A voir également:
- Problème virus gendarmerie
- Svchost.exe virus - Guide
- Altruistic virus ✓ - Forum Antivirus
- Youtu.be virus - Guide
- Operagxsetup virus ✓ - Forum Virus
- Myavids virus ✓ - Forum Téléphones & tablettes Android
11 réponses
Utilisateur anonyme
16 févr. 2013 à 18:38
16 févr. 2013 à 18:38
Re
* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK
http://imagesup.org/image
* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX
:OTL
O20 - HKU\fabrice_ON_C Winlogon: Shell - (C:\Users\fabrice\AppData\Roaming\skype.dat) - C:\Users\fabrice\AppData\Roaming\skype.dat ()
[2013/02/15 12:39:40 | 000,000,004 | ---- | M] () -- C:\Users\fabrice\AppData\Roaming\skype.ini
[2013/02/15 12:19:00 | 000,000,410 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{B27BD34A-CB82-4E5D-8AA4-3E4746DFAC71}.job
[2012/01/10 16:14:56 | 000,046,592 | ---- | C] () -- C:\Users\fabrice\AppData\Roaming\skype.dat
tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse
@+
* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK
http://imagesup.org/image
* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX
:OTL
O20 - HKU\fabrice_ON_C Winlogon: Shell - (C:\Users\fabrice\AppData\Roaming\skype.dat) - C:\Users\fabrice\AppData\Roaming\skype.dat ()
[2013/02/15 12:39:40 | 000,000,004 | ---- | M] () -- C:\Users\fabrice\AppData\Roaming\skype.ini
[2013/02/15 12:19:00 | 000,000,410 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{B27BD34A-CB82-4E5D-8AA4-3E4746DFAC71}.job
[2012/01/10 16:14:56 | 000,046,592 | ---- | C] () -- C:\Users\fabrice\AppData\Roaming\skype.dat
tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse
@+
Samines11
Messages postés
27
Date d'inscription
samedi 27 septembre 2008
Statut
Membre
Dernière intervention
12 janvier 2015
16 févr. 2013 à 21:13
16 févr. 2013 à 21:13
Désolé du retard
========== OTL ==========
Registry value HKEY_USERS\fabrice_ON_C\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\fabrice\AppData\Roaming\skype.dat deleted successfully.
C:\Users\fabrice\AppData\Roaming\skype.dat moved successfully.
C:\Users\fabrice\AppData\Roaming\skype.ini moved successfully.
C:\Windows\Tasks\OptimizerProUpdaterTask{B27BD34A-CB82-4E5D-8AA4-3E4746DFAC71}.job moved successfully.
File C:\Users\fabrice\AppData\Roaming\skype.dat not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 02162013_211214
========== OTL ==========
Registry value HKEY_USERS\fabrice_ON_C\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\fabrice\AppData\Roaming\skype.dat deleted successfully.
C:\Users\fabrice\AppData\Roaming\skype.dat moved successfully.
C:\Users\fabrice\AppData\Roaming\skype.ini moved successfully.
C:\Windows\Tasks\OptimizerProUpdaterTask{B27BD34A-CB82-4E5D-8AA4-3E4746DFAC71}.job moved successfully.
File C:\Users\fabrice\AppData\Roaming\skype.dat not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 02162013_211214
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
16 févr. 2013 à 21:15
16 févr. 2013 à 21:15
Re
redémarre ton PC normalement;cela devrait fonctionner
ce n'est pas fini...
@+
redémarre ton PC normalement;cela devrait fonctionner
ce n'est pas fini...
@+
Samines11
Messages postés
27
Date d'inscription
samedi 27 septembre 2008
Statut
Membre
Dernière intervention
12 janvier 2015
16 févr. 2013 à 21:21
16 févr. 2013 à 21:21
Il redémarre oui !
Utilisateur anonyme
16 févr. 2013 à 21:24
16 févr. 2013 à 21:24
Re
Super ;-))
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé,
Double-clique sur l'icône pour lancer le programme. Sous Vista ; Seven ou Windows 8 clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien:
http://pjjoint.malekal.com/
Si problème utilise un des suivants
https://forums-fec.be/upload
https://www.cjoint.com/
Regarde sur le bureau
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.com/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
@+
Super ;-))
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé,
Double-clique sur l'icône pour lancer le programme. Sous Vista ; Seven ou Windows 8 clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien:
http://pjjoint.malekal.com/
Si problème utilise un des suivants
https://forums-fec.be/upload
https://www.cjoint.com/
Regarde sur le bureau
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.com/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
@+
Samines11
Messages postés
27
Date d'inscription
samedi 27 septembre 2008
Statut
Membre
Dernière intervention
12 janvier 2015
16 févr. 2013 à 21:34
16 févr. 2013 à 21:34
Merci, je m'occupe de tout ça et je t'envoie la réponse dès que c'est fini là.
Aussi, y'a un logiciel Microsoft security essential, j'ai bien l'impression qu'il s'agit d'un fake.
J'avais déjà lancé une analyse Malwarebytes avant ton poste, j'attends qu'elle se termine et je fais ce que tu me demandes. J'avais pensé à roguekiller aussi.
Aussi, y'a un logiciel Microsoft security essential, j'ai bien l'impression qu'il s'agit d'un fake.
J'avais déjà lancé une analyse Malwarebytes avant ton poste, j'attends qu'elle se termine et je fais ce que tu me demandes. J'avais pensé à roguekiller aussi.
Samines11
Messages postés
27
Date d'inscription
samedi 27 septembre 2008
Statut
Membre
Dernière intervention
12 janvier 2015
16 févr. 2013 à 22:00
16 févr. 2013 à 22:00
Samines11
Messages postés
27
Date d'inscription
samedi 27 septembre 2008
Statut
Membre
Dernière intervention
12 janvier 2015
16 févr. 2013 à 23:10
16 févr. 2013 à 23:10
Désolé du double poste, mais je dois rendre l'ordinateur demain matin ...
Le lien que je t'ai donné est bon ?
Le lien que je t'ai donné est bon ?
Utilisateur anonyme
17 févr. 2013 à 07:32
17 févr. 2013 à 07:32
Bonjour
1) Met à jour Windows >>>le pack SP1
2)Met à jour Adobe reader
3)Met à jour Java
Ces mises à jour sont à faire en priorité sinon le problème de virus se reproduira
Microsoft security essential est un antivirus;je te conseillerais de le désinstaller et de mettre à la place Avast 7
Poste moi ce rapport de Malwaresbytes
merci
@+
1) Met à jour Windows >>>le pack SP1
2)Met à jour Adobe reader
3)Met à jour Java
Ces mises à jour sont à faire en priorité sinon le problème de virus se reproduira
Microsoft security essential est un antivirus;je te conseillerais de le désinstaller et de mettre à la place Avast 7
Poste moi ce rapport de Malwaresbytes
merci
@+
16 févr. 2013 à 18:29
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 98.34 Gb Free Space | 65.98% Space Free | Partition Type: NTFS
Drive E: | 148.65 Gb Total Space | 139.01 Gb Free Space | 93.51% Space Free | Partition Type: NTFS
Drive F: | 2.93 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive X: | 1.91 Gb Total Space | 1.29 Gb Free Space | 67.55% Space Free | Partition Type: FAT
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2012/09/12 14:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2012/09/12 14:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2011/05/20 07:02:06 | 000,036,160 | ---- | M] (TuneUp Software) [Auto] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV:[b]64bit:[/b] - [2010/09/22 12:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010/02/05 10:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:[b]64bit:[/b] - [2009/07/28 07:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2013/01/24 15:57:17 | 000,945,328 | ---- | M] () [Auto] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe -- (vToolbarUpdater14.0.1)
SRV - [2013/01/10 16:22:03 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/09 05:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/08/24 06:01:41 | 002,735,528 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/08/12 20:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/02/13 21:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/02/10 04:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 04:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/01 02:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 02:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/05/20 07:07:38 | 002,026,304 | ---- | M] (TuneUp Software) [Auto] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/05/20 07:02:02 | 000,029,504 | ---- | M] (TuneUp Software) [Auto] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/27 10:20:14 | 001,811,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/05/11 02:40:52 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [On_Demand] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/28 09:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2010/01/15 07:08:38 | 000,935,208 | ---- | M] (Nero AG) [Auto] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/10/06 02:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 11:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2013/01/24 15:57:20 | 000,037,720 | ---- | M] (AVG Technologies) [Kernel | System] -- C:\Windows\System32\drivers\avgtpx64.sys -- (avgtp)
DRV:[b]64bit:[/b] - [2012/08/30 15:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2012/08/24 08:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdia.sys -- (Avgtdia)
DRV:[b]64bit:[/b] - [2012/07/25 20:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx64.sys -- (Avgldx64)
DRV:[b]64bit:[/b] - [2012/04/18 21:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\Windows\System32\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:[b]64bit:[/b] - [2012/03/08 11:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2012/01/30 21:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\Windows\System32\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:[b]64bit:[/b] - [2011/12/23 06:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:[b]64bit:[/b] - [2011/12/23 06:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:[b]64bit:[/b] - [2011/12/23 06:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:[b]64bit:[/b] - [2011/10/01 02:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011/10/01 02:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011/10/01 02:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011/10/01 02:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2010/09/16 09:56:52 | 000,020,592 | ---- | M] (Compal Electronics, INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CeKbFilter.sys -- (CeKbFilter)
DRV:[b]64bit:[/b] - [2010/06/23 10:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010/04/28 04:32:20 | 000,932,384 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:[b]64bit:[/b] - [2010/03/22 03:55:20 | 000,046,192 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV:[b]64bit:[/b] - [2010/02/20 17:24:36 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2010/01/07 02:05:46 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2009/07/30 12:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:[b]64bit:[/b] - [2009/07/14 08:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:[b]64bit:[/b] - [2009/07/13 19:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2009/06/22 10:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV:[b]64bit:[/b] - [2009/06/19 21:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2008/07/28 22:47:00 | 001,075,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athrxusb.sys -- (athrusb)
DRV - [2010/10/07 06:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\fabrice_ON_C\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=112208&tt=3512_3&babsrc=HP_ss&mntrId=ba70225900000000000088252c6a3513
IE - HKU\fabrice_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=toshiba.msn.com&ocid=TSHDHP&pc=MATB
IE - HKU\fabrice_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fhome.microsoft.com%2fintl%2fbr%2faccess%2fallinone.asp%3f
IE - HKU\fabrice_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2504091
IE - HKU\fabrice_ON_C\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKU\fabrice_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\fabrice_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..CT2504091.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.defaultenginename,S: "WebSearch"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "http://ww25.websearch.mocaflix.com/?l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: "WebSearch"
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.search.selectedEngine,S: "WebSearch"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2504091&SearchSource=13"
FF - prefs.js..extensions.enabledItems: 509b7fcb9e322@509b7fcb9e35c.com:2
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.5.0
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:10.10.27.6
FF - prefs.js..extensions.enabledItems: {C9B68337-E93A-44EA-94DC-CB300EC06444}:5.30.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191
FF - prefs.js..extensions.enabledItems: avg@toolbar:13.2.0.5
FF - prefs.js..keyword.URL: "https://isearch.avg.com/?cid=%7b24aba773-a02c-411e-9365-a13440d84dc7%7d&mid=a73577c8ea8347d0adf359e75b0dd81d-65eb108ba0e5329b0d9b5c6ab8dc93ccfb045558&ds=AVG&v=13.2.0.5&lang=fr&pr=pr&d=2012-06-12+13%3a19%3a46&sap=ku&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_5_502_146.dll ()
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/10/11 02:11:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.0.2.14 [2013/01/24 15:59:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\509b7fcb9e322@509b7fcb9e35c.com: C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\extensions\509b7fcb9e322@509b7fcb9e35c.com [2012/11/08 04:47:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/29 16:09:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/15 14:36:36 | 000,000,000 | ---D | M]
[2010/12/29 16:09:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fabrice\AppData\Roaming\Mozilla\Extensions
[2013/01/06 09:27:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\extensions
[2012/11/08 04:38:13 | 000,000,000 | ---D | M] (Vuze Remote) -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2012/09/01 05:36:18 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012/09/03 13:04:14 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012/11/08 04:47:31 | 000,000,000 | ---D | M] (SaveAs) -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\extensions\509b7fcb9e322@509b7fcb9e35c.com
[2012/09/01 05:31:27 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\extensions\crossriderapp5060@crossrider.com
[2012/07/06 05:08:57 | 000,000,000 | ---D | M] (Babylon Toolbar) -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\extensions\ffxtlbr@babylon.com
[2012/09/01 05:33:54 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\extensions\plugin@yontoo.com
[2012/07/23 16:44:04 | 000,002,650 | ---- | M] () -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\searchplugins\bing.xml
[2012/12/26 16:33:36 | 000,002,402 | ---- | M] () -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\searchplugins\bingp.xml
[2012/07/06 05:08:44 | 000,002,351 | ---- | M] () -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\searchplugins\bProtect.xml
[2012/11/10 12:06:21 | 000,000,869 | ---- | M] () -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\searchplugins\conduit.xml
[2012/07/18 11:43:18 | 000,003,949 | ---- | M] () -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\searchplugins\sweetim.xml
[2012/11/08 04:48:50 | 000,000,544 | ---- | M] () -- C:\Users\fabrice\AppData\Roaming\Mozilla\Firefox\Profiles\nqhindst.default\searchplugins\WebSearch.xml
[2010/12/29 16:08:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/11 02:11:19 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
[2012/11/08 17:24:11 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\13.2.0.5
[2010/12/03 13:04:57 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2013/01/24 15:58:21 | 000,003,591 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/11/08 04:31:49 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2010/12/03 13:04:57 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/12/03 13:04:57 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2010/12/03 13:04:57 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/12/03 13:04:57 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\fabrice_ON_C\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKU\fabrice_ON_C\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:[b]64bit:[/b] - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:[b]64bit:[/b] - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\fabrice_ON_C..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKU\fabrice_ON_C..\Run: [ROC_JAN2013_TB] C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe ()
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\fabrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\fabrice_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O13:[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (c:\progra~2\mocaflix\sprote~1.dll) - C:\Program Files (x86)\MocaFlix\sprotector.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\fabrice_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\fabrice_ON_C Winlogon: Shell - (C:\Users\fabrice\AppData\Roaming\skype.dat) - C:\Users\fabrice\AppData\Roaming\skype.dat ()
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 08:06:42 | 000,000,053 | ---- | M] () - X:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe (AVG Technologies CZ, s.r.o.)
[b]64bit:[/b] O35 - HKLM\..comfile [open] -- "%1" %* File not found
[b]64bit:[/b] O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013/02/15 12:19:50 | 000,000,000 | ---D | C] -- C:\Users\fabrice\AppData\Local\{3523B2F2-FF18-4D24-A30D-1DBC920B397C}
[2013/02/15 12:11:45 | 000,000,000 | ---D | C] -- C:\Users\fabrice\AppData\Local\{E76FCA69-8CC1-47A5-89CF-751AECFBD7CE}
[2013/02/15 12:10:28 | 000,000,000 | ---D | C] -- C:\Users\fabrice\AppData\Local\{07013F10-A30A-4169-BAE1-02160F98905E}
[2013/02/15 12:09:28 | 000,000,000 | ---D | C] -- C:\Users\fabrice\AppData\Local\{49DF5C80-F50F-44EF-B810-AF44C92DF33F}
[2013/02/15 11:46:14 | 000,000,000 | ---D | C] -- C:\Users\fabrice\AppData\Local\{19227EA8-B9FC-4AE6-A463-1B4A7DFA671F}
[2013/01/26 02:22:26 | 000,000,000 | ---D | C] -- C:\Users\fabrice\AppData\Local\{229FB259-24D8-420B-973D-32BA01D15EB6}
[2013/01/24 15:57:28 | 000,000,000 | ---D | C] -- C:\Users\fabrice\AppData\Local\{1A54B344-7113-4553-9862-C52407A49926}
[2013/01/23 02:37:18 | 000,000,000 | ---D | C] -- C:\Users\fabrice\AppData\Local\{8A646706-F48B-4B26-9639-3A857165424B}
[2013/01/21 03:45:20 | 000,000,000 | ---D | C] -- C:\Users\fabrice\AppData\Local\{FD960ECD-5CAC-4C77-A8AC-9884D2EC48D9}
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013/02/15 12:39:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/15 12:39:40 | 000,000,004 | ---- | M] () -- C:\Users\fabrice\AppData\Roaming\skype.ini
[2013/02/15 12:26:41 | 000,016,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/15 12:26:41 | 000,016,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/15 12:21:06 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/15 12:19:05 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013/02/15 12:19:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/15 12:19:00 | 000,000,410 | -H-- | M] () -- C:\Windows\tasks\OptimizerProUpdaterTask{B27BD34A-CB82-4E5D-8AA4-3E4746DFAC71}.job
[2013/02/15 12:18:35 | 2309,656,576 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/26 02:24:54 | 107,771,166 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2013/01/24 17:53:10 | 000,719,498 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/01/24 17:53:10 | 000,620,976 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/24 17:53:10 | 000,135,886 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/01/24 17:53:10 | 000,110,906 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/24 17:51:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/24 15:57:20 | 000,037,720 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx64.sys
[2013/01/20 07:59:24 | 000,163,791 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013/01/24 17:18:52 | 000,000,004 | ---- | C] () -- C:\Users\fabrice\AppData\Roaming\skype.ini
[2013/01/24 15:59:06 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2012/09/17 02:47:29 | 000,082,869 | ---- | C] () -- C:\ProgramData\kzrskfcdqsrfhvq
[2012/08/15 16:46:13 | 004,503,728 | ---- | C] () -- C:\ProgramData\ism_0_llatsni.pad
[2012/08/15 10:08:12 | 000,000,051 | ---- | C] () -- C:\ProgramData\wmpcrituzpvlirq
[2012/08/14 18:59:48 | 000,027,520 | ---- | C] () -- C:\Users\fabrice\AppData\Local\dt.dat
[2012/06/12 16:11:05 | 000,000,052 | ---- | C] () -- C:\ProgramData\ozrrrcujrfueuzy
[2012/06/04 18:18:38 | 000,000,448 | ---- | C] () -- C:\ProgramData\ogrmrcijifaehzy
[2012/03/07 18:11:54 | 000,862,397 | ---- | C] () -- C:\Users\fabrice\AppData\Local\census.cache
[2012/03/07 18:11:31 | 000,113,257 | ---- | C] () -- C:\Users\fabrice\AppData\Local\ars.cache
[2012/03/07 17:27:44 | 000,000,036 | ---- | C] () -- C:\Users\fabrice\AppData\Local\housecall.guid.cache
[2012/01/10 16:14:56 | 000,046,592 | ---- | C] () -- C:\Users\fabrice\AppData\Roaming\skype.dat
[2011/05/13 08:51:21 | 000,000,434 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/01/03 16:18:26 | 001,608,654 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/09/16 10:10:09 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2010/09/16 10:03:09 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2010/02/20 17:22:26 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/02/20 17:22:26 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/02/20 17:22:26 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/02/20 16:27:38 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/02/20 16:27:38 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:02:54 | 000,245,248 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2009/07/13 16:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/27 21:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
[color=#E56717]========== LOP Check ==========[/color]
[2012/06/12 06:21:47 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\AVG2012
[2012/11/10 04:03:45 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\Azureus
[2012/07/06 05:08:11 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\Babylon
[2012/07/25 17:42:58 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\Edkau
[2012/11/10 12:15:21 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\FIXIO PC Utilities
[2012/09/03 14:12:54 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\OfferBox
[2011/01/03 17:11:14 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\OpenOffice.org
[2012/09/03 12:24:05 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\PerformerSoft
[2011/01/03 16:33:13 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\PlayFirst
[2012/07/25 17:25:18 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\Qoicud
[2013/01/26 02:24:27 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\Raptr
[2012/06/14 06:37:48 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\RegistryKeys
[2012/11/27 13:23:42 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\SoftGrid Client
[2012/09/03 12:32:29 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\TeamViewer
[2010/12/29 17:00:32 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\Toshiba
[2011/03/19 14:11:24 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\TP
[2010/12/29 16:41:22 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\TuneUp Software
[2012/03/13 15:07:13 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\Uniblue
[2012/05/15 15:36:48 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\WildTangent
[2011/12/07 09:53:15 | 000,000,000 | ---D | M] -- C:\Users\fabrice\AppData\Roaming\Windows Live Writer
[2010/12/29 16:27:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Alwil Software
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/11/08 17:24:11 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG Secure Search
[2012/06/12 15:01:25 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG2012
[2012/07/06 05:08:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2010/12/21 14:01:37 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2011/01/03 16:21:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Ciel
[2012/06/12 06:19:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2012/10/13 19:19:55 | 000,000,000 | ---D | M] -- C:\ProgramData\eMule
[2010/12/21 14:01:37 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/09/02 13:42:14 | 000,000,000 | ---D | M] -- C:\ProgramData\ijngqybwjrivipk
[2012/12/24 07:40:14 | 000,000,000 | ---D | M] -- C:\ProgramData\InstallMate
[2012/12/24 07:35:22 | 000,000,000 | ---D | M] -- C:\ProgramData\iqnbqypwwrovvpk
[2012/12/25 12:13:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Leapfrog
[2010/12/21 14:01:37 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2013/02/15 11:46:47 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData
[2010/12/21 14:01:37 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2012/09/01 05:30:48 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Performer Manager
[2012/09/17 02:50:04 | 000,000,000 | ---D | M] -- C:\ProgramData\pdnbfceqwfowiee
[2011/01/03 16:33:14 | 000,000,000 | ---D | M] -- C:\ProgramData\PlayFirst
[2012/12/24 07:40:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Premium
[2012/11/08 04:48:13 | 000,000,000 | ---D | M] -- C:\ProgramData\SaveAs
[2012/09/01 05:35:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Software
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2012/09/01 05:33:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Tarma Installer
[2012/11/08 05:03:26 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2010/09/16 10:08:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Toshiba
[2010/12/21 14:02:39 | 000,000,000 | ---D | M] -- C:\ProgramData\ToshibaEurope
[2010/12/29 16:43:13 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2012/08/15 10:09:14 | 000,000,000 | ---D | M] -- C:\ProgramData\vipzkxrjhaqcxoi
[2011/03/21 22:25:14 | 000,000,000 | ---D | M] -- C:\ProgramData\VirtualizedApplications
[2010/09/16 09:57:07 | 000,000,000 | ---D | M] -- C:\ProgramData\vista32
[2010/09/16 09:57:07 | 000,000,000 | ---D | M] -- C:\ProgramData\vista64
[2012/10/13 19:21:53 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2010/09/16 10:00:27 | 000,000,000 | ---D | M] -- C:\ProgramData\win7_32
[2010/09/16 10:00:27 | 000,000,000 | ---D | M] -- C:\ProgramData\win7_64
[2010/09/16 09:57:06 | 000,000,000 | ---D | M] -- C:\ProgramData\xp
[2010/12/29 16:40:42 | 000,000,000 | -HSD | M] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2012/03/13 15:07:13 | 000,000,000 | -H-D | M] -- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2013/02/15 12:19:00 | 000,000,410 | -H-- | M] () -- C:\Windows\Tasks\OptimizerProUpdaterTask{B27BD34A-CB82-4E5D-8AA4-3E4746DFAC71}.job
[2012/03/13 15:07:15 | 000,000,232 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2013/02/15 12:19:05 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
[2012/12/29 15:26:02 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/06/12 06:19:54 | 000,000,222 | ---- | M] () -- C:\Windows\Tasks\SidebarExecute.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 490 bytes -> C:\Windows\System32\drivers\dcxsxuyz.sys:changelist
< End of report >