Votre question

[Résolu]Pubs qui s'ouvrent toutes seules

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
11 Janvier 2011 16:51:11

Bonjour a tous ,
Depuis une semaine a peu près il y a des pubs (applications de téléphones,pornographique,voyages ...) qui s'ouvrent toutes les heures sur mon ordinateur.J'ai essayé Spybot et Malwarebytes mais en vain les pubs sont toujours là.
Est ce que vous sauriez comment faire pour les enlever ?
Merci d'avance et a+

Autres pages sur : resolu pubs ouvrent seules

11 Janvier 2011 21:01:09

Voici mon hijackthis :





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:59:00, on 11/01/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Users\Arnau\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT284985...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BittorrentBar_FR Toolbar - {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: BittorrentBar_FR Toolbar - {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O3 - Toolbar: BittorrentBar_FR Toolbar - {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll
11 Janvier 2011 22:52:09

Bonsoir
ce rapport n'est pas complet

commence par lire: Les toolbars c'est pas obligatoire!

puis:

Télécharge OTL(de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
  • (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).
  • Héberge les rapports, puis donne leurs liens.
    Contenus similaires
    12 Janvier 2011 15:10:32

    Comment je peux enlever les toolbars ?

    Voila le rapport OTL.txt :



    OTL logfile created on: 12/01/2011 15:01:14 - Run 1
    OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Arnau\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 63,00% Memory free
    8,00 Gb Paging File | 7,00 Gb Available in Paging File | 82,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 584,35 Gb Total Space | 378,00 Gb Free Space | 64,69% Space Free | Partition Type: NTFS

    Computer Name: ARNAU-PC | User Name: Arnau | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Arnau\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
    PRC - C:\Users\Arnau\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
    PRC - C:\Windows\PLFSetI.exe ()
    PRC - C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe (Suyin)
    PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
    PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    PRC - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
    PRC - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated)
    PRC - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
    PRC - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
    PRC - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.)
    PRC - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer)
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
    PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    PRC - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)


    ========== Modules (SafeList) ==========

    MOD - C:\Users\Arnau\Downloads\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - (ePowerSvc) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV:64bit: - (Updater Service) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer)
    SRV - (sdmBackupIP) -- C:\Windows\BackupIP\service.exe ()
    SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
    SRV - (Partner Service) -- C:\ProgramData\Partner\Partner.exe (Google Inc.)
    SRV - (Norton Internet Security) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe (Symantec Corporation)
    SRV - (OberonGameConsoleService) -- C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe ()
    SRV - (Greg_Service) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe (Acer Incorporated)
    SRV - (Nero BackItUp Scheduler 4.0) -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
    SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (NewTech Infosystems, Inc.)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
    SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    SRV - (AdobeActiveFileMonitor7.0) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (USBCCID) -- C:\Windows\SysNative\DRIVERS\RtsUCcid.sys File not found
    DRV:64bit: - (RtsUIR) -- C:\Windows\SysNative\DRIVERS\Rts516xIR.sys File not found
    DRV:64bit: - (ccHP) -- C:\Windows\SysNative\drivers\NISx64\1008000.029\cchpx64.sys (Symantec Corporation)
    DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
    DRV:64bit: - (BHDrvx64) -- C:\Windows\SysNative\drivers\NISx64\1008000.029\BHDrvx64.sys (Symantec Corporation)
    DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1008000.029\srtsp64.sys (Symantec Corporation)
    DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1008000.029\SymEFA64.sys (Symantec Corporation)
    DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\drivers\NISx64\1008000.029\symtdi.sys (Symantec Corporation)
    DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\drivers\NISx64\1008000.029\symfw.sys (Symantec Corporation)
    DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\drivers\NISx64\1008000.029\symndisv.sys (Symantec Corporation)
    DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NISx64\1008000.029\srtspx64.sys (Symantec Corporation)
    DRV:64bit: - (SymIM) -- C:\Windows\SysNative\drivers\SymIMV.sys (Symantec Corporation)
    DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
    DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
    DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
    DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
    DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
    DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
    DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
    DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
    DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
    DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
    DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
    DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
    DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
    DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
    DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
    DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110111.037\EX64.SYS (Symantec Corporation)
    DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
    DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
    DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110111.037\ENG64.SYS (Symantec Corporation)
    DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20110111.001\IDSviA64.sys (Symantec Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...
    IE - HKLM\..\URLSearchHook: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&...
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT284985...
    IE - HKCU\..\URLSearchHook: {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll (Conduit Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultthis.engineName: "Conduit Engine Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=ConduitE...{searchTerms}"
    FF - prefs.js..browser.startup.homepage: "http://www.google.fr/"

    FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/12/26 16:51:36 | 000,000,000 | ---D | M]

    [2010/12/25 11:40:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arnau\AppData\Roaming\mozilla\Extensions
    [2010/12/25 20:03:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arnau\AppData\Roaming\mozilla\Firefox\Profiles\ust8mrlq.default\extensions
    [2010/12/25 14:01:59 | 000,000,913 | ---- | M] () -- C:\Users\Arnau\AppData\Roaming\Mozilla\Firefox\Profiles\ust8mrlq.default\searchplugins\conduit.xml

    O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
    O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
    O2 - BHO: (BittorrentBar_FR Toolbar) - {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll (Conduit Ltd.)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (BittorrentBar_FR Toolbar) - {ef79f67a-6ad7-4715-a0f8-932fca442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (BittorrentBar_FR Toolbar) - {EF79F67A-6AD7-4715-A0F8-932FCA442023} - C:\Program Files (x86)\BittorrentBar_FR\tbBitt.dll (Conduit Ltd.)
    O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
    O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
    O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
    O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
    O4 - HKLM..\Run: [installer] C:\Program Files (x86)\Installer\lnetworker.exe ()
    O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
    O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
    O4 - HKLM..\Run: [PDVD8LanguageShortcut] c:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [RemoteControl8] c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [VideoWebCamera] C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe (Suyin)
    O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/01/12 14:31:40 | 000,000,000 | R--D | C] -- C:\Users\Arnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
    [2011/01/11 20:52:12 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\Diagnostics
    [2011/01/09 20:59:49 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    [2011/01/07 22:18:14 | 000,000,000 | ---D | C] -- C:\Windows\fr
    [2011/01/07 22:18:08 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Malwarebytes
    [2011/01/07 22:17:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2011/01/07 22:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2011/01/07 22:17:52 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    [2011/01/07 22:17:51 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2011/01/07 22:17:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/01/07 22:15:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
    [2011/01/07 22:15:00 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
    [2011/01/07 22:15:00 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
    [2011/01/07 22:14:58 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
    [2011/01/07 22:14:58 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
    [2011/01/07 22:13:32 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\Windows Live
    [2011/01/05 18:01:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
    [2011/01/05 18:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
    [2011/01/05 18:01:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
    [2011/01/04 09:09:19 | 000,000,000 | ---D | C] -- C:\Navilog1
    [2011/01/03 12:25:30 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
    [2011/01/03 12:25:29 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
    [2011/01/03 12:25:29 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
    [2011/01/03 12:25:29 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
    [2011/01/03 12:25:29 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
    [2011/01/03 12:25:28 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
    [2011/01/03 12:25:26 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
    [2011/01/01 22:09:37 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\WinRAR
    [2011/01/01 16:28:17 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\dvdcss
    [2010/12/30 15:36:25 | 000,000,000 | ---D | C] -- C:\3902f4ff8ddd1e62c76d
    [2010/12/28 11:57:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
    [2010/12/27 11:41:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
    [2010/12/27 11:41:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
    [2010/12/27 11:02:18 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
    [2010/12/27 11:02:18 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
    [2010/12/27 11:02:18 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
    [2010/12/27 11:02:18 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
    [2010/12/27 11:02:18 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
    [2010/12/27 11:02:18 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
    [2010/12/27 11:02:18 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
    [2010/12/27 11:02:18 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
    [2010/12/27 11:01:55 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
    [2010/12/27 10:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    [2010/12/26 18:39:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
    [2010/12/26 18:37:04 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\Microsoft Help
    [2010/12/26 16:05:20 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
    [2010/12/26 16:05:18 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2010/12/26 16:05:18 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
    [2010/12/26 16:05:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
    [2010/12/26 16:05:15 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
    [2010/12/26 16:05:13 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
    [2010/12/26 16:05:13 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
    [2010/12/26 16:05:13 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
    [2010/12/26 16:05:13 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
    [2010/12/26 16:05:13 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
    [2010/12/26 16:05:13 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
    [2010/12/26 16:05:13 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
    [2010/12/26 16:05:13 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
    [2010/12/26 16:05:12 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
    [2010/12/26 16:05:11 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
    [2010/12/26 16:05:11 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
    [2010/12/26 16:05:11 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
    [2010/12/26 16:05:10 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
    [2010/12/26 16:05:10 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
    [2010/12/26 16:05:10 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
    [2010/12/26 16:05:10 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
    [2010/12/26 16:05:10 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
    [2010/12/26 16:05:10 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
    [2010/12/26 16:05:10 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
    [2010/12/26 16:05:10 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
    [2010/12/26 16:05:10 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
    [2010/12/26 16:05:09 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
    [2010/12/26 16:05:09 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
    [2010/12/26 16:05:09 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
    [2010/12/26 16:05:09 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
    [2010/12/26 16:05:09 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
    [2010/12/26 16:05:09 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
    [2010/12/26 16:05:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
    [2010/12/26 16:05:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
    [2010/12/26 16:04:55 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
    [2010/12/26 16:04:55 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
    [2010/12/26 16:04:54 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
    [2010/12/26 16:04:54 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
    [2010/12/26 16:04:54 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
    [2010/12/26 16:04:54 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
    [2010/12/26 16:04:54 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
    [2010/12/26 16:04:54 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
    [2010/12/26 16:04:54 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
    [2010/12/26 16:04:52 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
    [2010/12/26 16:04:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
    [2010/12/26 16:04:45 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2010/12/26 16:04:45 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
    [2010/12/26 16:04:45 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
    [2010/12/26 16:04:43 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
    [2010/12/26 16:04:42 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
    [2010/12/26 16:04:40 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
    [2010/12/26 16:04:40 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
    [2010/12/26 16:04:40 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
    [2010/12/26 16:04:39 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
    [2010/12/26 16:04:37 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2010/12/26 16:04:37 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2010/12/26 16:04:37 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2010/12/26 16:04:37 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2010/12/26 16:04:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [2010/12/26 16:04:36 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
    [2010/12/26 16:04:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
    [2010/12/26 16:04:28 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
    [2010/12/26 16:04:28 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
    [2010/12/26 16:04:28 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
    [2010/12/26 16:04:27 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
    [2010/12/26 16:04:16 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
    [2010/12/26 16:04:16 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
    [2010/12/26 16:04:15 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
    [2010/12/26 16:04:15 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
    [2010/12/26 16:04:15 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
    [2010/12/26 16:04:15 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
    [2010/12/26 16:03:56 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2010/12/26 16:03:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2010/12/26 16:03:56 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
    [2010/12/26 16:03:53 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
    [2010/12/26 16:03:47 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
    [2010/12/26 16:03:46 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
    [2010/12/26 16:03:45 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
    [2010/12/26 16:03:44 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
    [2010/12/26 16:03:43 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
    [2010/12/26 16:03:43 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
    [2010/12/26 16:03:42 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
    [2010/12/26 16:03:41 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
    [2010/12/26 16:03:30 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2010/12/26 16:03:30 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
    [2010/12/26 16:03:29 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
    [2010/12/26 16:03:29 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2010/12/26 16:03:29 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
    [2010/12/26 16:03:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2010/12/26 16:03:29 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2010/12/26 16:03:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2010/12/26 16:03:29 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
    [2010/12/26 16:03:29 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
    [2010/12/26 16:03:28 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
    [2010/12/26 16:03:28 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
    [2010/12/26 16:03:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
    [2010/12/26 16:03:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
    [2010/12/25 23:08:01 | 000,000,000 | ---D | C] -- C:\Users\Arnau\Desktop\Musiques
    [2010/12/25 21:03:54 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\vlc
    [2010/12/25 20:57:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    [2010/12/25 20:57:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
    [2010/12/25 20:45:17 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    [2010/12/25 20:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    [2010/12/25 20:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
    [2010/12/25 20:39:00 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\networker
    [2010/12/25 20:38:17 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\assembly
    [2010/12/25 20:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\Installer
    [2010/12/25 20:35:44 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\installer
    [2010/12/25 20:35:40 | 000,000,000 | ---D | C] -- C:\Windows\BackupIP
    [2010/12/25 20:35:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Installer
    [2010/12/25 20:35:35 | 000,197,632 | ---- | C] (Dino Chiesa) -- C:\Windows\SysWow64\Ionic.Zip.Reduced.dll
    [2010/12/25 15:57:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
    [2010/12/25 15:41:24 | 000,000,000 | ---D | C] -- C:\Users\Arnau\Documents\TmForever
    [2010/12/25 15:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TmForever
    [2010/12/25 15:41:06 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
    [2010/12/25 15:41:06 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
    [2010/12/25 15:41:06 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
    [2010/12/25 15:41:06 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
    [2010/12/25 15:41:05 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
    [2010/12/25 15:41:05 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
    [2010/12/25 15:40:57 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
    [2010/12/25 15:40:57 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
    [2010/12/25 15:40:55 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
    [2010/12/25 15:40:55 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
    [2010/12/25 15:40:55 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
    [2010/12/25 15:40:55 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
    [2010/12/25 15:40:54 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
    [2010/12/25 15:40:54 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
    [2010/12/25 15:40:54 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
    [2010/12/25 15:40:54 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
    [2010/12/25 15:40:53 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
    [2010/12/25 15:40:53 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
    [2010/12/25 15:40:52 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
    [2010/12/25 15:40:52 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
    [2010/12/25 15:40:52 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
    [2010/12/25 15:40:52 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
    [2010/12/25 15:40:50 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
    [2010/12/25 15:40:50 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
    [2010/12/25 15:40:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever
    [2010/12/25 15:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TmNationsForever
    [2010/12/25 14:29:35 | 000,000,000 | ---D | C] -- C:\Users\Arnau\Desktop\Jeux-vidéo
    [2010/12/25 14:20:55 | 000,000,000 | ---D | C] -- C:\Users\Arnau\Desktop\Images
    [2010/12/25 14:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
    [2010/12/25 14:02:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine
    [2010/12/25 14:02:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BittorrentBar_FR
    [2010/12/25 14:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
    [2010/12/25 14:01:02 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\BitTorrent
    [2010/12/25 13:52:41 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Macromedia
    [2010/12/25 13:35:40 | 000,000,000 | ---D | C] -- C:\Users\Arnau\Desktop\Travail
    [2010/12/25 13:35:18 | 000,000,000 | ---D | C] -- C:\Users\Arnau\Desktop\Séries
    [2010/12/25 13:34:57 | 000,000,000 | ---D | C] -- C:\Users\Arnau\Desktop\Films
    [2010/12/25 12:53:57 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Packard Bell
    [2010/12/25 12:53:56 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\Packard Bell
    [2010/12/25 12:53:16 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Nero
    [2010/12/25 12:45:12 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\GameConsole
    [2010/12/25 12:45:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\AppData\Roaming\.#
    [2010/12/25 12:34:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Desktop\Logiciels
    [2010/12/25 11:44:48 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\Adobe
    [2010/12/25 11:42:24 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
    [2010/12/25 11:40:01 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Mozilla
    [2010/12/25 11:40:01 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\Mozilla
    [2010/12/25 11:39:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2010/12/25 11:35:00 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Adobe
    [2010/12/25 11:34:57 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Google
    [2010/12/25 11:34:56 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\Google
    [2010/12/25 10:40:22 | 000,031,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys
    [2010/12/25 10:40:21 | 000,172,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2010/12/25 10:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
    [2010/12/25 10:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
    [2010/12/25 10:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
    [2010/12/25 10:33:34 | 000,000,000 | ---D | C] -- C:\Program Files\PB Accessory Store
    [2010/12/25 10:31:20 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
    [2010/12/25 10:31:20 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
    [2010/12/25 10:31:19 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
    [2010/12/25 10:31:19 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
    [2010/12/25 10:27:30 | 000,000,000 | R--D | C] -- C:\Users\Arnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    [2010/12/25 10:27:30 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Searches
    [2010/12/25 10:27:30 | 000,000,000 | R--D | C] -- C:\Users\Arnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    [2010/12/25 10:27:30 | 000,000,000 | -H-D | C] -- C:\Users\Arnau\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
    [2010/12/25 10:27:22 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Identities
    [2010/12/25 10:27:19 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Contacts
    [2010/12/25 10:27:17 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\VirtualStore
    [2010/12/25 10:27:04 | 000,000,000 | --SD | C] -- C:\Users\Arnau\AppData\Roaming\Microsoft
    [2010/12/25 10:27:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Videos
    [2010/12/25 10:27:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Saved Games
    [2010/12/25 10:27:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Pictures
    [2010/12/25 10:27:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Music
    [2010/12/25 10:27:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    [2010/12/25 10:27:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Links
    [2010/12/25 10:27:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Favorites
    [2010/12/25 10:27:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Downloads
    [2010/12/25 10:27:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Documents
    [2010/12/25 10:27:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\Desktop
    [2010/12/25 10:27:04 | 000,000,000 | R--D | C] -- C:\Users\Arnau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Voisinage réseau
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Voisinage d'impression
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\AppData\Local\Temporary Internet Files
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\SendTo
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Recent
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Modèles
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Documents\Mes vidéos
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Documents\Mes images
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Mes documents
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Menu Démarrer
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Documents\Ma musique
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Local Settings
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\AppData\Local\Historique
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Cookies
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\Application Data
    [2010/12/25 10:27:04 | 000,000,000 | -HSD | C] -- C:\Users\Arnau\AppData\Local\Application Data
    [2010/12/25 10:27:04 | 000,000,000 | -H-D | C] -- C:\Users\Arnau\AppData
    [2010/12/25 10:27:04 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\Temp
    [2010/12/25 10:27:04 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Local\Microsoft
    [2010/12/25 10:27:04 | 000,000,000 | ---D | C] -- C:\Users\Arnau\AppData\Roaming\Media Center Programs
    [2010/12/25 10:26:53 | 000,000,000 | -HSD | C] -- C:\Recovery
    [2010/12/25 10:26:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
    [2010/12/25 10:26:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
    [2010/12/25 10:26:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
    [2010/12/25 10:26:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
    [2010/12/25 10:26:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
    [2010/12/25 10:26:52 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
    [2010/12/25 10:26:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris
    [2010/12/25 10:26:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau

    ========== Files - Modified Within 30 Days ==========

    [2011/01/12 15:03:10 | 001,310,720 | -HS- | M] () -- C:\Users\Arnau\NTUSER.DAT
    [2011/01/12 15:03:01 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2632245353-4178573490-767375900-1001UA.job
    [2011/01/12 14:50:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/01/12 14:41:14 | 001,206,106 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008000.029\Cat.DB
    [2011/01/12 14:38:41 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/01/12 14:38:41 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/01/12 14:30:50 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/01/12 14:30:32 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2011/01/12 14:30:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/01/12 14:30:22 | 3217,235,968 | -HS- | M] () -- C:\hiberfil.sys
    [2011/01/11 22:03:29 | 001,835,253 | -H-- | M] () -- C:\Users\Arnau\AppData\Local\IconCache.db
    [2011/01/11 21:09:33 | 000,001,024 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2632245353-4178573490-767375900-1001Core.job
    [2011/01/09 20:59:53 | 000,002,324 | ---- | M] () -- C:\Users\Arnau\Desktop\Google Chrome.lnk
    [2011/01/09 16:48:06 | 000,000,036 | ---- | M] () -- C:\Users\Arnau\AppData\Local\housecall.guid.cache
    [2011/01/05 18:01:24 | 000,001,294 | ---- | M] () -- C:\Users\Arnau\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
    [2011/01/03 13:05:24 | 001,572,330 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2011/01/03 13:05:24 | 000,703,748 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
    [2011/01/03 13:05:24 | 000,615,474 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2011/01/03 13:05:24 | 000,131,844 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
    [2011/01/03 13:05:24 | 000,107,456 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2010/12/29 16:11:39 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
    [2010/12/27 12:33:42 | 000,000,000 | ---- | M] () -- C:\Users\Arnau\AppData\Roaming\wklnhst.dat
    [2010/12/27 11:43:02 | 000,434,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2010/12/26 22:11:47 | 000,113,232 | ---- | M] () -- C:\Users\Arnau\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010/12/25 17:22:57 | 000,053,560 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
    [2010/12/25 17:22:57 | 000,053,560 | ---- | M] () -- C:\Windows\SysNative\license.rtf
    [2010/12/25 14:01:42 | 000,000,999 | ---- | M] () -- C:\Users\Arnau\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
    [2010/12/25 14:01:42 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
    [2010/12/25 13:17:08 | 000,583,296 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1008000.029\cchpx64.sys
    [2010/12/25 13:17:07 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1008000.029\isolate.ini
    [2010/12/25 11:40:06 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
    [2010/12/25 11:34:52 | 000,001,465 | ---- | M] () -- C:\Users\Arnau\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2010/12/25 10:41:26 | 000,524,288 | -HS- | M] () -- C:\Users\Arnau\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
    [2010/12/25 10:41:26 | 000,524,288 | -HS- | M] () -- C:\Users\Arnau\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
    [2010/12/25 10:41:26 | 000,065,536 | -HS- | M] () -- C:\Users\Arnau\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
    [2010/12/25 10:40:17 | 000,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2010/12/25 10:40:17 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2010/12/25 10:40:17 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2010/12/25 10:34:18 | 000,000,201 | ---- | M] () -- C:\Windows\USER.XML
    [2010/12/25 10:27:08 | 000,000,217 | RHS- | M] () -- C:\Preload.rev
    [2010/12/25 10:27:08 | 000,000,168 | ---- | M] () -- C:\Windows\WisLangCode.ini
    [2010/12/25 10:27:04 | 000,000,020 | -HS- | M] () -- C:\Users\Arnau\ntuser.ini
    [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2010/12/20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2010/12/16 17:03:08 | 000,011,264 | ---- | M] () -- C:\Windows\SysWow64\Utils.dll

    ========== Files Created - No Company Name ==========

    [2011/01/09 20:59:53 | 000,002,324 | ---- | C] () -- C:\Users\Arnau\Desktop\Google Chrome.lnk
    [2011/01/09 20:58:48 | 000,001,076 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2632245353-4178573490-767375900-1001UA.job
    [2011/01/09 20:58:48 | 000,001,024 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2632245353-4178573490-767375900-1001Core.job
    [2011/01/09 16:48:06 | 000,000,036 | ---- | C] () -- C:\Users\Arnau\AppData\Local\housecall.guid.cache
    [2011/01/05 18:01:24 | 000,001,294 | ---- | C] () -- C:\Users\Arnau\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
    [2010/12/27 12:33:42 | 000,000,000 | ---- | C] () -- C:\Users\Arnau\AppData\Roaming\wklnhst.dat
    [2010/12/25 20:35:35 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\Utils.dll
    [2010/12/25 14:01:42 | 000,000,999 | ---- | C] () -- C:\Users\Arnau\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
    [2010/12/25 14:01:42 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
    [2010/12/25 11:40:23 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/12/25 11:40:22 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/12/25 11:40:06 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
    [2010/12/25 11:34:51 | 000,001,465 | ---- | C] () -- C:\Users\Arnau\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2010/12/25 10:41:21 | 001,835,253 | -H-- | C] () -- C:\Users\Arnau\AppData\Local\IconCache.db
    [2010/12/25 10:40:21 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2010/12/25 10:40:21 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2010/12/25 10:27:22 | 000,113,232 | ---- | C] () -- C:\Users\Arnau\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010/12/25 10:27:04 | 001,310,720 | -HS- | C] () -- C:\Users\Arnau\NTUSER.DAT
    [2010/12/25 10:27:04 | 000,524,288 | -HS- | C] () -- C:\Users\Arnau\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
    [2010/12/25 10:27:04 | 000,524,288 | -HS- | C] () -- C:\Users\Arnau\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
    [2010/12/25 10:27:04 | 000,262,144 | -HS- | C] () -- C:\Users\Arnau\ntuser.dat.LOG1
    [2010/12/25 10:27:04 | 000,065,536 | -HS- | C] () -- C:\Users\Arnau\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
    [2010/12/25 10:27:04 | 000,000,290 | ---- | C] () -- C:\Users\Arnau\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
    [2010/12/25 10:27:04 | 000,000,272 | ---- | C] () -- C:\Users\Arnau\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
    [2010/12/25 10:27:04 | 000,000,020 | -HS- | C] () -- C:\Users\Arnau\ntuser.ini
    [2010/12/25 10:27:04 | 000,000,000 | -HS- | C] () -- C:\Users\Arnau\ntuser.dat.LOG2
    [2010/02/27 11:10:24 | 000,001,694 | ---- | C] () -- C:\Windows\WPatchProgress.ini
    [2010/02/27 03:05:22 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
    [2010/02/27 02:45:54 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
    [2009/11/02 21:43:23 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
    [2009/11/02 21:43:00 | 000,776,614 | ---- | C] () -- C:\Program Files (x86)\Common Files\packardbell.ico
    [2009/10/30 06:54:34 | 000,000,189 | ---- | C] () -- C:\Windows\Prelaunch.ini
    [2009/10/30 06:54:34 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
    [2009/10/30 06:54:34 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
    [2009/07/14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
    [2009/07/14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
    [2009/07/14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
    [2009/07/14 03:34:57 | 000,000,478 | ---- | C] () -- C:\Windows\win.ini
    [2009/07/14 03:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
    [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
    [2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
    [2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

    ========== LOP Check ==========

    [2010/12/25 12:45:23 | 000,000,000 | -HSD | M] -- C:\Users\Arnau\AppData\Roaming\.#
    [2011/01/12 15:06:00 | 000,000,000 | ---D | M] -- C:\Users\Arnau\AppData\Roaming\BitTorrent
    [2010/12/25 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\Arnau\AppData\Roaming\GameConsole
    [2010/12/25 12:53:57 | 000,000,000 | ---D | M] -- C:\Users\Arnau\AppData\Roaming\Packard Bell
    [2009/07/14 06:08:49 | 000,010,008 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:5D7E5A8F
    @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:93DE1838

    < End of report >






    Et le Extras.txt :



    OTL Extras logfile created on: 12/01/2011 15:01:14 - Run 1
    OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Arnau\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 63,00% Memory free
    8,00 Gb Paging File | 7,00 Gb Available in Paging File | 82,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 584,35 Gb Total Space | 378,00 Gb Free Space | 64,69% Space Free | Partition Type: NTFS

    Computer Name: ARNAU-PC | User Name: Arnau | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- C:\Users\Arnau\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %* File not found
    cmdfile [open] -- "%1" %* File not found
    comfile [open] -- "%1" %* File not found
    exefile [open] -- "%1" %* File not found
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %* File not found
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1" File not found
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S File not found
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    =====
    12 Janvier 2011 18:55:32

    re

    1

    Ouvre Spybot , clique sur l'onglet Mode et choisis Mode Avancé
    Ne tiens pas compte de l'avertissement
    En bas à gauche , clique sur Outils
    Toujours dans la colonne de gauche , clique sur Résident ( pas dans la fenêtre centrale )
    Et décoche l'option Resident "TeaTimer".......

    2
  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Scanner.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\
    12 Janvier 2011 19:43:05

    Merci pour ton aide,
    J'ai des questions,
    Quand tu dis déconnecte toi tu dis de me déconnecter d'internet ?
    Comment je fait pour désactiver mon antivirus ?
    A quoi sa sert la manip sur spybot ?
    A+
    12 Janvier 2011 19:44:06

    J'ai une autre question ^^
    Je dois fermer aussi spybot quand tu me dit de tout fermer ?
    12 Janvier 2011 21:35:05

    Bonsoir,

    Citation :
    Quand tu dis déconnecte toi tu dis de me déconnecter d'internet ?

    oui
    Citation :
    Comment je fait pour désactiver mon antivirus ?

    tu cliques droit sur l'icône de ton antivirus en bas à droite de ton écran et tu fais: "désactiver".
    Citation :
    A quoi sa sert la manip sur spybot ?

    Le teatimer de spybot empêche les modifications de registre. Sachant que ton registre est infecté, il va falloir faire des modifs dessus, donc on désactive spybot. (logiciel qui est plus qu'obsolète au passage..)

    Citation :
    Je dois fermer aussi spybot quand tu me dit de tout fermer ?

    si tu as désactivé le teatimer, ce n'est pas nécessaire. :) 


    13 Janvier 2011 17:59:46

    Quand je clique droit sur mon antivirus il me propose de:
    Désactiver le pare feu intelligent
    Désactiver Antivirus Auto-Protect

    je désactive lequel ?
    13 Janvier 2011 20:52:56

    Bonsoir !

    les deux :D 
    13 Janvier 2011 21:06:36

    Voici le rapport :




    ======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/01/11 à 19:00
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 21:04:04 le 13/01/2011, Mode normal

    Microsoft Windows 7 Édition Familiale Premium (X64)
    Arnau@ARNAU-PC (Packard Bell EasyNote TJ65)

    ============== RECHERCHE ==============

    Service: "sdmBackupIP" Présent

    Dossier trouvé: C:\Program Files (x86)\Installer
    Fichier trouvé: C:\Windows\SysWOW64\Utils.dll
    Dossier trouvé: C:\Windows\BackupIP
    Fichier trouvé: C:\Users\Arnau\AppData\Roaming\Mozilla\FireFox\Profiles\ust8mrlq.default\searchplugins\conduit.xml
    Dossier trouvé: C:\Users\Arnau\AppData\LocalLow\Conduit
    Dossier trouvé: C:\Program Files (x86)\Conduit
    Dossier trouvé: C:\Users\Arnau\AppData\LocalLow\ConduitEngine
    Dossier trouvé: C:\Program Files (x86)\ConduitEngine
    Dossier trouvé: C:\Users\Arnau\AppData\Local\networker

    -- Fichier ouvert: C:\Users\Arnau\AppData\Roaming\Mozilla\FireFox\Profiles\ust8mrlq.default\Prefs.js --
    Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine...
    -- Fichier Fermé --


    Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Classes\CLSID\{FCB132B2-977D-4587-815A-461AAB8A9876}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCB132B2-977D-4587-815A-461AAB8A9876}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCB132B2-977D-4587-815A-461AAB8A9876}
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT2849852
    Clé trouvée: HKLM\Software\Install Pedia Limited
    Clé trouvée: HKLM\Software\Conduit
    Clé trouvée: HKLM\Software\conduitEngine
    Clé trouvée: HKCU\Software\AppDataLow\Toolbar
    Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
    Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine
    Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DDBA506-B304-4478-AE29-2A519D411CFD}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

    Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|installer
    Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}


    ============== SCAN ADDITIONNEL ==============

    ** Mozilla Firefox Version [3.6.13 (fr)] **

    -- C:\Users\Arnau\AppData\Roaming\Mozilla\FireFox\Profiles\ust8mrlq.default\Prefs.js --
    browser.download.lastDir, C:\\Users\\Arnau\\Desktop\\Images
    browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms}
    browser.startup.homepage, hxxp://www.google.fr/
    browser.startup.homepage_override.mstone, rv:1.9.2.13

    ========================================

    ** Internet Explorer Version [8.0.7600.16385] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=easynote_tj65&r=27361210j4b6l04c0z1i5f44i1u307
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\Windows\system32\blank.htm
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Show_ToolBar: yes
    Start Page: hxxp://search.conduit.com?SearchSource=10&ctid=CT2849852
    Use Search Asst: no

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    AutoHide: yes
    Default_Page_URL: hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=easynote_tj65&r=27361210j4b6l04c0z1i5f44i1u307
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Delete_Temp_Files_On_Exit: yes
    Enable Browser Extensions: yes
    Local Page: C:\Windows\SysWOW64\blank.htm
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=easynote_tj65&r=27361210j4b6l04c0z1i5f44i1u307
    Use Search Asst: no

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 13/01/2011 (4854 Octet(s))

    Fin à: 21:04:50, 13/01/2011

    ============== E.O.F ==============












    a+
    13 Janvier 2011 21:23:49

    re


    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Nettoyer.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\
    14 Janvier 2011 16:29:41

    Voila :

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/01/11 à 19:00
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 16:26:33 le 14/01/2011, Mode normal

    Microsoft Windows 7 Édition Familiale Premium (X64)
    Arnau@ARNAU-PC (Packard Bell EasyNote TJ65)

    ============== ACTION(S) ==============



    (!) -- Fichiers temporaires supprimés.




    ============== SCAN ADDITIONNEL ==============

    ** Mozilla Firefox Version [3.6.13 (fr)] **

    -- C:\Users\Arnau\AppData\Roaming\Mozilla\FireFox\Profiles\ust8mrlq.default\Prefs.js --
    browser.download.lastDir, C:\\Users\\Arnau\\Desktop\\Images
    browser.startup.homepage, hxxp://www.google.fr/
    browser.startup.homepage_override.mstone, rv:1.9.2.13

    ========================================

    ** Internet Explorer Version [8.0.7600.16385] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\Windows\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    AutoHide: yes
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Enable Browser Extensions: yes
    Local Page: C:\Windows\SysWOW64\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 45 Fichier(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 17 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 14/01/2011 (5015 Octet(s))
    C:\Ad-Report-CLEAN[2].txt - 14/01/2011 (2263 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 13/01/2011 (4983 Octet(s))

    Fin à: 16:27:30, 14/01/2011

    ============== E.O.F ==============
    14 Janvier 2011 21:54:02

    Bonsoir
    relance OTL et poste un nouveau rapport.
    Comment se comporte ton pc?
    16 Janvier 2011 17:11:06

    Bonjour
    Tu n'as pas répondu à ma question :D 
    16 Janvier 2011 22:17:48

    Il se comporte mieux mais il y a encore une pub par jour :/ 
    16 Janvier 2011 22:22:10

    une pub par jour... :lol: 
    sur quel site?
    18 Janvier 2011 21:18:48

    Finalement je pense qu'il n'a plus de problème ;) 
    Merci beaucoup pour ton aide
    18 Janvier 2011 22:11:19




    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!


    ~Edite ton premier message et marque [résolu] dans le titre.
    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 

    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS