MG 76
-
Compteur de contenus
9 -
Inscription
-
Dernière visite
MG 76's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
Bonjour, Je sais que je n'ai pas de CD d'installation mais j'ignore si j'ai une partition de recouvrement. Ce dont je suis certaine, c'est que le disque "F" n'existait pas avant. Je vais voir si je peux réinstaller et si ça fonctionne mieux. Merci en tous cas. Marie
-
Bonjour, J'ai effectué les manipulations et il a été mentionné que certains fichiers étaient endommagés. J'ai ensuite essayé les utilitaires et toujours le même résultat (écran bleu et .... )mais Combofix se décompresse un peu plus qu'hier. Pour l'ordinateur, il a environ deux ans, c'est tout. Est-ce grave ?? Merci Marie
-
Bonsoir, Désolée, RKILL me donne le même résultat que COMBOFIX (écran bleu avec phrases et redémarrage). Quelque chose doit bloquer le système car même en mode sans échec, c'est idem. Marie
-
Bonjour, Désolée mais je ne peux pas installer combofix,j'ai essayé plusieurs fois mais quant il commence à se décompresser et j'ai un écran bleu avec " Dumping crash physical disk - beginning dump of physical memory ". Que dois-je faire. Merci Marie
-
Bonsoir, J'ai eu des difficultés à faire le scan OTL - l'ordi a bloqué à différentes reprises et j'ai été obligé de l'arrêter pour le relancer. Cette fois, il a fait le contrôle sans problème. Voici le rapport : All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found. File C:\Program Files\mozilla firefox\components\coFFPlgn.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{728c0bb7-1e36-11df-8a1f-00238b013c89}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{728c0bb7-1e36-11df-8a1f-00238b013c89}\ not found. File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\NoLimit.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a0d9fa18-4e31-11df-98d8-00238b013c89}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0d9fa18-4e31-11df-98d8-00238b013c89}\ not found. File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\NoLimit.exe not found. C:\Program Files\ESET\ESET Online Scanner\Quarantine folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\temp folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules\data folder moved successfully. C:\Program Files\ESET\ESET Online Scanner\Modules folder moved successfully. C:\Program Files\ESET\ESET Online Scanner folder moved successfully. C:\Program Files\ESET folder moved successfully. ADS C:\ProgramData\TEMP:9F683177 deleted successfully. ADS C:\ProgramData\TEMP:B623B5B8 deleted successfully. ADS C:\ProgramData\TEMP:9E22BBE8 deleted successfully. ADS C:\ProgramData\TEMP:3E7393FC deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== < ipconfig /flushdns /c > Configuration IP de Windows Cache de r‚solution DNS vid‚. C:\Users\laurine\Desktop\cmd.bat deleted successfully. C:\Users\laurine\Desktop\cmd.txt deleted successfully. C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully. C:\WINDOWS\tasks\At1.job moved successfully. C:\WINDOWS\tasks\At10.job moved successfully. C:\WINDOWS\tasks\At100.job moved successfully. C:\WINDOWS\tasks\At101.job moved successfully. C:\WINDOWS\tasks\At102.job moved successfully. C:\WINDOWS\tasks\At103.job moved successfully. C:\WINDOWS\tasks\At104.job moved successfully. C:\WINDOWS\tasks\At105.job moved successfully. C:\WINDOWS\tasks\At106.job moved successfully. C:\WINDOWS\tasks\At107.job moved successfully. C:\WINDOWS\tasks\At108.job moved successfully. C:\WINDOWS\tasks\At109.job moved successfully. C:\WINDOWS\tasks\At11.job moved successfully. C:\WINDOWS\tasks\At110.job moved successfully. C:\WINDOWS\tasks\At111.job moved successfully. C:\WINDOWS\tasks\At112.job moved successfully. C:\WINDOWS\tasks\At113.job moved successfully. C:\WINDOWS\tasks\At114.job moved successfully. C:\WINDOWS\tasks\At115.job moved successfully. C:\WINDOWS\tasks\At116.job moved successfully. C:\WINDOWS\tasks\At117.job moved successfully. C:\WINDOWS\tasks\At118.job moved successfully. C:\WINDOWS\tasks\At119.job moved successfully. C:\WINDOWS\tasks\At12.job moved successfully. C:\WINDOWS\tasks\At120.job moved successfully. C:\WINDOWS\tasks\At13.job moved successfully. C:\WINDOWS\tasks\At14.job moved successfully. C:\WINDOWS\tasks\At15.job moved successfully. C:\WINDOWS\tasks\At16.job moved successfully. C:\WINDOWS\tasks\At17.job moved successfully. C:\WINDOWS\tasks\At18.job moved successfully. C:\WINDOWS\tasks\At19.job moved successfully. C:\WINDOWS\tasks\At2.job moved successfully. C:\WINDOWS\tasks\At20.job moved successfully. C:\WINDOWS\tasks\At21.job moved successfully. C:\WINDOWS\tasks\At22.job moved successfully. C:\WINDOWS\tasks\At23.job moved successfully. C:\WINDOWS\tasks\At24.job moved successfully. C:\WINDOWS\tasks\At25.job moved successfully. C:\WINDOWS\tasks\At26.job moved successfully. C:\WINDOWS\tasks\At27.job moved successfully. C:\WINDOWS\tasks\At28.job moved successfully. C:\WINDOWS\tasks\At29.job moved successfully. C:\WINDOWS\tasks\At3.job moved successfully. C:\WINDOWS\tasks\At30.job moved successfully. C:\WINDOWS\tasks\At31.job moved successfully. C:\WINDOWS\tasks\At32.job moved successfully. C:\WINDOWS\tasks\At33.job moved successfully. C:\WINDOWS\tasks\At34.job moved successfully. C:\WINDOWS\tasks\At35.job moved successfully. C:\WINDOWS\tasks\At36.job moved successfully. C:\WINDOWS\tasks\At37.job moved successfully. C:\WINDOWS\tasks\At38.job moved successfully. C:\WINDOWS\tasks\At39.job moved successfully. C:\WINDOWS\tasks\At4.job moved successfully. C:\WINDOWS\tasks\At40.job moved successfully. C:\WINDOWS\tasks\At41.job moved successfully. C:\WINDOWS\tasks\At42.job moved successfully. C:\WINDOWS\tasks\At43.job moved successfully. C:\WINDOWS\tasks\At44.job moved successfully. C:\WINDOWS\tasks\At45.job moved successfully. C:\WINDOWS\tasks\At46.job moved successfully. C:\WINDOWS\tasks\At47.job moved successfully. C:\WINDOWS\tasks\At48.job moved successfully. C:\WINDOWS\tasks\At49.job moved successfully. C:\WINDOWS\tasks\At5.job moved successfully. C:\WINDOWS\tasks\At50.job moved successfully. C:\WINDOWS\tasks\At51.job moved successfully. C:\WINDOWS\tasks\At52.job moved successfully. C:\WINDOWS\tasks\At53.job moved successfully. C:\WINDOWS\tasks\At54.job moved successfully. C:\WINDOWS\tasks\At55.job moved successfully. C:\WINDOWS\tasks\At56.job moved successfully. C:\WINDOWS\tasks\At57.job moved successfully. C:\WINDOWS\tasks\At58.job moved successfully. C:\WINDOWS\tasks\At59.job moved successfully. C:\WINDOWS\tasks\At6.job moved successfully. C:\WINDOWS\tasks\At60.job moved successfully. C:\WINDOWS\tasks\At61.job moved successfully. C:\WINDOWS\tasks\At62.job moved successfully. C:\WINDOWS\tasks\At63.job moved successfully. C:\WINDOWS\tasks\At64.job moved successfully. C:\WINDOWS\tasks\At65.job moved successfully. C:\WINDOWS\tasks\At66.job moved successfully. C:\WINDOWS\tasks\At67.job moved successfully. C:\WINDOWS\tasks\At68.job moved successfully. C:\WINDOWS\tasks\At69.job moved successfully. C:\WINDOWS\tasks\At7.job moved successfully. C:\WINDOWS\tasks\At70.job moved successfully. C:\WINDOWS\tasks\At71.job moved successfully. C:\WINDOWS\tasks\At72.job moved successfully. C:\WINDOWS\tasks\At73.job moved successfully. C:\WINDOWS\tasks\At74.job moved successfully. C:\WINDOWS\tasks\At75.job moved successfully. C:\WINDOWS\tasks\At76.job moved successfully. C:\WINDOWS\tasks\At77.job moved successfully. C:\WINDOWS\tasks\At78.job moved successfully. C:\WINDOWS\tasks\At79.job moved successfully. C:\WINDOWS\tasks\At8.job moved successfully. C:\WINDOWS\tasks\At80.job moved successfully. C:\WINDOWS\tasks\At81.job moved successfully. C:\WINDOWS\tasks\At82.job moved successfully. C:\WINDOWS\tasks\At83.job moved successfully. C:\WINDOWS\tasks\At84.job moved successfully. C:\WINDOWS\tasks\At85.job moved successfully. C:\WINDOWS\tasks\At86.job moved successfully. C:\WINDOWS\tasks\At87.job moved successfully. C:\WINDOWS\tasks\At88.job moved successfully. C:\WINDOWS\tasks\At89.job moved successfully. C:\WINDOWS\tasks\At9.job moved successfully. C:\WINDOWS\tasks\At90.job moved successfully. C:\WINDOWS\tasks\At91.job moved successfully. C:\WINDOWS\tasks\At92.job moved successfully. C:\WINDOWS\tasks\At93.job moved successfully. C:\WINDOWS\tasks\At94.job moved successfully. C:\WINDOWS\tasks\At95.job moved successfully. C:\WINDOWS\tasks\At96.job moved successfully. C:\WINDOWS\tasks\At97.job moved successfully. C:\WINDOWS\tasks\At98.job moved successfully. C:\WINDOWS\tasks\At99.job moved successfully. C:\WINDOWS\tasks\GlaryInitialize.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully. File\Folder C:\*.sqm not found. File\Folder C:\WINDOWS\System32\*.tmp not found. File\Folder C:\WINDOWS\*.tmp not found. C:\$Recycle.Bin\S-1-5-21-1463186501-2812833338-1491703866-1000\$RWV3BK2.exe moved successfully. C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar70.zip moved successfully. File\Folder C:\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\BabylonToolbar70.zip not found. File\Folder C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar70.zip not found. C:\Users\laurine\Documents\Downloads\Software\BandooV6.exe moved successfully. C:\Windows\System32\8F2AFE561B93F567A3DC72761DE7A407\conf\templates\3302.zip moved successfully. C:\Windows\System32\8F2AFE561B93F567A3DC72761DE7A407\conf\templates\3303.zip moved successfully. C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\6c712c40-79d84953 moved successfully. C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\7560f91-40a02b90 moved successfully. C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\64fcce70-4716bb16 moved successfully. C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\7800b2b9-18309ba6 moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Invité ->Temp folder emptied: 3303512 bytes ->Temporary Internet Files folder emptied: 1347946 bytes ->Java cache emptied: 12131954 bytes ->FireFox cache emptied: 44176467 bytes ->Flash cache emptied: 1218 bytes User: laurine ->Temp folder emptied: 381801468 bytes ->Temporary Internet Files folder emptied: 13758668 bytes ->Java cache emptied: 51263 bytes ->FireFox cache emptied: 30154547 bytes ->Google Chrome cache emptied: 1642864 bytes ->Flash cache emptied: 1971573 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1804718727 bytes RecycleBin emptied: 215513 bytes Total Files Cleaned = 2 189,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Invité ->Flash cache emptied: 0 bytes User: laurine ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb HOSTS file reset successfully OTL by OldTimer - Version 3.2.26.1 log created on 07082011_205313 Files\Folders moved on Reboot... File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... -------------------------------------------------------------------------------------------------------------------------------- J'ai également modifié la copie d'écran, voici le lien : Lien CJoint.com AGivXyYPUam Le disque F est toujours là. J'ai désinstallé ADOBE et JAVA et les versions actuelles sont à jour. Merci Marie
-
Bonjour, Voici le lien pour la photo d'écran : Lien CJoint.com AGil7iMTNuU J'ai donc désinstallé Ad-aware et SPYBOT. Je n'ai pas de périphérique sur l'ordi mis à part une clé USB que je ne laisse pas en permanence mais lorsque que je l'installe, elle ressort sur le poste de travail et ne reste pas quand je l'enlève. Voici également les rapports OTL : OTL logfile created on: 08/07/2011 11:42:47 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\laurine\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,93 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 61,31% Memory free 6,07 Gb Paging File | 4,80 Gb Available in Paging File | 79,01% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,52 Gb Total Space | 17,74 Gb Free Space | 25,51% Space Free | Partition Type: NTFS Drive D: | 69,52 Gb Total Space | 69,35 Gb Free Space | 99,75% Space Free | Partition Type: NTFS Computer Name: PC-DE-LAURINE | User Name: laurine | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/07/08 11:38:05 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\laurine\Desktop\OTL.exe PRC - [2011/04/01 10:31:39 | 002,271,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2011/02/23 17:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011/02/23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/04/03 21:23:58 | 003,558,648 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe PRC - [2009/03/02 12:41:52 | 003,399,727 | ---- | M] (FreeDownloadManager.ORG) -- C:\PROGRA~1\FREEDO~1\FDM.exe PRC - [2009/01/09 19:58:10 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2009/01/09 19:57:04 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2008/11/05 17:21:04 | 000,378,216 | ---- | M] (Acer Incorporated) -- C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe PRC - [2008/08/06 11:18:52 | 006,265,376 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008/07/20 17:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2008/07/20 17:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008/06/24 10:33:44 | 000,817,672 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZyEmachine.EXE PRC - [2008/06/11 12:18:30 | 000,024,576 | ---- | M] () -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe PRC - [2008/05/06 11:28:54 | 000,311,296 | ---- | M] (Acer Inc.) -- C:\Program Files\EMACHINES\eMachines Recovery Management\eRecovery\HidChk.exe PRC - [2007/01/04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe ========== Modules (SafeList) ========== MOD - [2011/07/08 11:38:05 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\laurine\Desktop\OTL.exe MOD - [2011/02/23 17:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011/04/01 10:31:39 | 002,271,608 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011/02/23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2008/07/20 17:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel® SRV - [2008/06/11 12:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService) SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007/01/04 20:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2011/02/23 16:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/02/23 16:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/02/23 16:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/02/23 16:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/02/23 16:55:03 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2011/02/23 16:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2008/07/10 04:43:00 | 000,917,504 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008/06/11 12:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15) DRV - [2007/04/17 21:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKLM\..\URLSearchHook: {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyBa.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\..\URLSearchHook: {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyBa.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.msn.fr/" FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..keyword.URL: "http://redirecterror.sfr.fr/?q="'>http://redirecterror.sfr.fr/?q=" FF - user.js..keyword.URL: "http://redirecterror.sfr.fr/?q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohTVPlugin: C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll (Veoh Networks ) FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohWebPlayer: C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/26 11:40:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/26 11:40:15 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\web@veoh.com: C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder [2009/04/12 19:14:27 | 000,000,000 | ---D | M] [2009/04/18 23:03:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laurine\AppData\Roaming\mozilla\Extensions [2011/07/07 13:12:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laurine\AppData\Roaming\mozilla\Firefox\Profiles\cnvowl6f.default\extensions [2011/04/11 12:11:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\laurine\AppData\Roaming\mozilla\Firefox\Profiles\cnvowl6f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/04/07 19:39:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\laurine\AppData\Roaming\mozilla\Firefox\Profiles\cnvowl6f.default\extensions\ffxtlbr@babylon.com [2011/07/07 12:51:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2011/04/16 19:08:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011/07/07 12:51:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2009/05/11 19:28:53 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION [2009/04/12 19:14:27 | 000,000,000 | ---D | M] (Veoh Web Player Video Finder) -- C:\PROGRAM FILES\VEOH NETWORKS\VEOHWEBPLAYER\FFVIDEOFINDER [2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/06/26 11:40:09 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/04/07 19:25:55 | 000,002,428 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2011/06/26 11:40:09 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/06/26 11:40:09 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/01/29 20:45:46 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml [2010/04/05 15:29:59 | 000,000,615 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pucuy.xml [2011/06/26 11:40:09 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/06/26 11:40:09 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml Hosts file not found O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll (SFR) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll () O2 - BHO: (myBabylon English4 Toolbar) - {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyBa.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc) O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (myBabylon English4 Toolbar) - {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyBa.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (myBabylon English4 Toolbar) - {FC600575-3013-4E8E-941C-4B00DAFCE730} - C:\Program Files\myBabylon_English4\tbmyBa.dll (Conduit Ltd.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZyEmachine.EXE (Dritek System Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe (eMachines) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks) O4 - Startup: C:\Users\laurine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.) O8 - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\laurine\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.jpg O24 - Desktop BackupWallPaper: C:\Users\laurine\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Papier peint de la Galerie de photos Windows Live.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{728c0bb7-1e36-11df-8a1f-00238b013c89}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\NoLimit.exe O33 - MountPoints2\{a0d9fa18-4e31-11df-98d8-00238b013c89}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\NoLimit.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKCU\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Error creating restore point. PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/07/08 11:37:59 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\laurine\Desktop\OTL.exe [2011/07/07 18:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011/07/07 18:16:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011/07/07 14:12:20 | 000,000,000 | ---D | C] -- C:\a supprimer [2011/07/07 13:59:57 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\laurine\Desktop\mbam-setup-1.51.0.1200.exe [2011/07/07 12:51:46 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011/07/07 12:51:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011/07/07 12:51:46 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011/07/06 15:06:01 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011/07/06 15:06:01 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011/07/06 15:05:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011/07/06 15:05:51 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011/07/06 15:05:50 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011/07/06 12:04:52 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011/07/06 12:03:25 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011/07/06 12:03:12 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011/07/06 12:03:11 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011/07/06 12:02:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2011/07/06 12:02:54 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2011/06/12 09:52:08 | 000,000,000 | ---D | C] -- C:\DivX Movies [2010/08/25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll ========== Files - Modified Within 30 Days ========== [2011/07/08 11:44:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/07/08 11:38:05 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\laurine\Desktop\OTL.exe [2011/07/08 11:29:29 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2011/07/08 11:29:23 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/07/08 11:29:23 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2011/07/08 11:29:15 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/07/08 11:29:15 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/07/08 11:28:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/07/08 11:28:27 | 3146,625,024 | -HS- | M] () -- C:\hiberfil.sys [2011/07/07 22:13:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/07/07 22:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At95.job [2011/07/07 22:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At71.job [2011/07/07 22:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At47.job [2011/07/07 22:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At23.job [2011/07/07 22:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At119.job [2011/07/07 20:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At94.job [2011/07/07 20:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At70.job [2011/07/07 20:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At46.job [2011/07/07 20:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At22.job [2011/07/07 20:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At118.job [2011/07/07 20:42:47 | 000,459,264 | ---- | M] () -- C:\Users\laurine\Desktop\CKScanner.exe [2011/07/07 20:00:02 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At69.job [2011/07/07 20:00:02 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At45.job [2011/07/07 20:00:02 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At21.job [2011/07/07 20:00:02 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At117.job [2011/07/07 19:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At93.job [2011/07/07 19:00:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At92.job [2011/07/07 19:00:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At68.job [2011/07/07 19:00:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At44.job [2011/07/07 19:00:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At20.job [2011/07/07 19:00:01 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At116.job [2011/07/07 18:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At91.job [2011/07/07 18:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At67.job [2011/07/07 18:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At19.job [2011/07/07 18:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At115.job [2011/07/07 17:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At43.job [2011/07/07 17:42:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At90.job [2011/07/07 17:42:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At66.job [2011/07/07 17:42:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At42.job [2011/07/07 17:42:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At18.job [2011/07/07 17:42:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At114.job [2011/07/07 15:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At89.job [2011/07/07 15:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At65.job [2011/07/07 15:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At41.job [2011/07/07 15:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At17.job [2011/07/07 15:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At113.job [2011/07/07 15:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At64.job [2011/07/07 15:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At16.job [2011/07/07 15:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At112.job [2011/07/07 14:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At88.job [2011/07/07 14:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At40.job [2011/07/07 14:47:37 | 000,369,085 | ---- | M] () -- C:\Users\laurine\Desktop\MiniToolBox.exe [2011/07/07 14:42:37 | 000,879,028 | ---- | M] () -- C:\Users\laurine\Desktop\SecurityCheck.exe [2011/07/07 14:00:59 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/07/07 14:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At63.job [2011/07/07 14:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At39.job [2011/07/07 14:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At15.job [2011/07/07 14:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At111.job [2011/07/07 13:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At87.job [2011/07/07 13:55:18 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\laurine\Desktop\mbam-setup-1.51.0.1200.exe [2011/07/07 13:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At86.job [2011/07/07 13:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At62.job [2011/07/07 13:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At14.job [2011/07/07 13:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At110.job [2011/07/07 12:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At38.job [2011/07/07 12:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At61.job [2011/07/07 12:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At37.job [2011/07/07 12:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At13.job [2011/07/07 12:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At109.job [2011/07/07 11:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At85.job [2011/07/07 10:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At84.job [2011/07/07 10:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At60.job [2011/07/07 10:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At36.job [2011/07/07 10:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At12.job [2011/07/07 10:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At108.job [2011/07/07 10:49:07 | 000,694,122 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/07/07 10:49:07 | 000,600,690 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/07/07 10:49:07 | 000,131,708 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/07/07 10:49:07 | 000,108,572 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/07/07 10:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At83.job [2011/07/07 10:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At59.job [2011/07/07 10:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At35.job [2011/07/07 10:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At11.job [2011/07/07 10:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At107.job [2011/07/07 09:00:24 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At82.job [2011/07/07 09:00:24 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At58.job [2011/07/07 09:00:24 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At34.job [2011/07/07 09:00:24 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At106.job [2011/07/07 09:00:24 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At10.job [2011/07/07 08:55:22 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2011/07/07 08:53:31 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat [2011/07/07 08:53:31 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat [2011/07/07 08:27:37 | 000,322,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/07/07 08:19:47 | 262,011,081 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011/07/07 08:15:16 | 000,000,127 | ---- | M] () -- C:\Windows\System32\MRT.INI [2011/07/07 08:00:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At9.job [2011/07/07 08:00:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At81.job [2011/07/07 08:00:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At57.job [2011/07/07 08:00:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At33.job [2011/07/07 08:00:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At105.job [2011/07/06 00:36:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At97.job [2011/07/06 00:36:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At1.job [2011/07/06 00:34:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At73.job [2011/07/06 00:30:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At25.job [2011/07/06 00:16:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At49.job [2011/07/03 12:46:51 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys [2011/07/01 14:04:50 | 000,000,504 | ---- | M] () -- C:\Users\laurine\AppData\Roaming\wklnhst.dat [2011/06/30 07:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At80.job [2011/06/30 07:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At8.job [2011/06/30 07:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At56.job [2011/06/30 07:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At32.job [2011/06/30 07:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At104.job [2011/06/29 23:11:12 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At96.job [2011/06/29 23:11:12 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At72.job [2011/06/29 23:11:12 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At48.job [2011/06/29 23:11:12 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At24.job [2011/06/29 23:11:12 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At120.job [2011/06/29 20:14:26 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011/06/27 14:25:48 | 000,065,536 | ---- | M] () -- C:\Users\laurine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/06/27 14:24:22 | 000,236,814 | ---- | M] () -- C:\Users\laurine\Documents\021.JPG [2011/06/21 16:32:24 | 000,010,643 | ---- | M] () -- C:\Users\laurine\Documents\pas aujourdui.odt [2011/06/13 02:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At99.job [2011/06/13 02:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At75.job [2011/06/13 02:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At51.job [2011/06/13 02:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At27.job [2011/06/13 01:59:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At3.job [2011/06/13 01:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At98.job [2011/06/13 01:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At74.job [2011/06/13 01:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At50.job [2011/06/13 01:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At26.job [2011/06/13 01:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\At2.job ========== Files Created - No Company Name ========== [2011/07/08 11:44:34 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/07/07 20:42:46 | 000,459,264 | ---- | C] () -- C:\Users\laurine\Desktop\CKScanner.exe [2011/07/07 14:47:35 | 000,369,085 | ---- | C] () -- C:\Users\laurine\Desktop\MiniToolBox.exe [2011/07/07 14:42:35 | 000,879,028 | ---- | C] () -- C:\Users\laurine\Desktop\SecurityCheck.exe [2011/07/06 17:54:19 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2011/06/26 16:38:48 | 000,236,814 | ---- | C] () -- C:\Users\laurine\Documents\021.JPG [2011/06/26 13:45:35 | 262,011,081 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011/06/21 16:32:23 | 000,010,643 | ---- | C] () -- C:\Users\laurine\Documents\pas aujourdui.odt [2011/04/25 20:19:33 | 000,000,112 | ---- | C] () -- C:\ProgramData\v12G5K3mO.dat [2011/04/22 19:27:35 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat [2011/04/22 19:27:35 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat [2011/04/20 16:37:08 | 000,011,158 | -HS- | C] () -- C:\Users\laurine\AppData\Local\648e05gq178dq1i732f265a7gxi2614726 [2011/04/20 16:37:08 | 000,011,158 | -HS- | C] () -- C:\ProgramData\648e05gq178dq1i732f265a7gxi2614726 [2011/04/07 21:06:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\reginfo.dll [2010/09/04 20:01:06 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010/09/04 20:01:06 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010/08/28 18:41:41 | 000,001,700 | ---- | C] () -- C:\Windows\wininit.ini [2010/08/28 17:07:26 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll [2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll [2010/02/20 11:17:56 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI [2009/10/20 16:13:51 | 000,000,504 | ---- | C] () -- C:\Users\laurine\AppData\Roaming\wklnhst.dat [2009/04/23 13:22:25 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2009/04/23 13:22:24 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2009/04/23 13:22:24 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2009/04/23 13:22:24 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2009/04/23 13:22:24 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2009/04/23 13:22:24 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2009/04/23 13:22:24 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2009/04/23 13:22:24 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2009/04/23 13:22:24 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2009/04/23 13:22:24 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2009/04/23 13:22:24 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2009/04/23 13:22:24 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2009/04/23 13:22:24 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2009/04/23 13:22:24 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2009/04/23 13:22:24 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2009/04/23 13:22:24 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2009/04/23 13:22:24 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2009/04/23 13:22:24 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2009/04/23 13:22:24 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2009/04/18 23:03:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009/04/01 10:04:25 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009/03/30 20:09:04 | 000,065,536 | ---- | C] () -- C:\Users\laurine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/11/05 17:22:15 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll [2008/05/29 19:13:08 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008/05/29 19:12:59 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1527.dll [2008/05/29 19:12:58 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin [2008/05/29 10:19:48 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll [2008/05/29 10:19:48 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll [2008/05/29 09:57:33 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2008/05/29 09:57:33 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat [2008/05/29 09:57:33 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2008/05/29 09:57:33 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat [2008/01/21 09:23:37 | 000,694,122 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2008/01/21 09:23:37 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2008/01/21 09:23:37 | 000,131,708 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2008/01/21 09:23:37 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2006/11/02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 14:44:53 | 000,322,104 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 12:33:01 | 000,600,690 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 12:33:01 | 000,108,572 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005/02/25 06:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL [2004/07/06 12:06:24 | 000,016,384 | ---- | C] () -- C:\Users\laurine\AppData\Roaming\CDRusersDB.v12 [2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2011/07/07 14:32:22 | 000,061,541 | ---- | M] () -- C:\aaw7boot.log [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008/05/29 19:15:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2011/05/21 11:01:41 | 000,000,021 | ---- | M] () -- C:\cfg.ini [2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2011/07/08 11:28:27 | 3146,625,024 | -HS- | M] () -- C:\hiberfil.sys [2011/02/05 10:54:54 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011/02/05 10:54:54 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011/07/08 11:28:26 | 3460,431,872 | -HS- | M] () -- C:\pagefile.sys [2011/04/20 18:49:48 | 000,000,000 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/07/08 11:44:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2008/05/29 09:58:10 | 000,000,426 | ---- | M] () -- C:\RHDSetup.log [2011/04/07 19:27:02 | 000,024,356 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_07.04.2011_19.26.40_log.txt [2011/04/07 19:32:28 | 000,113,036 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_07.04.2011_19.30.38_log.txt [2011/04/07 19:45:02 | 000,057,530 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_07.04.2011_19.42.17_log.txt [2011/04/08 10:54:43 | 000,057,508 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_08.04.2011_10.54.09_log.txt [2011/04/10 19:05:37 | 000,057,508 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_10.04.2011_19.05.07_log.txt [2011/04/28 19:03:39 | 000,058,000 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_28.04.2011_19.03.17_log.txt [2008/11/05 17:24:50 | 000,386,750 | ---- | M] () -- C:\vcredist_x86.log < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2008/01/21 05:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2008/01/21 05:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2008/01/21 05:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2011/04/21 15:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\afd.sys [2011/04/14 16:59:03 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\dfsc.sys [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbam.sys [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamswissarmy.sys [2011/04/29 15:24:40 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxsmb.sys [2011/04/29 15:24:50 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxsmb10.sys [2011/04/29 15:24:42 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxsmb20.sys [2011/07/03 12:46:51 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\Windows\system32\drivers\SBREDrv.sys [2011/04/29 15:25:10 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\srv2.sys [2011/04/29 15:25:09 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\srvnet.sys < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-08 09:34:46 ========== Alternate Data Streams ========== @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:9F683177 @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:B623B5B8 @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:9E22BBE8 @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3E7393FC < End of report > ------------------------------------------------------------------------------------------------------------------------------------------------------------- OTL Extras logfile created on: 08/07/2011 11:42:47 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\laurine\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19019) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,93 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 61,31% Memory free 6,07 Gb Paging File | 4,80 Gb Available in Paging File | 79,01% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,52 Gb Total Space | 17,74 Gb Free Space | 25,51% Space Free | Partition Type: NTFS Drive D: | 69,52 Gb Total Space | 69,35 Gb Free Space | 99,75% Space Free | Partition Type: NTFS Computer Name: PC-DE-LAURINE | User Name: laurine | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{2343067C-1228-4FD1-B4C1-86E91A09A718}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{28ADEDE1-A4D5-42D8-9B05-BF7C283C4061}" = lport=29268 | protocol=6 | dir=in | name=spport | "{28ADEDE1-A4D5-42D8-9B05-BF7C283C4062}" = lport=29268 | protocol=6 | dir=out | name=spport | "{669B287E-D1C9-47EE-AC88-F2BC7C4E4424}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{068BE7C5-56CC-42F1-A167-26F71583A813}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{25AFA46E-CEE5-402E-B3A3-447B7D76991E}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{2839BACB-FFBA-4A65-8893-0F189084C1CC}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{28ADEDE1-A4D5-42D8-9B05-BF7C283C4059}" = protocol=6 | dir=in | app=c:\windows\system32\svchost.exe | "{28ADEDE1-A4D5-42D8-9B05-BF7C283C4060}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe | "{30A456BF-5064-4464-8ED9-F7D075C6D7AA}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{30AD4AEB-A08A-469F-8C2C-627EA4E21369}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{33F08ED3-9EF8-4B35-88F1-328CA8FB6778}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | "{34D726D9-5C66-41CB-B6E2-C3F2ECACDD09}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{41CF6E5E-957E-4D27-9C9A-968492ED1688}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{46347FF4-2055-4AC0-AB49-25F16332B409}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{4C3AB83D-6359-4A26-8617-0AC38521F0CC}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | "{89220381-F4B3-489B-8368-8A95689D79D8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{8B2BDE4E-3643-46CF-B777-CC4F202053BC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{90385DF7-E4F8-48AC-9FBB-A63A0CAD1645}" = dir=in | app=c:\windows\system32\authclient.exe | "{96BB385C-9E83-48AF-9092-0882D0D729A3}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{9B589A65-E909-47C5-93B9-2D1A59A9D491}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{9F0BBEBF-BACE-4A58-BA2A-DCF2B3167160}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{B3B40D47-CB85-4C18-B819-02CBD5CE1406}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{B5004830-5BBE-416C-BD3F-63294F29BD4B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{C7A135A0-EFBE-45CA-A409-14999DB36F41}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe | "{D6B165BB-6C69-442A-8831-87612DCB834A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe | "{D8A15CFE-E862-4185-A1A8-602838FD6748}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{DFE26251-9FCA-4BF0-A4C1-187A42B7B3F5}" = protocol=17 | dir=in | app=c:\windows\temp\nmre\setup.exe | "{F1855445-5719-4E1B-9C1C-296A16A3D7A7}" = protocol=6 | dir=in | app=c:\windows\temp\nmre\setup.exe | "TCP Query User{021CFC52-0D8B-4622-AF52-25C9F3756B67}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{E493C01C-03E3-43CF-AFC8-537D6B3C578C}C:\program files\fluendo\moovida\moovida.exe" = protocol=6 | dir=in | app=c:\program files\fluendo\moovida\moovida.exe | "UDP Query User{6C62B1A2-6408-4C1A-9A85-B6842966919A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{F8311E13-B35D-4864-831E-DF1EC13EE5CF}C:\program files\fluendo\moovida\moovida.exe" = protocol=17 | dir=in | app=c:\program files\fluendo\moovida\moovida.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Barre d'outils Bing "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{230B83A5-7D88-4B95-B71E-F44C0C78B002}" = Windows Live Movie Maker "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 26 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6084C211-01A1-464E-97A0-09772E122B50}" = Moovida "{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform "{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = eMachines ScreenSaver "{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management "{81063354-9060-42B2-A000-1EBE96778AA9}" = iTunes "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11019760}" = eMachines "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}" = Bejeweled 2 Deluxe "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110305887}" = Diner Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111265347}" = Luxor "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113537610}" = Build-a-lot "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113772953}" = Amazing Adventures The Lost Tomb "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11386547}" = Farm Frenzy "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D6524E6-15CF-4852-BF70-04FE973A3DE1}" = Windows Live Toolbar "{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F870B987-18BC-45FC-9BE8-35C02DCDA10F}" = Broadcom Gigabit Integrated Controller "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode) "avast" = avast! Free Antivirus "CCleaner" = CCleaner "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "EPSON Printer and Utilities" = EPSON Printer Software "EPSON Scanner" = EPSON Scan "ESET Online Scanner" = ESET Online Scanner v3 "Glary Utilities_is1" = Glary Utilities 2.20.0.831 "Google Chrome" = Google Chrome "Google Desktop" = Google Desktop "HDMI" = Intel® Graphics Media Accelerator Driver "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8 "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18) "myBabylon_English4 Toolbar" = myBabylon_English4 Toolbar "SFR_Kit" = SFR - Kit de connexion "SynTPDeinstKey" = Synaptics Pointing Device Driver "TeamViewer 6" = TeamViewer 6 "Veoh Video Compass" = Veoh Video Compass "Veoh Web Player Beta" = Veoh Web Player "VLC media player" = VLC media player 1.0.1 "WinLiveSuite_Wave3" = Installation Windows Live "Yahoo! Companion" = Yahoo! Toolbar "ZHPDiag_is1" = ZHPDiag 1.27 ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 19/10/2009 14:30:55 | Computer Name = PC-de-laurine | Source = avast! | ID = 33554522 Description = Error - 03/09/2010 10:32:20 | Computer Name = PC-de-laurine | Source = avast! | ID = 33554522 Description = Error - 24/11/2010 14:30:59 | Computer Name = PC-de-laurine | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 07/07/2011 12:20:24 | Computer Name = PC-de-laurine | Source = WinMgmt | ID = 10 Description = Error - 07/07/2011 14:45:34 | Computer Name = PC-de-laurine | Source = Application Hang | ID = 1002 Description = Le programme CKScanner.exe version 1.9.1.1 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 1368 Heure de début : 01cc3cd5e6fa5d90 Heure de fin : 4 Error - 07/07/2011 17:35:46 | Computer Name = PC-de-laurine | Source = WinMgmt | ID = 10 Description = Error - 08/07/2011 05:29:45 | Computer Name = PC-de-laurine | Source = WinMgmt | ID = 10 Description = Error - 08/07/2011 05:33:21 | Computer Name = PC-de-laurine | Source = SPP | ID = 16387 Description = Error - 08/07/2011 05:33:21 | Computer Name = PC-de-laurine | Source = System Restore | ID = 8193 Description = Error - 08/07/2011 05:33:32 | Computer Name = PC-de-laurine | Source = SPP | ID = 16387 Description = Error - 08/07/2011 05:33:32 | Computer Name = PC-de-laurine | Source = System Restore | ID = 8193 Description = Error - 08/07/2011 05:44:34 | Computer Name = PC-de-laurine | Source = SPP | ID = 16387 Description = Error - 08/07/2011 05:44:34 | Computer Name = PC-de-laurine | Source = System Restore | ID = 8193 Description = [ System Events ] Error - 07/07/2011 02:55:37 | Computer Name = PC-de-laurine | Source = Service Control Manager | ID = 7026 Description = Error - 07/07/2011 03:15:17 | Computer Name = PC-de-laurine | Source = DCOM | ID = 10016 Description = Error - 07/07/2011 05:30:28 | Computer Name = PC-de-laurine | Source = DCOM | ID = 10016 Description = Error - 07/07/2011 05:30:28 | Computer Name = PC-de-laurine | Source = DCOM | ID = 10016 Description = Error - 07/07/2011 08:33:38 | Computer Name = PC-de-laurine | Source = Service Control Manager | ID = 7026 Description = Error - 07/07/2011 12:20:24 | Computer Name = PC-de-laurine | Source = Service Control Manager | ID = 7026 Description = Error - 07/07/2011 15:58:51 | Computer Name = PC-de-laurine | Source = bowser | ID = 8003 Description = Error - 07/07/2011 17:35:46 | Computer Name = PC-de-laurine | Source = Service Control Manager | ID = 7026 Description = Error - 08/07/2011 05:28:24 | Computer Name = PC-de-laurine | Source = ACPI | ID = 327693 Description = : le contrôleur embarqué n’a pas répondu dans le délai imparti. Cette erreur peut indiquer que le matériel ou le microprogramme du contrôleur embarqué présente une erreur ou que le BIOS accède au contrôleur embarqué de manière incorrecte. Contactez le fabricant de votre ordinateur afin de savoir si un BIOS mis à niveau est disponible. Dans certains cas, cette erreur peut provoquer un fonctionnement incorrect de l’application. Error - 08/07/2011 05:29:45 | Computer Name = PC-de-laurine | Source = Service Control Manager | ID = 7026 Description = < End of report > ------------------------------------------------------------------------------------------------------------------------------------------------------------------ Merci Marie
-
Bonsoir, voici les 3 rapports : C:\$Recycle.Bin\S-1-5-21-1463186501-2812833338-1491703866-1000\$RWV3BK2.exe une variante de Win32/RegistryReviver application C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar70.zip Win32/Bagle.gen.zip ver C:\Users\All Users\Application Data\Spybot - Search & Destroy\Recovery\BabylonToolbar70.zip Win32/Bagle.gen.zip ver C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar70.zip Win32/Bagle.gen.zip ver C:\Users\laurine\Documents\Downloads\Software\BandooV6.exe menaces multiples C:\Windows\System32\8F2AFE561B93F567A3DC72761DE7A407\conf\templates\3302.zip une variante de Win32/Kryptik.MLX cheval de troie C:\Windows\System32\8F2AFE561B93F567A3DC72761DE7A407\conf\templates\3303.zip une variante de Win32/Kryptik.MLX cheval de troie C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\6c712c40-79d84953 une variante de Java/TrojanDownloader.OpenStream.NBM cheval de troie C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\7560f91-40a02b90 une variante probable de Java/TrojanDownloader.OpenStream.NCC cheval de troie C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\64fcce70-4716bb16 une variante de Java/TrojanDownloader.OpenStream.NBM cheval de troie C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\7800b2b9-18309ba6 une variante probable de Java/TrojanDownloader.OpenStream.NCC cheval de troie ------------------------------------------------------------------------------------------------------------------------------------------------ MiniToolBox by Farbar Ran by laurine (administrator) on 07-07-2011 at 20:41:39 Windows Vista Home Basic Service Pack 2 (X86) *************************************************************************** ================= Flush DNS: ============================================== Configuration IP de Windows Cache de r‚solution DNS vid‚. ================= End of Flush DNS ======================================== "Reset IE Proxy Settings": Proxy Settings were reset. Hosts file not detected in the default diroctory ---------------------------------------------------------------------------------------------------------------------------------------------- CKScanner - Additional Security Risks - These are not necessarily bad c:\program files\emachines gamezone\bejeweled 2 deluxe\sounds\firecrackle.ogg scanner sequence 3.NA.11.UPAPSW ----- EOF ----- ----------------------------------------------------------------------------------------------------------------------------------------------- J'ai regardé dans poste de travail et il y a toujours un disque "F", dans autre mais que je n'arrive pas à supprimer et qui n'existe pas. J'ai fait une copie d'écran mais je ne sais pas comment l'envoyer. Merci Marie
-
Veuillez trouver ci-dessous les trois rapports : Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 7040 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19019 07/07/2011 14:30:22 mbam-log-2011-07-07 (14-30-22).txt Type d'examen: Examen rapide Elément(s) analysé(s): 172972 Temps écoulé: 4 minute(s), 35 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 4 Valeur(s) du Registre infectée(s): 3 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SPService (TrojanProxy.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{96AFBE69-C3B0-4B00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Value: {96AFBE69-C3B0-4B00-8578-D933D2896EE2} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Value: {96AFBE69-C3B0-4b00-8578-D933D2896EE2} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvc (TrojanProxy.Agent) -> Value: netsvc -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) ------------------------------------------------------------------------------------------------------------------------------------------------ Results of screen317's Security Check version 0.99.7 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Ad-Aware Malwarebytes' Anti-Malware CCleaner Java 6 Update 26 Java 6 Update 7 Out of date Java installed! Adobe Flash Player 10.2.152.32 Adobe Reader 9 Out of date Adobe Reader installed! Mozilla Firefox (3.6.18) ```````````````````````````````` Process Check: objlist.exe by Laurent Ad-Aware AAWService.exe is disabled! Ad-Aware AAWTray.exe is disabled! Alwil Software Avast5 AvastSvc.exe Alwil Software Avast5 AvastUI.exe ``````````End of Log```````````` -------------------------------------------------------------------------------------------------------------------------------------------------- MiniToolBox by Farbar Ran by laurine (administrator) on 07-07-2011 at 14:48:53 Windows Vista Home Basic Service Pack 2 (X86) *************************************************************************** ========================= Memory info: ==================================== Percentage of memory in use: 38% Total physical RAM: 3000.13 MB Available physical RAM: 1832.04 MB Total Pagefile: 6214.5 MB Available Pagefile: 5060.76 MB Total Virtual: 2047.88 MB Available Virtual: 1956.76 MB ======================= Partitions: ======================================= 1 Drive c: (OS) (Fixed) (Total:69.52 GB) (Free:17 GB) NTFS 2 Drive d: (DATA) (Fixed) (Total:69.52 GB) (Free:69.35 GB) NTFS ================= Users: ================================================== comptes d'utilisateurs de \\PC-DE-LAURINE ------------------------------------------------------------------------------- Administrateur Invit‚ laurine La commande s'est termin‚e correctement. ================= End of Users ============================================ Merci Marie
-
Bonjour, Je pense être infecté, mon ordi bug et j'ai constaté la présence d'un disque " F " sous l'explorateur avec un point d'interrogation. Je n'ai jamais créé de partition ou installé de disque supplémentaire. Pas possible de le supprimer non plus. J'ai un rapport hijackthis. Merci de votre aide. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:34:51, on 07/07/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19019) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Downloads\Software\HijackThis(1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=040c&s=2&o=vb32&d=1108&m=emg520 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: myBabylon English4 Toolbar - {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyBa.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\Neuf\Kit\SFRNavErrorHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: myBabylon English4 Toolbar - {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyBa.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll O3 - Toolbar: myBabylon English4 Toolbar - {fc600575-3013-4e8e-941c-4b00dafce730} - C:\Program Files\myBabylon_English4\tbmyBa.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZyEmachine.EXE O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User 'Default user') O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate1c9c68cf3017210) (gupdate1c9c68cf3017210) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: SPService - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 26444 bytes Marie