help-manformatique
Grand Maître
Voilà, sa va déjà un peu mieux mais c'est pas fini, je te prépare un fix OTL, faut un peu patientez le temps que je lise chaque ligne du rapport
Comment se debarasser d'un fichu virus qui te deconecte d'internet.!?
Tunisiennedu49
Nouveau membre
d'acord
help-manformatique
Grand Maître
Voici la suite,
/!\ Enregistre tout tes fichiers importants sur un périphérique externe /!\
■ Relance OTL.exe.
■ Copie exactement le texte ci-dessous :
[fixed]:OTL
IE - HKLM\..\URLSearchHook: {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
[2010/11/09 22:10:22 | 000,000,000 | ---D | M] (Toolbar Iadah) -- C:\Program Files (x86)\Mozilla Firefox\extensions\toolbar@iadah.com
O2 - BHO: (TranslatorBar 1 Toolbar) - {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O2 - BHO: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O2 - BHO: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O2 - BHO: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O2 - BHO: (Messenger Plus FR Toolbar) - {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O2 - BHO: (Eazel-FR Toolbar) - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O2 - BHO: (TranslatorBar 5 Toolbar) - {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O2 - BHO: (ooVoo Video Chat Toolbar) - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TranslatorBar 1 Toolbar) - {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus FR Toolbar) - {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Eazel-FR Toolbar) - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TranslatorBar 5 Toolbar) - {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (ooVoo Video Chat Toolbar) - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (TranslatorBar 1 Toolbar) - {00BF7B9C-ACD2-4080-BEA8-B1C41987070F} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (PHPNukeFR Toolbar) - {1C491116-C175-45E1-A570-6FB14FEA8B7B} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Shareware.Pro-FR Toolbar) - {280B5D37-4A76-467A-B3D6-942FCA90ACDE} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (mywebsites.pro-FR Toolbar) - {33727F97-486D-4D19-97C3-23F432EF93FC} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Eazel-FR Toolbar) - {A8F9752D-E2B8-4E7A-86B5-499F4330E2FE} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (TranslatorBar 5 Toolbar) - {B9B97401-98E1-4942-930D-C36652DAB7F2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (ooVoo Video Chat Toolbar) - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP
1B5B4F1
:commands
[emptytemp][/fixed]
■Colle-le dans le cadre Personnalisation en bas à gauche.
■ Clique sur le bouton Correction[/#ff] en haut à gauche.
■ Si le pc te demande de redémarrer, confirme l'opération.
■ Un rapport après le redémarrage va apparaître, copie/colle-le dans ta prochaine réponse.
/!\ Enregistre tout tes fichiers importants sur un périphérique externe /!\
Vous devez être connecté pour voir les images.
Fix OTL :[/#ff] ■ Relance OTL.exe.
■ Copie exactement le texte ci-dessous :
[fixed]:OTL
IE - HKLM\..\URLSearchHook: {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
[2010/11/09 22:10:22 | 000,000,000 | ---D | M] (Toolbar Iadah) -- C:\Program Files (x86)\Mozilla Firefox\extensions\toolbar@iadah.com
O2 - BHO: (TranslatorBar 1 Toolbar) - {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O2 - BHO: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O2 - BHO: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O2 - BHO: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O2 - BHO: (Messenger Plus FR Toolbar) - {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O2 - BHO: (Eazel-FR Toolbar) - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O2 - BHO: (TranslatorBar 5 Toolbar) - {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O2 - BHO: (ooVoo Video Chat Toolbar) - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TranslatorBar 1 Toolbar) - {00bf7b9c-acd2-4080-bea8-b1c41987070f} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PHPNukeFR Toolbar) - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Shareware.Pro-FR Toolbar) - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (mywebsites.pro-FR Toolbar) - {33727f97-486d-4d19-97c3-23f432ef93fc} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus FR Toolbar) - {3d4d238c-9c48-47cd-a95c-53259acf9e56} - C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Eazel-FR Toolbar) - {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TranslatorBar 5 Toolbar) - {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (ooVoo Video Chat Toolbar) - {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (TranslatorBar 1 Toolbar) - {00BF7B9C-ACD2-4080-BEA8-B1C41987070F} - C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (PHPNukeFR Toolbar) - {1C491116-C175-45E1-A570-6FB14FEA8B7B} - C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Shareware.Pro-FR Toolbar) - {280B5D37-4A76-467A-B3D6-942FCA90ACDE} - C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (mywebsites.pro-FR Toolbar) - {33727F97-486D-4D19-97C3-23F432EF93FC} - C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (Eazel-FR Toolbar) - {A8F9752D-E2B8-4E7A-86B5-499F4330E2FE} - C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (TranslatorBar 5 Toolbar) - {B9B97401-98E1-4942-930D-C36652DAB7F2} - C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (ooVoo Video Chat Toolbar) - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll (Conduit Ltd.)
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP
1B5B4F1 :commands
[emptytemp][/fixed]
■Colle-le dans le cadre Personnalisation en bas à gauche.
■ Clique sur le bouton Correction[/#ff] en haut à gauche.
■ Si le pc te demande de redémarrer, confirme l'opération.
■ Un rapport après le redémarrage va apparaître, copie/colle-le dans ta prochaine réponse.
Tunisiennedu49
Nouveau membre
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00bf7b9c-acd2-4080-bea8-b1c41987070f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ deleted successfully.
C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{3d4d238c-9c48-47cd-a95c-53259acf9e56} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ deleted successfully.
C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.
C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b9b97401-98e1-4942-930d-c36652dab7f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ deleted successfully.
C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00bf7b9c-acd2-4080-bea8-b1c41987070f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{b9b97401-98e1-4942-930d-c36652dab7f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
C:\Program Files (x86)\Mozilla Firefox\extensions\toolbar@iadah.com\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\toolbar@iadah.com folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ deleted successfully.
C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{280b5d37-4a76-467a-b3d6-942fca90acde}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280b5d37-4a76-467a-b3d6-942fca90acde}\ deleted successfully.
C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33727f97-486d-4d19-97c3-23f432ef93fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33727f97-486d-4d19-97c3-23f432ef93fc}\ deleted successfully.
C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ not found.
File C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ deleted successfully.
C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\ deleted successfully.
C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b9b97401-98e1-4942-930d-c36652dab7f2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}\ deleted successfully.
C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{00bf7b9c-acd2-4080-bea8-b1c41987070f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ not found.
File C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{280b5d37-4a76-467a-b3d6-942fca90acde} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280b5d37-4a76-467a-b3d6-942fca90acde}\ not found.
File FR\tbSha1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{33727f97-486d-4d19-97c3-23f432ef93fc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33727f97-486d-4d19-97c3-23f432ef93fc}\ not found.
File FR\tbmyw0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3d4d238c-9c48-47cd-a95c-53259acf9e56} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ not found.
File C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ not found.
File Eng7\tbSof1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ deleted successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\ not found.
File FR\prxtbEaze.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{b9b97401-98e1-4942-930d-c36652dab7f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ deleted successfully.
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}\ not found.
File C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00BF7B9C-ACD2-4080-BEA8-B1C41987070F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00BF7B9C-ACD2-4080-BEA8-B1C41987070F}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1C491116-C175-45E1-A570-6FB14FEA8B7B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C491116-C175-45E1-A570-6FB14FEA8B7B}\ not found.
File C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{280B5D37-4A76-467A-B3D6-942FCA90ACDE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280B5D37-4A76-467A-B3D6-942FCA90ACDE}\ not found.
File FR\tbSha1.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{33727F97-486D-4D19-97C3-23F432EF93FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33727F97-486D-4D19-97C3-23F432EF93FC}\ not found.
File FR\tbmyw0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{59994074-C06D-4A75-9768-49E5A8C21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-C06D-4A75-9768-49E5A8C21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
File C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A8F9752D-E2B8-4E7A-86B5-499F4330E2FE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8F9752D-E2B8-4E7A-86B5-499F4330E2FE}\ not found.
File FR\prxtbEaze.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B9B97401-98E1-4942-930D-C36652DAB7F2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9B97401-98E1-4942-930D-C36652DAB7F2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E5A1E26F-0D1D-4307-868F-FBD9A374AB54} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5A1E26F-0D1D-4307-868F-FBD9A374AB54}\ not found.
File C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll not found.
ADS C:\ProgramData\TEMP1B5B4F1 deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: AppData
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: gwenaelle
->Temp folder emptied: 1995894 bytes
->Temporary Internet Files folder emptied: 16612410 bytes
->Apple Safari cache emptied: 43438080 bytes
->Flash cache emptied: 19317 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 551424 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6043 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2284964 bytes
Total Files Cleaned = 62,00 mb
OTL by OldTimer - Version 3.2.24.2 log created on 06292011_230104
Files\Folders moved on Reboot...
C:\Users\gwenaelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12GR5GWY\background-banner-middle-v3[1].jpg moved successfully.
C:\Users\gwenaelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12GR5GWY\background-banner-right-v3[1].jpg moved successfully.
C:\Users\gwenaelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12GR5GWY\background_banner_green_50_v3[1].jpg moved successfully.
File\Folder C:\Windows\temp\_avast_\Webshlock.txt not found!
Registry entries deleted on Reboot...
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00bf7b9c-acd2-4080-bea8-b1c41987070f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ deleted successfully.
C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{3d4d238c-9c48-47cd-a95c-53259acf9e56} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ deleted successfully.
C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.
C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b9b97401-98e1-4942-930d-c36652dab7f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ deleted successfully.
C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00bf7b9c-acd2-4080-bea8-b1c41987070f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{b9b97401-98e1-4942-930d-c36652dab7f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
C:\Program Files (x86)\Mozilla Firefox\extensions\toolbar@iadah.com\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\toolbar@iadah.com folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ deleted successfully.
C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{280b5d37-4a76-467a-b3d6-942fca90acde}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280b5d37-4a76-467a-b3d6-942fca90acde}\ deleted successfully.
C:\Program Files (x86)\Shareware.Pro-FR\tbSha1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33727f97-486d-4d19-97c3-23f432ef93fc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33727f97-486d-4d19-97c3-23f432ef93fc}\ deleted successfully.
C:\Program Files (x86)\mywebsites.pro-FR\tbmyw0.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ not found.
File C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ deleted successfully.
C:\Program Files (x86)\Softonic-Eng7\tbSof1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\ deleted successfully.
C:\Program Files (x86)\Eazel-FR\prxtbEaze.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b9b97401-98e1-4942-930d-c36652dab7f2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}\ deleted successfully.
C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{00bf7b9c-acd2-4080-bea8-b1c41987070f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00bf7b9c-acd2-4080-bea8-b1c41987070f}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1c491116-c175-45e1-a570-6fb14fea8b7b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c491116-c175-45e1-a570-6fb14fea8b7b}\ not found.
File C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{280b5d37-4a76-467a-b3d6-942fca90acde} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280b5d37-4a76-467a-b3d6-942fca90acde}\ not found.
File FR\tbSha1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{33727f97-486d-4d19-97c3-23f432ef93fc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33727f97-486d-4d19-97c3-23f432ef93fc}\ not found.
File FR\tbmyw0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3d4d238c-9c48-47cd-a95c-53259acf9e56} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d4d238c-9c48-47cd-a95c-53259acf9e56}\ not found.
File C:\Program Files (x86)\Messenger_Plus_FR\prxtbMess.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ not found.
File Eng7\tbSof1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ deleted successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}\ not found.
File FR\prxtbEaze.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{b9b97401-98e1-4942-930d-c36652dab7f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9b97401-98e1-4942-930d-c36652dab7f2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ deleted successfully.
C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}\ not found.
File C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00BF7B9C-ACD2-4080-BEA8-B1C41987070F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00BF7B9C-ACD2-4080-BEA8-B1C41987070F}\ not found.
File C:\Program Files (x86)\TranslatorBar_1\tbTra0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1C491116-C175-45E1-A570-6FB14FEA8B7B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C491116-C175-45E1-A570-6FB14FEA8B7B}\ not found.
File C:\Program Files (x86)\PHPNukeFR\tbPHP1.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{280B5D37-4A76-467A-B3D6-942FCA90ACDE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{280B5D37-4A76-467A-B3D6-942FCA90ACDE}\ not found.
File FR\tbSha1.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{33727F97-486D-4D19-97C3-23F432EF93FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33727F97-486D-4D19-97C3-23F432EF93FC}\ not found.
File FR\tbmyw0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{59994074-C06D-4A75-9768-49E5A8C21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-C06D-4A75-9768-49E5A8C21264}\ not found.
File C:\Program Files (x86)\Messenger_Plus_Live_France\prxtbMes2.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
File C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\CoIEPlg.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A8F9752D-E2B8-4E7A-86B5-499F4330E2FE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8F9752D-E2B8-4E7A-86B5-499F4330E2FE}\ not found.
File FR\prxtbEaze.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B9B97401-98E1-4942-930D-C36652DAB7F2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9B97401-98E1-4942-930D-C36652DAB7F2}\ not found.
File C:\Program Files (x86)\TranslatorBar_5\tbTra0.dll not found.
Registry value HKEY_USERS\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E5A1E26F-0D1D-4307-868F-FBD9A374AB54} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5A1E26F-0D1D-4307-868F-FBD9A374AB54}\ not found.
File C:\Program Files (x86)\ooVoo_Video_Chat\prxtbooVo.dll not found.
ADS C:\ProgramData\TEMP
1B5B4F1 deleted successfully.========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: AppData
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: gwenaelle
->Temp folder emptied: 1995894 bytes
->Temporary Internet Files folder emptied: 16612410 bytes
->Apple Safari cache emptied: 43438080 bytes
->Flash cache emptied: 19317 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 551424 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6043 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2284964 bytes
Total Files Cleaned = 62,00 mb
OTL by OldTimer - Version 3.2.24.2 log created on 06292011_230104
Files\Folders moved on Reboot...
C:\Users\gwenaelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12GR5GWY\background-banner-middle-v3[1].jpg moved successfully.
C:\Users\gwenaelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12GR5GWY\background-banner-right-v3[1].jpg moved successfully.
C:\Users\gwenaelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12GR5GWY\background_banner_green_50_v3[1].jpg moved successfully.
File\Folder C:\Windows\temp\_avast_\Webshlock.txt not found!
Registry entries deleted on Reboot...
help-manformatique
Grand Maître
1)
C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu
tu as aussi directement l'executable là :
o execute le , La fenêtre suivante va s'ouvrir::
o Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
o Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:
o Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.
o Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
o Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
o Si Suspicious file est indiqué, laisse l'option cochée sur Skip
o Clique sur Continue puis sur Reboot now pour redémarrer le PC.
o Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).
tutoriel-->
Vous devez être connecté pour voir les images.
TDSS Killer[/#ff]
Vous devez être connecté pour voir les images.
telecharge sur ton bureau
Vous devez être connecté pour voir les liens.
, dezippe le et execute le , un rapport sera crée ici: C:\TDSSKillerVersion_Date_Time_log.txt.<< copie_colle son contenu
tu as aussi directement l'executable là :
Vous devez être connecté pour voir les liens.
o execute le , La fenêtre suivante va s'ouvrir::
Vous devez être connecté pour voir les images.
o Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
o Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:
Vous devez être connecté pour voir les images.
o Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.
o Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
o Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
o Si Suspicious file est indiqué, laisse l'option cochée sur Skip
o Clique sur Continue puis sur Reboot now pour redémarrer le PC.
o Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom C:\TDSSKiller_Quarantine\JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS heure de passage).
tutoriel-->
Vous devez être connecté pour voir les liens.
help-manformatique
Grand Maître
C'est bon, Fait un dernier OTL pour voir si tu es encore infecté
Tunisiennedu49
Nouveau membre
Dèsolè de te dire sa mes sa me deconecte toujour tout seul.! HELP
Tunisiennedu49
Nouveau membre
OTL logfile created on: 01/07/2011 17:46:16 - Run 4
OTL by OldTimer - Version 3.2.24.2 Folder = C:\Users\gwenaelle\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 42,48% Memory free
6,20 Gb Paging File | 4,14 Gb Available in Paging File | 66,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283,44 Gb Total Space | 205,95 Gb Free Space | 72,66% Space Free | Partition Type: NTFS
Computer Name: PC-DE-GWENAELLE | User Name: gwenaelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/29 18:33:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exe
PRC - [2011/01/25 09:07:44 | 022,504,120 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe
PRC - [2010/12/09 11:52:54 | 000,684,032 | ---- | M] () -- C:\Program Files (x86)\cspep\cspep.exe
PRC - [2010/11/17 09:51:12 | 000,128,296 | ---- | M] () -- C:\Program Files (x86)\Hercules\WiFiStationN\WiFiN.exe
PRC - [2010/11/17 09:51:12 | 000,053,544 | ---- | M] (Guillemot Corporation) -- C:\Windows\SysWOW64\HerculesWiFiService.exe
PRC - [2010/08/05 09:46:02 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010/08/05 09:46:02 | 000,104,408 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2010/06/30 17:49:34 | 000,207,968 | ---- | M] (Globe7 HK Ltd) -- C:\Program Files (x86)\adobs\msats.exe
PRC - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
PRC - [2009/06/26 18:24:16 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2008/09/18 11:13:00 | 000,099,896 | ---- | M] (Packard Bell BV) -- C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\AOSD.exe
PRC - [2008/09/18 11:13:00 | 000,079,416 | ---- | M] (Packard Bell BV) -- C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe
PRC - [2008/07/07 17:26:28 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
PRC - [2008/05/29 10:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) -- C:\Windows\SysWOW64\HidService.exe
PRC - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
========== Modules (SafeList) ==========
MOD - [2011/06/29 18:33:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/11/17 09:51:12 | 000,053,544 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\\HerculesWiFiService.exe -- (HerculesWiFi)
SRV - [2010/08/05 09:46:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/06/30 17:49:34 | 000,207,968 | ---- | M] (Globe7 HK Ltd) [Auto | Running] -- C:\Program Files (x86)\adobs\msats.exe -- (Log Events)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/03/30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/04 21:35:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/05/29 10:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) [Auto | Running] -- C:\Windows\SysWow64\HidService.exe -- (GenericHidService)
SRV - [2008/02/03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
========== Driver Services (SafeList) ==========
DRV - [2010/02/11 21:35:50 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/01/25 07:41:46 | 000,466,992 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSviA64.sys -- (IDSVia64)
DRV - [2008/07/16 13:56:06 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {33727f97-486d-4d19-97c3-23f432ef93fc} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {33727f97-486d-4d19-97c3-23f432ef93fc} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/07/09 14:33:16 | 000,000,000 | ---D | M]
[2011/06/29 23:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/11 13:43:57 | 000,000,000 | ---D | M] (SC) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{D1F30069-9E00-468c-8CB6-3FB6C4ECE8C6}
[2011/06/29 21:47:53 | 000,002,428 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2010/03/31 13:19:50 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchAdj.xml
O1 HOSTS File: ([2006/09/18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D8764B3486C} - No CLSID value found.
O2 - BHO: (Surf Canyon Search Engine Assistant) - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - File not found
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [WebcammaxMoniter] C:\Program Files (x86)\WebcamMax\wcmmon.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [ccleaner] File not found
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files (x86)\cspep\cspep.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501}
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653}
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24}
O16 - DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14}
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916}
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E}
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\SysWOW64\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4091ab22-7d9c-11de-8a8c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4091ab22-7d9c-11de-8a8c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/29 23:01:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/29 21:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar
[2011/06/29 20:24:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Remover
[2011/06/29 20:00:43 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Malwarebytes
[2011/06/29 20:00:28 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/29 20:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/29 20:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/29 20:00:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/29 18:32:42 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
[2011/06/28 21:06:41 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\vlc
[2011/06/23 01:54:33 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Adobe
[2011/06/20 12:07:15 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Apple
[2011/06/17 02:12:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/17 02:12:40 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/17 02:12:39 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/06/17 02:12:39 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/15 20:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2011/06/15 20:22:19 | 000,000,000 | ---D | C] -- C:\rsit
[2011/06/15 17:49:40 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Macromedia
[2011/06/15 17:43:40 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Apple Computer
[2011/06/15 17:42:24 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Adobe
[2011/06/15 17:37:59 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\Tracing
[2011/06/15 17:36:20 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Packard Bell
[2011/06/15 17:36:15 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\WebcamMax
[2011/06/15 17:36:11 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\VirtualStore
[2011/06/14 22:24:12 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Temp
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Windows Live Writer
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Windows Live Writer
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\Documents\My Weblog Posts
[2011/06/14 21:03:39 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\TuneUp Software
[2011/06/14 21:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011/06/14 21:02:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/06/11 22:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2011/06/04 20:57:03 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2011/06/04 20:57:01 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2011/06/04 20:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/06/04 20:53:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/06/04 20:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011/06/02 20:54:18 | 001,414,440 | ---- | C] (Nero AG) -- C:\Windows\SysWow64\ShellManager310E2D762.dll
[2010/09/12 19:36:17 | 002,736,736 | ---- | C] (Conduit Ltd.) -- C:\Program Files (x86)\tbSoft.dll
========== Files - Modified Within 30 Days ==========
[2011/07/01 17:27:04 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/01 17:27:04 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/01 16:59:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/01 16:59:52 | 3220,414,464 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/29 20:24:32 | 000,001,692 | ---- | M] () -- C:\Users\gwenaelle\Desktop\AD-R.lnk
[2011/06/29 20:00:29 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/29 19:00:36 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2011/06/29 18:33:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
[2011/06/29 11:28:05 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/06/23 02:00:47 | 000,000,104 | ---- | M] () -- C:\Users\gwenaelle\Desktop\Corbeille.lnk
[2011/06/15 20:06:31 | 000,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2011/06/15 19:05:22 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/15 19:05:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/06/15 17:43:53 | 000,000,680 | ---- | M] () -- C:\Users\gwenaelle\AppData\Local\d3d9caps.dat
[2011/06/09 13:15:08 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2011/06/02 20:23:31 | 000,000,236 | ---- | M] () -- C:\Windows\wininit.ini
[2011/06/02 20:03:59 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
========== Files Created - No Company Name ==========
[2011/06/29 20:24:32 | 000,001,692 | ---- | C] () -- C:\Users\gwenaelle\Desktop\AD-R.lnk
[2011/06/29 20:00:29 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/23 02:00:47 | 000,000,104 | ---- | C] () -- C:\Users\gwenaelle\Desktop\Corbeille.lnk
[2011/06/15 17:43:52 | 000,000,680 | ---- | C] () -- C:\Users\gwenaelle\AppData\Local\d3d9caps.dat
[2011/06/02 20:54:18 | 000,773,120 | ---- | C] () -- C:\Windows\SysWow64\NEROINSTAEC43759.DB
[2010/12/26 14:44:34 | 000,099,944 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/11/01 16:45:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/10/03 20:19:54 | 000,000,949 | ---- | C] () -- C:\ProgramData\Turn Off Monitor.ini
[2010/09/12 19:36:16 | 000,153,088 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE
[2010/08/01 20:20:36 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2010/07/12 12:36:41 | 001,053,056 | ---- | C] () -- C:\Windows\SysWow64\drivers\CAMTHWDM.sys
[2010/04/19 22:10:59 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/02/15 14:45:07 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/02/15 14:44:33 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010/02/15 14:44:00 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010/02/14 19:13:34 | 000,000,840 | ---- | C] () -- C:\Windows\_delis32.ini
[2010/02/07 15:01:00 | 000,000,236 | ---- | C] () -- C:\Windows\wininit.ini
[2010/02/07 15:00:10 | 000,000,102 | ---- | C] () -- C:\Windows\Kit.ini
[2010/02/06 10:59:56 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/01/25 12:55:45 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/01/25 12:55:38 | 000,008,468 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009/07/31 08:48:28 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/06/26 18:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2009/02/04 21:33:43 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/02/04 21:26:28 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\hidservice.ini
[2009/02/04 20:31:55 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\SysWow64\indounin.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\Iyvu9_32.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP1B5B4F1
< End of report >
OTL by OldTimer - Version 3.2.24.2 Folder = C:\Users\gwenaelle\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3,00 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 42,48% Memory free
6,20 Gb Paging File | 4,14 Gb Available in Paging File | 66,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283,44 Gb Total Space | 205,95 Gb Free Space | 72,66% Space Free | Partition Type: NTFS
Computer Name: PC-DE-GWENAELLE | User Name: gwenaelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/29 18:33:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exe
PRC - [2011/01/25 09:07:44 | 022,504,120 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\ooVoo\ooVoo.exe
PRC - [2010/12/09 11:52:54 | 000,684,032 | ---- | M] () -- C:\Program Files (x86)\cspep\cspep.exe
PRC - [2010/11/17 09:51:12 | 000,128,296 | ---- | M] () -- C:\Program Files (x86)\Hercules\WiFiStationN\WiFiN.exe
PRC - [2010/11/17 09:51:12 | 000,053,544 | ---- | M] (Guillemot Corporation) -- C:\Windows\SysWOW64\HerculesWiFiService.exe
PRC - [2010/08/05 09:46:02 | 000,583,640 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010/08/05 09:46:02 | 000,104,408 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2010/06/30 17:49:34 | 000,207,968 | ---- | M] (Globe7 HK Ltd) -- C:\Program Files (x86)\adobs\msats.exe
PRC - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
PRC - [2009/06/26 18:24:16 | 000,757,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2008/09/18 11:13:00 | 000,099,896 | ---- | M] (Packard Bell BV) -- C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\AOSD.exe
PRC - [2008/09/18 11:13:00 | 000,079,416 | ---- | M] (Packard Bell BV) -- C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe
PRC - [2008/07/07 17:26:28 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
PRC - [2008/05/29 10:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) -- C:\Windows\SysWOW64\HidService.exe
PRC - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
========== Modules (SafeList) ==========
MOD - [2011/06/29 18:33:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/11/17 09:51:12 | 000,053,544 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\\HerculesWiFiService.exe -- (HerculesWiFi)
SRV - [2010/08/05 09:46:02 | 000,583,640 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/06/30 17:49:34 | 000,207,968 | ---- | M] (Globe7 HK Ltd) [Auto | Running] -- C:\Program Files (x86)\adobs\msats.exe -- (Log Events)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/20 23:03:39 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/03/30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/04 21:35:07 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/05/29 10:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) [Auto | Running] -- C:\Windows\SysWow64\HidService.exe -- (GenericHidService)
SRV - [2008/02/03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2007/09/11 01:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
========== Driver Services (SafeList) ==========
DRV - [2010/02/11 21:35:50 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/01/25 07:41:46 | 000,466,992 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSviA64.sys -- (IDSVia64)
DRV - [2008/07/16 13:56:06 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar =
Vous devez être connecté pour voir les liens.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
Vous devez être connecté pour voir les liens.
IE - HKLM\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {33727f97-486d-4d19-97c3-23f432ef93fc} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {e5a1e26f-0d1d-4307-868f-fbd9a374ab54} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
Vous devez être connecté pour voir les liens.
[binary data]IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
Vous devez être connecté pour voir les liens.
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {1c491116-c175-45e1-a570-6fb14fea8b7b} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {280b5d37-4a76-467a-b3d6-942fca90acde} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {33727f97-486d-4d19-97c3-23f432ef93fc} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\URLSearchHook: {a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/07/09 14:33:16 | 000,000,000 | ---D | M]
[2011/06/29 23:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/11 13:43:57 | 000,000,000 | ---D | M] (SC) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{D1F30069-9E00-468c-8CB6-3FB6C4ECE8C6}
[2011/06/29 21:47:53 | 000,002,428 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2010/03/31 13:19:50 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchAdj.xml
O1 HOSTS File: ([2006/09/18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (no name) - {465E08E7-F005-4389-980F-1D8764B3486C} - No CLSID value found.
O2 - BHO: (Surf Canyon Search Engine Assistant) - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files (x86)\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - File not found
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [WebcammaxMoniter] C:\Program Files (x86)\WebcamMax\wcmmon.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [ccleaner] File not found
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKLM..\RunOnce: [cspep.exe] C:\Program Files (x86)\cspep\cspep.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-4269174885-4148238706-1823860427-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501}
Vous devez être connecté pour voir les liens.
(Checkers Class)O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653}
Vous devez être connecté pour voir les liens.
()O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24}
Vous devez être connecté pour voir les liens.
(UnoCtrl Class)O16 - DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14}
Vous devez être connecté pour voir les liens.
(ooVooWebCtrl Class)O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
Vous devez être connecté pour voir les liens.
(Facebook Photo Uploader 5 Control)O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916}
Vous devez être connecté pour voir les liens.
(FTMediaPlayer Class)O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
Vous devez être connecté pour voir les liens.
(MessengerStatsClient Class)O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E}
Vous devez être connecté pour voir les liens.
(Reg Error: Key error.)O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Vous devez être connecté pour voir les liens.
(Reg Error: Key error.)O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
Vous devez être connecté pour voir les liens.
(Minesweeper Flags Class)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\SysWOW64\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4091ab22-7d9c-11de-8a8c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4091ab22-7d9c-11de-8a8c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/29 23:01:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/29 21:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar
[2011/06/29 20:24:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Remover
[2011/06/29 20:00:43 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Malwarebytes
[2011/06/29 20:00:28 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/29 20:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/29 20:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/29 20:00:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/29 18:32:42 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
[2011/06/28 21:06:41 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\vlc
[2011/06/23 01:54:33 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Adobe
[2011/06/20 12:07:15 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Apple
[2011/06/17 02:12:40 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/17 02:12:40 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/17 02:12:39 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/06/17 02:12:39 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/15 20:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2011/06/15 20:22:19 | 000,000,000 | ---D | C] -- C:\rsit
[2011/06/15 17:49:40 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Macromedia
[2011/06/15 17:43:40 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Apple Computer
[2011/06/15 17:42:24 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Adobe
[2011/06/15 17:37:59 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\Tracing
[2011/06/15 17:36:20 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Packard Bell
[2011/06/15 17:36:15 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\WebcamMax
[2011/06/15 17:36:11 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\VirtualStore
[2011/06/14 22:24:12 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Temp
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\Windows Live Writer
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Local\Windows Live Writer
[2011/06/14 22:24:05 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\Documents\My Weblog Posts
[2011/06/14 21:03:39 | 000,000,000 | ---D | C] -- C:\Users\gwenaelle\AppData\Roaming\TuneUp Software
[2011/06/14 21:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011/06/14 21:02:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/06/11 22:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2011/06/04 20:57:03 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2011/06/04 20:57:01 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2011/06/04 20:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2011/06/04 20:53:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/06/04 20:53:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011/06/02 20:54:18 | 001,414,440 | ---- | C] (Nero AG) -- C:\Windows\SysWow64\ShellManager310E2D762.dll
[2010/09/12 19:36:17 | 002,736,736 | ---- | C] (Conduit Ltd.) -- C:\Program Files (x86)\tbSoft.dll
========== Files - Modified Within 30 Days ==========
[2011/07/01 17:27:04 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/01 17:27:04 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/01 16:59:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/01 16:59:52 | 3220,414,464 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/29 20:24:32 | 000,001,692 | ---- | M] () -- C:\Users\gwenaelle\Desktop\AD-R.lnk
[2011/06/29 20:00:29 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/29 19:00:36 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2011/06/29 18:33:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\gwenaelle\Desktop\OTL.exe
[2011/06/29 11:28:05 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/06/23 02:00:47 | 000,000,104 | ---- | M] () -- C:\Users\gwenaelle\Desktop\Corbeille.lnk
[2011/06/15 20:06:31 | 000,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2011/06/15 19:05:22 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/15 19:05:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/06/15 17:43:53 | 000,000,680 | ---- | M] () -- C:\Users\gwenaelle\AppData\Local\d3d9caps.dat
[2011/06/09 13:15:08 | 000,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2011/06/02 20:23:31 | 000,000,236 | ---- | M] () -- C:\Windows\wininit.ini
[2011/06/02 20:03:59 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
========== Files Created - No Company Name ==========
[2011/06/29 20:24:32 | 000,001,692 | ---- | C] () -- C:\Users\gwenaelle\Desktop\AD-R.lnk
[2011/06/29 20:00:29 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/23 02:00:47 | 000,000,104 | ---- | C] () -- C:\Users\gwenaelle\Desktop\Corbeille.lnk
[2011/06/15 17:43:52 | 000,000,680 | ---- | C] () -- C:\Users\gwenaelle\AppData\Local\d3d9caps.dat
[2011/06/02 20:54:18 | 000,773,120 | ---- | C] () -- C:\Windows\SysWow64\NEROINSTAEC43759.DB
[2010/12/26 14:44:34 | 000,099,944 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/11/01 16:45:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/10/03 20:19:54 | 000,000,949 | ---- | C] () -- C:\ProgramData\Turn Off Monitor.ini
[2010/09/12 19:36:16 | 000,153,088 | ---- | C] () -- C:\Program Files (x86)\UNWISE.EXE
[2010/08/01 20:20:36 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2010/07/12 12:36:41 | 001,053,056 | ---- | C] () -- C:\Windows\SysWow64\drivers\CAMTHWDM.sys
[2010/04/19 22:10:59 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/02/15 14:45:07 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/02/15 14:44:33 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010/02/15 14:44:00 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010/02/14 19:13:34 | 000,000,840 | ---- | C] () -- C:\Windows\_delis32.ini
[2010/02/07 15:01:00 | 000,000,236 | ---- | C] () -- C:\Windows\wininit.ini
[2010/02/07 15:00:10 | 000,000,102 | ---- | C] () -- C:\Windows\Kit.ini
[2010/02/06 10:59:56 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/01/25 12:55:45 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/01/25 12:55:38 | 000,008,468 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009/07/31 08:48:28 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009/06/26 18:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2009/02/04 21:33:43 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/02/04 21:26:28 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\hidservice.ini
[2009/02/04 20:31:55 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/01/21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[1999/01/27 14:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\SysWow64\indounin.dll
[1997/06/13 08:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\Iyvu9_32.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP
1B5B4F1< End of report >
Dernières actus
-
Test de l’Asus Vivobook S15 : l’IA à portée de main, avec quelques compromis
20/09/2024 15:58
-
Soldes de septembre : des licences Windows et Office avec des remises jusqu’à -91% chez VIP-URcdkey
20/09/2024 08:00
-
Meilleur casque audio sans-fil : quel modèle Bluetooth choisir en 2024 ?
19/09/2024 12:10
-
Contrôle parental obligatoire sur les appareils connectés: pourquoi ces systèmes ne sont pas fiables
17/09/2024 16:49
-
Meilleure souris Logitech : quel modèle acheter en 2024 ?
17/09/2024 16:29
-
Meilleurs claviers Corsair : quel modèle choisir en 2024 ?
16/09/2024 13:24
Derniers messages publiés
-
-
-
-
Problème de démarrage sur un SSD M.2 NVMe sur nouveau montage PC
- Dernier : Guillaume Galletti
-
Statistiques globales
- Discussions
- 730 336
- Membres
- 1 586 838
- Dernier membre
- Guillaume Galletti
Partager cette page