.
  • Clique droit sur DelFix et choisis Exécuter en tant qu'administrateur.
  • Clique sur le bouton Suppression.
  • Poste le rapport (C:\DelFixSuppr.txt).
  • Supprime DelFix.


    2/

  • Télécharge et installe CCleaner.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
  • Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Désinstalle Java 6 Update 18 qui est une ancienne version de Java.

    Voici un dossier sur la prévention et sécurité sur Internet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    ;) 
    11 Avril 2011 00:14:11

    Je vous remercie de votre aide. Oui en effet le probleme est résolu.

    C'est vraiment tres gentil de prendre de votre temps pour nous aider. Très bonne soirée a vous.

    Et merci encore.
    11 Avril 2011 00:17:43

    # DelFix v7.6 - Rapport créé le 11/04/2011 à 00:17
    # Mis à jour le 31/03/11 à 16h par Xplode
    # Système d'exploitation : Windows Vista (TM) Home Basic (32 bits) [version 6.0.6002] Service Pack 2
    # Nom d'utilisateur : les supers cools - PCLOULOU-MAMAN (Administrateur)
    # Exécuté depuis : C:\Users\les supers cools\Desktop\DelFix.exe
    # Option [Suppression]


    ~~~~~~ Dossier(s) ~~~~~~

    Supprimé : C:\_OTL

    ~~~~~~ Fichier(s) ~~~~~~

    Supprimé : C:\cleannavi.txt
    Supprimé : C:\TDSSKiller.2.4.21.0_10.04.2011_23.58.15_log.txt

    ~~~~~~ Registre ~~~~~~

    Clé Supprimée : HKLM\Software\OldTimer Tools

    ~~~~~~ Autre ~~~~~~

    -> Prefetch vidé

    ########## EOF - "C:\DelFixSuppr.txt" - [764 octets] ##########
    11 Avril 2011 00:22:11

    Excusez moi encore 2 petites questions. Je vais prendre avast free, ais-je quelques chose de special a faire comme réglage ? et dois-je stopper windows defender ? merci
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS