jumpman

Vraiment bluffant d efficacité. J en conclus que d apres le dernier rapport et la derniere manip l ordi est clean?

Merci pour ton aide. De plus j ai ask.com que j arrive pas a virer malgré different manip (quand j ouvre un onglet sous firefox) All processes killed ========== FILES ========== C:\Users\mumu\AppData\Local\iLivid\iLivid.exe moved successfully. C:\ProgramData\Datamngr folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User User: mumu ->Temp folder emptied: 5738309 bytes ->Temporary Internet Files folder emptied: 2583 bytes ->Java cache emptied: 848 bytes ->FireFox cache emptied: 76050183 bytes ->Flash cache emptied: 806 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36502 bytes %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42328435 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 118,00 mb OTM by OldTimer - Version 3.1.21.0 log created on 09082013_140450 Files moved on Reboot... C:\Users\mumu\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\mumu\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. Registry entries deleted on Reboot...

Bonjour a tous, je vous poste 3 rapports pour m aider a avoir un pc totalement clean. Merci de votre aide en tout cas. Malwarebytes Anti-Malware (PRO) 1.70.0.1100 www.malwarebytes.org Version de la base de données: v2013.09.06.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 mumu :: MUMU-PC [administrateur] Protection: Activé 07/09/2013 13:45:31 mbam-log-2013-09-07 (13-45-31).txt Type d'examen: Examen complet (C:\|D:\|E:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 408659 Temps écoulé: 1 heure(s), 13 minute(s), 59 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 2 C:\Users\mumu\Downloads\Programs\iLividSetup-r400-n-bf.exe (PUP.Optional.Bandoo) -> Mis en quarantaine et supprimé avec succès. C:\Users\mumu\Downloads\Programs\iLividSetup-r400-n-bf_2.exe (PUP.Optional.Bandoo) -> Mis en quarantaine et supprimé avec succès. (fin) info.txt logfile of random's system information tool 1.09 2013-09-07 18:45:26 ======Uninstall list====== -->"C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Blasterball 3\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Diner Dash\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Dora's Carnival Adventure\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Farm Frenzy\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\FATE\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\HP Game Console\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Mah Jong Medley\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Peggle\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Polar Bowler\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Polar Golfer\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Slingo Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\StoneLoops of Jurassica\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Super Collapse 3\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\THE GAME OF LIFE\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Virtual Families\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\World of Goo\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Yahtzee\Uninstall.exe" -->"C:\Program Files (x86)\HP Games\Zuma Deluxe\Uninstall.exe" -->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40} Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe -maintain plugin Adobe Reader 9.1 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001} Adobe Shockwave Player-->MsiExec.exe /X{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF} Apple Application Support-->MsiExec.exe /I{CCE825DB-347A-4004-A186-5F4A6FDD8547} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Atheros Driver Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\Setup.exe" -runfromtemp -l0x040c Avira Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE Catalyst Control Center - Branding-->MsiExec.exe /I{E72F1051-B87E-4EF4-AE9F-8FDD229CC438} CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink DVD Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall CyberLink MediaShow-->"C:\Program Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\setup.exe" /z-uninstall CyberLink MediaShow-->"C:\Program Files (x86)\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\setup.exe" /z-uninstall CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall CyberLink PowerDVD 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall ESU for Microsoft Windows 7-->MsiExec.exe /I{3877C901-7B90-4727-A639-B6ED2DD59D43} Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Hewlett-Packard ACLM.NET v1.2.1.1-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} HP Advisor-->MsiExec.exe /X{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B} HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} HP Games-->"C:\Program Files (x86)\HP Games\Uninstall.exe" HP Quick Launch Buttons-->"C:\Program Files (x86)\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -runfromtemp -l0x040c -removeonly uninst HP Setup-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17B4760F-334B-475D-829F-1A3E94A6A4E6}\setup.exe" -l0x9 -removeonly HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe" -runfromtemp -l0x0409 -removeonly HP Update-->MsiExec.exe /X{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3} HP User Guides 0183-->MsiExec.exe /X{BC146E5F-A2B0-40DB-90E7-2833807E98DF} HP Wireless Assistant-->MsiExec.exe /X{54CC7901-804D-4155-B353-21F0CC9112AB} Installation Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall Internet Download Manager-->C:\Program Files (x86)\Internet Download Manager\Uninstall.exe Java 7 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall LightScribe System Software-->MsiExec.exe /X{10CCF16B-F1C9-4B24-9570-B4CCEE42392D} Magic Desktop-->C:\Windows\system32\ezMDUninstall.exe Malwarebytes Anti-Malware version 1.70.0.1100-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Money-->C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120 Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E} Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710} MKVToolNix 6.1.0-->C:\Program Files (x86)\MKVToolNix\uninst.exe Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Mozilla Firefox 23.0.1 (x86 fr)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" Mp3tag v2.39-->C:\Program Files (x86)\Mp3tag\Mp3tagUninstall.EXE MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} muvee Reveal-->MsiExec.exe /X{43BA31BA-04BD-2EA3-0A60-A9C54E06D3F2} OpenOffice.org 3.4.1-->MsiExec.exe /I{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D} Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall PowerDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall QLBCASL-->MsiExec.exe /I{F1D7AC58-554A-4A58-B784-B61558B1449A} Realtek Ethernet Controller Driver For Windows Vista and Later-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -l0x040c -removeonly Recovery Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe" /z-uninstall Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E7F6B64E-E11F-3D1C-868D-3F1443DA5A15} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {08BB8EA1-3BA7-3AD5-8A07-22A5EC1F704E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {880A0A36-244B-3C7A-8D6B-56E694CE7883} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9D8496AE-4030-3E92-B44E-4F81051E6C85} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended TeamViewer 8-->C:\Program Files (x86)\TeamViewer\Version8\uninstall.exe Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended VLC media player 2.0.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} ======System event log====== Computer Name: mumu-PC Event Code: 4001 Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement. Record Number: 2838 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20130124212307.639063-000 Event Type: Avertissement User: AUTORITE NT\Système Computer Name: mumu-PC Event Code: 7011 Message: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service NIS. Record Number: 2785 Source Name: Service Control Manager Time Written: 20130124211537.257342-000 Event Type: Erreur User: Computer Name: mumu-PC Event Code: 1 Message: Realtek PCIe FE Family Controller is disconnected from network. Record Number: 2675 Source Name: RTL8167 Time Written: 20130124204823.981237-000 Event Type: Avertissement User: Computer Name: mumu-PC Event Code: 4001 Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement. Record Number: 2659 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20130124204743.192567-000 Event Type: Avertissement User: AUTORITE NT\Système Computer Name: mumu-PC Event Code: 7022 Message: Le service Windows Search est en attente de démarrage. Record Number: 2575 Source Name: Service Control Manager Time Written: 20130124203135.678436-000 Event Type: Erreur User: =====Application event log===== Computer Name: mumu-PC Event Code: 1 Message: LMS Service cannot connect to Intel® MEI driver Record Number: 1841 Source Name: LMS Time Written: 20130124214124.000000-000 Event Type: Avertissement User: AUTORITE NT\Système Computer Name: mumu-PC Event Code: 1 Message: LMS Service cannot connect to Intel® MEI driver Record Number: 1803 Source Name: LMS Time Written: 20130124212351.000000-000 Event Type: Avertissement User: AUTORITE NT\Système Computer Name: mumu-PC Event Code: 1530 Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d’autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-2268062451-79193521-1189631196-1000: Process 2924 (\Device\HarddiskVolume2\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe) has opened key \REGISTRY\USER\S-1-5-21-2268062451-79193521-1189631196-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Record Number: 1797 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20130124212306.203860-000 Event Type: Avertissement User: AUTORITE NT\Système Computer Name: mumu-PC Event Code: 1 Message: LMS Service cannot connect to Intel® MEI driver Record Number: 1755 Source Name: LMS Time Written: 20130124204854.000000-000 Event Type: Avertissement User: AUTORITE NT\Système Computer Name: mumu-PC Event Code: 1530 Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d’autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela. DÉTAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-2268062451-79193521-1189631196-1000: Process 552 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2268062451-79193521-1189631196-1000 Process 2940 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-2268062451-79193521-1189631196-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts Record Number: 1749 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20130124204736.453356-000 Event Type: Avertissement User: AUTORITE NT\Système =====Security event log===== Computer Name: mumu-PC Event Code: 4672 Message: Privilèges spéciaux attribués à la nouvelle ouverture de session. Sujet : ID de sécurité : S-1-5-18 Nom du compte : Système Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 Privilèges : SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 558 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130124203617.703957-000 Event Type: Succès de l’audit User: Computer Name: mumu-PC Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : WIN-RTVDV1NADPJ$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Type d’ouverture de session : 5 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : Système Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x234 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Nom de la station de travail : Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : Advapi Package d’authentification : Negotiate Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 557 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130124203617.703957-000 Event Type: Succès de l’audit User: Computer Name: mumu-PC Event Code: 4905 Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : WIN-RTVDV1NADPJ$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Processus : ID du processus : 0xa58 Nom du processus : C:\Windows\System32\VSSVC.exe Source de l’événement : Nom de la source : VSSAudit ID de la source de l’événement : 0x148b70 Record Number: 556 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130124203051.118504-000 Event Type: Succès de l’audit User: Computer Name: mumu-PC Event Code: 4904 Message: Une tentative d’inscription de la source d’un événement de sécurité a été effectuée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : WIN-RTVDV1NADPJ$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Processus : ID du processus : 0xa58 Nom du processus : C:\Windows\System32\VSSVC.exe Source de l’événement : Nom de la source : VSSAudit ID de la source de l’événement : 0x148b70 Record Number: 555 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130124203051.118504-000 Event Type: Succès de l’audit User: Computer Name: mumu-PC Event Code: 1102 Message: Le journal d’audit a été effacé. Objet : ID de sécurité : S-1-5-21-2268062451-79193521-1189631196-1000 Nom de compte : mumu Nom de domaine : mumu-PC ID de connexion : 0xf5f33 Record Number: 554 Source Name: Microsoft-Windows-Eventlog Time Written: 20130124203047.811298-000 Event Type: Succès de l’audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\MKVToolNix "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 2, GenuineIntel "PROCESSOR_REVISION"=2502 "OnlineServices"=Online Services "Platform"=MCD "PCBRAND"=Pavilion "AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\ "asl.log"=Destination=file -----------------EOF----------------- Logfile of random's system information tool 1.09 (written by random/random) Run by mumu at 2013-09-07 18:45:18 Microsoft Windows 7 Édition Familiale Premium Service Pack 1 System drive C: has 183 GB (63%) free of 291 GB Total RAM: 3958 MB (55% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:45:25, on 07/09/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16660) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Internet Download Manager\IDMan.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe C:\Users\mumu\AppData\Local\iLivid\iLivid.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Users\mumu\Downloads\Programs\RSIT.exe C:\Program Files (x86)\trend micro\mumu.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-400&v=n9092-95&t=4 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\x64\maconfservice.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 26312 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job =========Mozilla firefox========= ProfilePath - C:\Users\mumu\AppData\Roaming\Mozilla\Firefox\Profiles\hqi6t6zm.default prefs.js - "browser.startup.homepage" - "https://www.google.fr/" prefs.js - "keyword.URL" - "http://dts.search.ask.com/sr?src=ffb&gct=ds&appid=400&systemid=406&v=n9092-95&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=4669422896034155&o=APN10645&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.8.800.94 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=Module iTunes Detector "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ma-config.com/HardwareDetection] "Description"=Détection matériel Ma-Config.com "Path"=C:\Program Files\ma-config.com\nphardwaredetection.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} C:\Users\mumu\AppData\Roaming\Mozilla\Firefox\Profiles\hqi6t6zm.default\extensions\ {AB53B28D-74A9-BCCD-53E1-DB0B176847CC} C:\Users\mumu\AppData\Roaming\Mozilla\Firefox\Profiles\hqi6t6zm.default\searchplugins\ Ask.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2013-01-09 361280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-23 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-23 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2009-09-02 60464] "QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-24 323640] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744] "HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10 49208] ""= [] "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-07-01 345144] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-10-16 2363392] "IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2013-01-09 3541008] "ccleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2013-08-21 6294808] C:\Users\mumu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OpenOffice.org 3.4.1.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-05-23 52272] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "msacm.siren"=sirenacm.dll "msacm.l3codecp"=l3codecp.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-09-07 18:45:19 ----D---- C:\Program Files (x86)\trend micro 2013-09-07 18:45:18 ----D---- C:\rsit 2013-09-04 20:41:47 ----D---- C:\ProgramData\Datamngr 2013-08-17 12:01:57 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-08-16 00:42:59 ----A---- C:\Windows\SysWOW64\ieui.dll 2013-08-16 00:42:57 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-16 00:42:57 ----A---- C:\Windows\SysWOW64\iesysprep.dll 2013-08-16 00:42:57 ----A---- C:\Windows\SysWOW64\iesetup.dll 2013-08-16 00:42:57 ----A---- C:\Windows\SysWOW64\iertutil.dll 2013-08-16 00:42:57 ----A---- C:\Windows\SysWOW64\iernonce.dll 2013-08-16 00:42:56 ----A---- C:\Windows\SysWOW64\msfeeds.dll 2013-08-16 00:42:55 ----A---- C:\Windows\SysWOW64\jscript.dll 2013-08-16 00:42:54 ----A---- C:\Windows\SysWOW64\jscript9.dll 2013-08-16 00:42:53 ----A---- C:\Windows\SysWOW64\urlmon.dll 2013-08-16 00:42:52 ----A---- C:\Windows\SysWOW64\wininet.dll 2013-08-16 00:42:52 ----A---- C:\Windows\SysWOW64\jsproxy.dll 2013-08-16 00:42:50 ----A---- C:\Windows\SysWOW64\ieframe.dll 2013-08-16 00:42:46 ----A---- C:\Windows\SysWOW64\mshtml.dll 2013-08-15 15:05:44 ----A---- C:\Windows\SysWOW64\wintrust.dll 2013-08-15 15:05:44 ----A---- C:\Windows\SysWOW64\cryptsvc.dll 2013-08-15 15:05:44 ----A---- C:\Windows\SysWOW64\cryptnet.dll 2013-08-15 15:05:44 ----A---- C:\Windows\SysWOW64\crypt32.dll 2013-08-15 15:05:33 ----A---- C:\Windows\SysWOW64\tzres.dll 2013-08-15 15:05:26 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-15 15:05:25 ----A---- C:\Windows\SysWOW64\rpcrt4.dll 2013-08-15 15:05:24 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-15 15:05:22 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-15 15:05:21 ----A---- C:\Windows\SysWOW64\ntvdm64.dll 2013-08-15 15:05:21 ----A---- C:\Windows\SysWOW64\ntdll.dll 2013-08-15 15:05:20 ----A---- C:\Windows\SysWOW64\wow32.dll 2013-08-15 15:05:20 ----A---- C:\Windows\SysWOW64\user.exe 2013-08-15 15:05:20 ----A---- C:\Windows\SysWOW64\setup16.exe 2013-08-15 15:05:20 ----A---- C:\Windows\SysWOW64\instnm.exe ======List of files/folders modified in the last 1 month====== 2013-09-07 18:45:25 ----D---- C:\Windows\Prefetch 2013-09-07 18:45:23 ----D---- C:\Windows\Temp 2013-09-07 18:45:19 ----RD---- C:\Program Files (x86) 2013-09-07 18:02:38 ----D---- C:\Users\mumu\AppData\Roaming\vlc 2013-09-07 16:40:04 ----SHD---- C:\System Volume Information 2013-09-07 15:11:20 ----D---- C:\Windows\inf 2013-09-07 15:11:18 ----D---- C:\Windows 2013-09-07 15:10:58 ----HD---- C:\ProgramData 2013-09-07 15:10:58 ----A---- C:\ProgramData\HPWALog.txt 2013-09-07 15:08:07 ----A---- C:\Windows\SysWOW64\log.txt 2013-09-07 15:07:15 ----D---- C:\Users\mumu\AppData\Roaming\DMCache 2013-09-07 14:05:22 ----D---- C:\Windows\System32 2013-09-07 13:39:41 ----D---- C:\Windows\SoftwareDistribution 2013-08-18 10:10:05 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-18 10:08:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-16 21:31:18 ----D---- C:\Windows\rescache 2013-08-16 11:44:28 ----RSD---- C:\Windows\assembly 2013-08-16 11:44:28 ----D---- C:\Windows\Microsoft.NET 2013-08-16 08:30:44 ----D---- C:\Windows\Panther 2013-08-16 08:30:41 ----D---- C:\Windows\debug 2013-08-16 08:29:15 ----D---- C:\Windows\winsxs 2013-08-16 08:26:54 ----D---- C:\Windows\SysWOW64\fr-FR 2013-08-16 08:26:54 ----D---- C:\Windows\SysWOW64 2013-08-16 08:26:52 ----D---- C:\Program Files (x86)\Internet Explorer 2013-08-16 08:26:48 ----D---- C:\Windows\AppPatch 2013-08-16 00:42:37 ----SHD---- C:\Windows\Installer ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [] R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [] R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [] S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [] S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [] S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [] S3 driverhardwarev2x64;driverhardwarev2x64; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-23 225280] S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [] S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [] S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [] S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [] R2 AntiVirSchedulerService;Avira Planificateur; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-07-01 84024] R2 AntiVirService;Avira Protection temps réel; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-07-01 108088] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-10-01 268824] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-07-06 247152] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920] R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896] R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-18 257416] S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-06-06 250616] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\x64\maconfservice.exe [2012-10-28 427976] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------