msconfig
/md5start
explorer.exe
wininit.exe
winlogon.exe
userinit.exe
svchost.exe
services.exe
/md5stop
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\Tasks\*.* /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
CREATERESTOREPOINTOTL logfile created on: 15/12/2012 20:17:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\julien\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,75 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 79,88% Memory free
5,70 Gb Paging File | 5,34 Gb Available in Paging File | 93,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137,05 Gb Total Space | 16,63 Gb Free Space | 12,14% Space Free | Partition Type: NTFS

Computer Name: PC-DE-LAETITIA | User Name: laetitia | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012/12/15 20:08:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\julien\Downloads\OTL.exe
PRC - [2012/12/07 13:33:49 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012/12/07 13:33:48 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2012/12/07 13:33:48 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/06 23:31:33 | 002,443,800 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2012/12/04 07:51:50 | 002,612,336 | ---- | M] (Iminent) [Auto | Stopped] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection)
SRV - [2012/07/13 13:39:50 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2008/06/26 03:52:39 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/12/11 20:19:44 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Stopped] -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2007/09/10 23:45:04 | 000,124,832 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2011/10/01 08:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011/10/01 08:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011/10/01 08:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011/10/01 08:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2007/11/18 03:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/10/05 23:59:40 | 000,288,256 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2007/09/19 13:05:00 | 007,626,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/09/07 10:34:38 | 000,943,016 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vm331avs.sys -- (vm331avs)
DRV - [2007/07/11 14:51:48 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/07/11 09:45:00 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/07/11 09:40:18 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/02/16 01:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006/11/28 20:46:22 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCAMp50.sys -- (PCAMp50)
DRV - [2006/11/28 20:46:20 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbinte.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2423182
IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=111020&tt=5012_6&babsrc=HP_ss&mntrId=741bc0e000000000000000140b4c5d2b
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9136
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=111020&tt=5012_6&babsrc=HP_ss&mntrId=741bc0e000000000000000140b4c5d2b
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - SOFTWARE\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}\InprocServer32 File not found
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\URLSearchHook: {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbinte.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - No CLSID value found
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes,DefaultScope = {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?FORM=IEFM1&q={searchTerms}
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111020&tt=5012_6&babsrc=SP_ss&mntrId=741bc0e000000000000000140b4c5d2b
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}&pr=prov&client_id=D9CD7E6001CB4F67000A2625&install_time=2010-09-08T15:09:30Z&src_id=11373&camp_id=1310&tb_version=2.5.15000.521
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes\{68f95363-e430-43ce-970f-495949476ca0}: "URL" = http://www.searcheo.fr/renseignement?search&q={searchTerms}
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLL_fr&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=qURS-6NXQIo7icjOsZI8sxQecWs?q={searchTerms}
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&mkt=fr-FR&FORM=MIMWA5
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = http://search.iminent.com/?appId=&ref=toolbox&q={searchTerms}
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes\{E8DC33E9-1E9C-4995-9315-236CDF69EA2A}: "URL" = http://www.bing.com/search?FORM=IEFM1&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9136
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.ke.voila.fr/S/voila?kw=
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://badoo.com/ [binary data]
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - SOFTWARE\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}\InprocServer32 File not found
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\..\SearchScopes,bProtectorDefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLL_fr&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=fChvs9g6FOjhPFA1wOqT2z3-5QE?q={searchTerms}
IE - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=111020&tt=5012_6&babsrc=HP_ss&mntrId=741bc0e000000000000000140b4c5d2b"
FF - prefs.js..extensions.enabledAddons: %7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.7.0.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: litmus-ff@f-secure.com:1.10
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.0
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?barid={13FC23DC-28CC-40A3-83B8-3C11B83EF963}&src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
FF - prefs.js..browser.startup.homepage: "www.mivolo.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweetim.com/search.asp?barid={13FC23DC-28CC-40A3-83B8-3C11B83EF963}&src=2&q="
FF - prefs.js..browser.startup.homepage: "http://search.iminent.com/?appId=68516E81-C7E5-404D-A7C5-90658A0F6288"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\laetitia\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\laetitia\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/07 13:33:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2012/12/15 17:58:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/07 13:33:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2010/06/04 15:32:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laetitia\AppData\Roaming\mozilla\Extensions
[2012/12/15 17:58:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laetitia\AppData\Roaming\mozilla\Firefox\Profiles\y422iett.default\extensions
[2012/12/09 15:37:11 | 000,000,000 | ---D | M] (uTorrentBar_FR) -- C:\Users\laetitia\AppData\Roaming\mozilla\Firefox\Profiles\y422iett.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
[2010/07/12 15:54:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\laetitia\AppData\Roaming\mozilla\Firefox\Profiles\y422iett.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/10/23 15:20:32 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\laetitia\AppData\Roaming\mozilla\Firefox\Profiles\y422iett.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012/12/15 17:58:11 | 000,000,000 | ---D | M] (Babylon Toolbar) -- C:\Users\laetitia\AppData\Roaming\mozilla\Firefox\Profiles\y422iett.default\extensions\ffxtlbr@babylon.com
[2012/12/07 14:03:25 | 000,189,128 | ---- | M] () (No name found) -- C:\Users\laetitia\AppData\Roaming\mozilla\firefox\profiles\y422iett.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/12/15 17:58:13 | 000,002,432 | ---- | M] () -- C:\Users\laetitia\AppData\Roaming\mozilla\firefox\profiles\y422iett.default\searchplugins\babylon1.xml
[2012/08/19 20:19:22 | 000,000,570 | ---- | M] () -- C:\Users\laetitia\AppData\Roaming\mozilla\firefox\profiles\y422iett.default\searchplugins\bing.xml
[2010/09/29 17:22:51 | 000,003,915 | ---- | M] () -- C:\Users\laetitia\AppData\Roaming\mozilla\firefox\profiles\y422iett.default\searchplugins\sweetim.xml
[2012/12/07 13:33:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012/12/07 13:33:49 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/20 08:04:06 | 000,001,729 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/12/15 17:58:05 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/11/20 08:04:06 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/20 08:04:07 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/11/20 08:04:06 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2012/12/04 07:51:50 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2012/11/20 08:04:06 | 000,001,639 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/11/20 08:04:06 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://search.babylon.com/?affID=111020&tt=5012_6&babsrc=HP_ss&mntrId=741bc0e000000000000000140b4c5d2b
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.babylon.com/?affID=111020&tt=5012_6&babsrc=HP_ss&mntrId=741bc0e000000000000000140b4c5d2b
CHR - Extension: No name found = C:\Users\laetitia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.9_0\
CHR - Extension: No name found = C:\Users\laetitia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jieopfhnlbjmbpckpdhfdedccdmngdac\1.5_0\
CHR - Extension: No name found = C:\Users\laetitia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchpfiddbhbdnagofhkjlaiaejmkdcla\1.4_0\
CHR - Extension: No name found = C:\Users\laetitia\AppData\Local\Google\Chrome\User Data\Default\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib\10.13.20.29_0\
CHR - Extension: No name found = C:\Users\laetitia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.4.9\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (interdescargas-FR Toolbar) - {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbinte.dll (Conduit Ltd.)
O2 - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - No CLSID value found.
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (EoBHO Class) - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (EoRezo)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (interdescargas-FR Toolbar) - {31c322dc-5878-452e-a2d8-c4aab9973c9a} - C:\Program Files\interdescargas-FR\tbinte.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.4.9\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\Toolbar\WebBrowser: (uTorrentBar_FR Toolbar) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\Toolbar\WebBrowser: (interdescargas-FR Toolbar) - {31C322DC-5878-452E-A2D8-C4AAB9973C9A} - C:\Program Files\interdescargas-FR\tbinte.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\..\Toolbar\WebBrowser: (uTorrentBar_FR Toolbar) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - C:\Program Files\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\..\Toolbar\WebBrowser: (interdescargas-FR Toolbar) - {31C322DC-5878-452E-A2D8-C4AAB9973C9A} - C:\Program Files\interdescargas-FR\tbinte.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [CardReaderMonitor] C:\Program Files\Realtek Semiconductor Corp.\Realtek Card Reader Monitor\CardReaderMonitor.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [e-TF1] C:\Program Files\TF1Vision\TF1vision.exe (1-Click Media)
O4 - HKLM..\Run: [Iminent] File not found
O4 - HKLM..\Run: [IminentMessenger] File not found
O4 - HKLM..\Run: [LGPCSuiteLanucher] "C:\Program Files\LG PC Suite 2\LGPCSuiteLanucher_Setup.exe" /tray File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ORAHSSSessionManager] "C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" File not found
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1894868224-590508204-2106921090-1000..\Run: [EPSON Stylus DX8400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1894868224-590508204-2106921090-1000..\Run: [lollipop] c:\users\laetitia\appdata\local\lollipop\lollipop.exe ()
O4 - HKU\S-1-5-21-1894868224-590508204-2106921090-1000..\Run: [Neuf Media Center] C:\Program Files\SFR\Media Center\MediaCenter.exe (SFR)
O4 - HKU\S-1-5-21-1894868224-590508204-2106921090-1000..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKU\S-1-5-21-1894868224-590508204-2106921090-1000..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1894868224-590508204-2106921090-1001..\Run: [bzoltqf] "c:\users\laetitia\appdata\local\bzoltqf.exe" bzoltqf File not found
O4 - HKU\S-1-5-21-1894868224-590508204-2106921090-1001..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)
O4 - HKU\S-1-5-21-1894868224-590508204-2106921090-1001..\Run: [DMSN] C:\Program Files\Dialflirt\dialmsn.exe File not found
O4 - HKU\S-1-5-21-1894868224-590508204-2106921090-1001..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart File not found
O4 - HKU\S-1-5-21-1894868224-590508204-2106921090-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [!BingBar] C:\ProgramData\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE (Microsoft Corporation)
O4 - HKLM..\RunOnce: [NSSInstallation] C:\Windows\System32\Adobe\Shockwave 11\nssstub.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-1894868224-590508204-2106921090-1001..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/5.0_(Windows;_U;_Windows_NT_6.0;_fr;_rv:1.9.2.3)_Gecko/20100401_Firefox/3.6.3_(_.NET_CLR_3.5.30729;_.NET4.0C)" -"http://www.gamevial.com/linkers/spillgroup.php?game=pirates" File not found
O4 - Startup: C:\Users\laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outil de notification Live Search.lnk = C:\Users\laetitia\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe (Microsoft Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1894868224-590508204-2106921090-1000\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1894868224-590508204-2106921090-1001\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20100902031001 (PhotoboxPhotowaysUploader5 Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.extrafilm.fr/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18B76C9E-5432-4BC7-BCA6-2E64738E7F75}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2C7FDB2-1C7C-4480-A3A9-3FA127AEFF08}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\25986~1.67\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\laetitia\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\laetitia\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012/12/15 17:58:33 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2012/12/15 17:58:25 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Roaming\BabSolution
[2012/12/15 17:58:24 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2012/12/15 17:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012/12/15 17:57:58 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Roaming\Babylon
[2012/12/15 17:57:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/12/14 17:40:21 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/12/14 17:40:20 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/12/14 17:40:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/12/14 17:40:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/12/14 17:40:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/12/14 17:40:19 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/12/14 17:40:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/12/14 17:40:17 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/12/14 17:37:13 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012/12/14 17:37:00 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/12/14 17:37:00 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012/12/14 17:36:59 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/12/14 17:36:58 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/12/14 17:36:58 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/12/13 09:53:45 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/12/13 09:53:41 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012/12/13 09:53:41 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012/12/13 09:53:13 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/13 09:53:13 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/13 09:52:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/12/12 17:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/12/10 10:52:31 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Local\{9A5E2353-6D2A-4AE4-974B-AFB0F2866E57}
[2012/12/09 15:37:13 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Local\CRE
[2012/12/09 15:36:33 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Local\Conduit
[2012/12/09 15:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentBar_FR
[2012/12/09 15:36:20 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/12/09 15:35:41 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Roaming\uTorrent
[2012/12/09 15:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced File Optimizer
[2012/12/09 15:28:19 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Local\Lollipop
[2012/12/09 15:20:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella
[2012/12/09 15:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2012/12/09 15:20:14 | 000,850,824 | ---- | C] (Iminent) -- C:\Users\laetitia\Desktop\Iminent.exe
[2012/12/09 15:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\Webplayer setup
[2012/12/07 19:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012/12/07 19:01:50 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Local\Systweak
[2012/12/07 18:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
[2012/12/07 18:43:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2012/12/07 18:43:28 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Roaming\Advanced System Protector
[2012/12/07 18:43:22 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Roaming\Systweak
[2012/12/07 18:43:21 | 000,015,544 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2012/12/07 18:43:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2012/12/07 17:53:02 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Roaming\dvdcss
[2012/12/07 13:33:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/11/23 20:17:38 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/11/23 20:17:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/11/23 20:17:38 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/11/23 20:17:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/11/23 20:17:38 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/11/23 20:17:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/11/23 20:17:37 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/11/23 20:17:37 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/11/23 20:17:37 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/11/23 20:17:37 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/11/23 20:17:37 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/11/23 20:17:37 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/11/23 20:17:37 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/11/23 20:17:37 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/11/23 20:17:37 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/11/23 20:17:37 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/11/23 20:17:37 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/11/23 20:17:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/11/23 20:17:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/11/23 20:17:36 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/11/23 20:17:36 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/11/23 20:17:36 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/11/23 20:17:36 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/11/23 20:17:36 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/11/23 20:17:36 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/11/23 20:17:36 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/11/23 20:17:36 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/11/23 20:17:36 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/11/23 20:17:36 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/11/23 10:26:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/11/23 10:25:59 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/11/23 10:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/11/23 02:17:27 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/11/23 02:17:27 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/11/23 02:17:27 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/11/23 02:17:27 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/11/23 02:17:25 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/11/23 02:16:50 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012/11/23 02:16:36 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/11/23 02:16:04 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/11/23 02:15:46 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/11/23 02:15:12 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/11/23 02:15:12 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/11/23 02:15:11 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/11/23 02:15:11 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/11/23 02:15:11 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/11/23 02:15:10 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/11/23 02:15:08 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/11/23 02:15:08 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/11/23 02:14:34 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2012/11/23 02:14:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2012/11/23 02:13:57 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/11/23 02:02:44 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/11/23 02:02:44 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/11/23 02:02:06 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/11/23 01:43:35 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/11/23 01:43:35 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/11/23 01:43:03 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/11/23 01:43:03 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/11/23 01:43:03 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/11/23 01:42:50 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/11/23 01:42:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/11/22 20:14:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/11/22 20:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/11/22 19:57:32 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Roaming\SFR
[2012/11/22 19:56:34 | 000,000,000 | ---D | C] -- C:\Users\laetitia\AppData\Local\Neuf
[2012/11/22 19:08:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFR
[2012/11/22 18:57:13 | 000,000,000 | ---D | C] -- C:\Program Files\SFR
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012/12/15 20:04:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/15 19:45:20 | 095,023,320 | ---- | M] () -- C:\ProgramData\0tbpw.pad
[2012/12/15 19:37:38 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/15 19:37:26 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/15 19:37:26 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/15 19:30:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\Extension de garantie-laetitia.job
[2012/12/15 19:07:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1894868224-590508204-2106921090-1000UA.job
[2012/12/15 19:07:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1894868224-590508204-2106921090-1000Core.job
[2012/12/15 18:33:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/15 18:00:45 | 008,369,152 | ---- | M] () -- C:\Users\laetitia\Desktop\SetupWebV2.msi
[2012/12/15 15:01:00 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012/12/14 17:47:27 | 000,306,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/12/12 18:43:00 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012/12/12 17:51:43 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/12/11 17:48:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\NSSstub.job
[2012/12/11 15:11:58 | 000,034,815 | ---- | M] () -- C:\Program Files\Common Files\plugin.crx
[2012/12/10 17:15:40 | 000,027,620 | ---- | M] () -- C:\Users\laetitia\AppData\Roaming\nvModes.dat
[2012/12/10 17:15:40 | 000,027,620 | ---- | M] () -- C:\Users\laetitia\AppData\Roaming\nvModes.001
[2012/12/10 15:43:40 | 000,093,184 | ---- | M] () -- C:\Users\laetitia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/10 00:07:20 | 000,676,998 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012/12/10 00:07:20 | 000,594,380 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/10 00:07:20 | 000,127,036 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2012/12/10 00:07:20 | 000,104,594 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/09 15:36:20 | 000,000,779 | ---- | M] () -- C:\Users\laetitia\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/12/09 15:36:20 | 000,000,755 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/12/09 15:31:52 | 000,002,093 | ---- | M] () -- C:\Users\Public\Desktop\Advanced File Optimizer.lnk
[2012/12/09 15:20:16 | 000,850,824 | ---- | M] (Iminent) -- C:\Users\laetitia\Desktop\Iminent.exe
[2012/12/08 01:05:32 | 000,000,000 | -H-- | M] () -- C:\Users\laetitia\Documents\Default.rdp
[2012/12/04 17:43:35 | 000,002,067 | ---- | M] () -- C:\Users\laetitia\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/12/04 17:43:29 | 000,002,105 | ---- | M] () -- C:\Users\laetitia\Desktop\Google Chrome.lnk
[2012/11/27 18:59:14 | 000,000,946 | ---- | M] () -- C:\Users\laetitia\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/23 20:17:47 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012/11/23 20:17:47 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012/11/23 20:17:38 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/11/23 20:17:38 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/11/23 20:17:38 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/11/23 20:17:38 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/11/23 20:17:38 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/11/23 20:17:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/11/23 20:17:37 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/11/23 20:17:37 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/11/23 20:17:37 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/11/23 20:17:37 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/11/23 20:17:37 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/11/23 20:17:37 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/11/23 20:17:37 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/11/23 20:17:37 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/11/23 20:17:37 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/11/23 20:17:37 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/11/23 20:17:37 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/11/23 20:17:37 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/11/23 20:17:37 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/11/23 20:17:37 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/11/23 20:17:36 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/11/23 20:17:36 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/11/23 20:17:36 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/11/23 20:17:36 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/11/23 20:17:36 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/11/23 20:17:36 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/11/23 20:17:36 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/11/23 20:17:36 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/11/23 20:17:36 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/11/23 20:17:36 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/11/22 20:14:54 | 000,000,849 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/12/15 19:29:45 | 095,023,320 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2012/12/15 18:00:31 | 000,034,815 | ---- | C] () -- C:\Program Files\Common Files\plugin.crx
[2012/12/14 17:37:18 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/14 17:37:18 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/12/12 17:50:32 | 000,000,862 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/12/09 15:36:20 | 000,000,779 | ---- | C] () -- C:\Users\laetitia\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/12/09 15:36:20 | 000,000,755 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/12/09 15:31:52 | 000,002,093 | ---- | C] () -- C:\Users\Public\Desktop\Advanced File Optimizer.lnk
[2012/12/09 15:27:59 | 008,369,152 | ---- | C] () -- C:\Users\laetitia\Desktop\SetupWebV2.msi
[2012/12/08 01:05:32 | 000,000,000 | -H-- | C] () -- C:\Users\laetitia\Documents\Default.rdp
[2012/12/07 18:43:42 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2012/12/07 18:43:30 | 000,000,270 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2012/12/07 18:43:29 | 000,000,278 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2012/11/23 20:17:37 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/11/22 20:14:54 | 000,000,861 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/11 11:50:57 | 000,000,072 | ---- | C] () -- C:\Windows\yesmessenger.ini
[2009/01/29 19:57:44 | 000,001,922 | ---- | C] () -- C:\Users\laetitia\AppData\Local\bzoltqf.dat
[2009/01/29 19:57:44 | 000,000,328 | ---- | C] () -- C:\Users\laetitia\AppData\Local\bzoltqf_navps.dat
[2009/01/29 19:57:44 | 000,000,093 | ---- | C] () -- C:\Users\laetitia\AppData\Local\bzoltqf.bat
[2009/01/29 19:57:40 | 000,288,768 | ---- | C] () -- C:\Users\laetitia\AppData\Local\bzoltqf.0xe
[2008/10/04 12:58:03 | 000,000,260 | ---- | C] () -- C:\Users\laetitia\AppData\Roaming\wklnhst.dat
[2008/09/15 14:07:09 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008/09/10 22:27:55 | 000,027,620 | ---- | C] () -- C:\Users\laetitia\AppData\Roaming\nvModes.001
[2008/09/10 21:33:36 | 000,027,620 | ---- | C] () -- C:\Users\laetitia\AppData\Roaming\nvModes.dat
[2008/09/10 18:19:07 | 000,093,184 | ---- | C] () -- C:\Users\laetitia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2009/07/28 12:14:56 | 000,000,000 | ---D | M] -- C:\Users\julien\AppData\Roaming\EoRezo
[2010/06/06 10:23:29 | 000,000,000 | ---D | M] -- C:\Users\julien\AppData\Roaming\F-Secure
[2012/12/12 02:30:26 | 000,000,000 | ---D | M] -- C:\Users\julien\AppData\Roaming\SoftGrid Client
[2012/12/12 01:46:22 | 000,000,000 | ---D | M] -- C:\Users\julien\AppData\Roaming\Systweak
[2011/01/13 16:46:15 | 000,000,000 | ---D | M] -- C:\Users\julien\AppData\Roaming\Template
[2011/01/13 16:31:29 | 000,000,000 | ---D | M] -- C:\Users\julien\AppData\Roaming\TP
[2012/12/13 17:34:35 | 000,000,000 | ---D | M] -- C:\Users\julien\AppData\Roaming\uTorrent
[2009/02/16 19:38:15 | 000,000,000 | ---D | M] -- C:\Users\julien\AppData\Roaming\Windows Live Writer
[2012/12/07 18:43:46 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Advanced System Protector
[2012/12/15 17:58:25 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\BabSolution
[2012/12/15 17:57:58 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Babylon
[2010/05/04 16:27:30 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\EoRezo
[2009/03/08 12:11:50 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\F-Secure
[2010/05/04 16:38:53 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Icones
[2008/09/11 23:51:48 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\LG Electronics
[2010/03/20 19:10:27 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Opera
[2008/09/26 10:00:17 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Packard Bell
[2012/11/22 19:57:32 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\SFR
[2011/01/13 16:32:06 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\SoftGrid Client
[2012/12/07 18:43:50 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Systweak
[2008/10/04 15:38:38 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Template
[2010/09/27 22:26:37 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\TP
[2012/12/13 14:08:41 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\uTorrent
[2010/09/23 11:27:03 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Windows Live Writer

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2008/01/21 03:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2008/01/21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2010/07/24 22:06:42 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Adobe
[2012/12/07 18:43:46 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Advanced System Protector
[2012/12/15 17:58:25 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\BabSolution
[2012/12/15 17:57:58 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Babylon
[2009/05/25 13:40:43 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\DivX
[2012/12/08 14:24:56 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\dvdcss
[2010/05/04 16:27:30 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\EoRezo
[2009/03/08 12:11:50 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\F-Secure
[2008/09/10 18:19:24 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Google
[2010/05/04 16:38:53 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Icones
[2008/09/10 18:01:04 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Identities
[2008/09/11 23:51:48 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\LG Electronics
[2009/01/27 11:49:56 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Macromedia
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Media Center Programs
[2012/12/07 19:30:03 | 000,000,000 | --SD | M] -- C:\Users\laetitia\AppData\Roaming\Microsoft
[2010/06/04 15:32:13 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Mozilla
[2010/03/20 19:10:27 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Opera
[2008/09/26 10:00:17 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Packard Bell
[2012/11/22 19:57:32 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\SFR
[2011/01/13 16:32:06 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\SoftGrid Client
[2008/09/10 18:02:03 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Symantec
[2012/12/07 18:43:50 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Systweak
[2008/10/04 15:38:38 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Template
[2010/09/27 22:26:37 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\TP
[2012/12/13 14:08:41 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\uTorrent
[2012/12/12 17:30:54 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\vlc
[2010/09/23 11:27:03 | 000,000,000 | ---D | M] -- C:\Users\laetitia\AppData\Roaming\Windows Live Writer

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2008/12/09 10:12:56 | 000,499,296 | ---- | M] (EoRezo) -- C:\Users\laetitia\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdate.exe
[2009/01/27 13:06:10 | 000,698,903 | ---- | M] () -- C:\Users\laetitia\AppData\Roaming\EoRezo\SoftwareUpdate\unins000.exe
[2009/02/09 22:42:26 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Users\laetitia\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
[2009/02/09 22:42:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Users\laetitia\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
[2009/02/09 22:42:25 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Users\laetitia\AppData\Roaming\Microsoft\Live Search\Suppression-Live-Search.exe
[2009/03/04 17:40:04 | 000,086,576 | ---- | M] (Microsoft Corporation) -- C:\Users\laetitia\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
[2009/03/04 17:40:04 | 000,132,672 | ---- | M] (Microsoft Corporation) -- C:\Users\laetitia\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
[2012/10/23 15:20:32 | 000,197,632 | R--- | M] () -- C:\Users\laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\y422iett.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\TbHelper2.exe
[2012/10/23 15:20:32 | 000,042,496 | R--- | M] () -- C:\Users\laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\y422iett.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\uninstall.exe
[2012/10/23 15:20:32 | 000,056,832 | R--- | M] () -- C:\Users\laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\y422iett.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\update.exe
[2012/10/23 15:20:33 | 000,152,664 | R--- | M] () -- C:\Users\laetitia\AppData\Roaming\Mozilla\Firefox\Profiles\y422iett.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\setup_widget_serv.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.* /s >[/color]
[2012/12/15 19:30:00 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\Extension de garantie-laetitia.job
[2012/12/15 19:37:38 | 000,001,052 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/12/15 18:33:00 | 000,001,056 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/12/15 19:07:00 | 000,001,038 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1894868224-590508204-2106921090-1000Core.job
[2012/12/15 19:07:00 | 000,001,090 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1894868224-590508204-2106921090-1000UA.job
[2012/12/11 17:48:00 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\NSSstub.job
[2012/12/15 15:01:00 | 000,000,270 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job
[2012/12/12 18:43:00 | 000,000,278 | ---- | M] () -- C:\Windows\Tasks\RegClean Pro_UPDATES.job
[2012/12/15 19:37:26 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2012/12/15 01:31:29 | 000,032,502 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

< End of report >