Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Dewsperately need any help with redirecting or disappearing.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Dewsperately need any help with redirecting or disappear

Unread postby askey127 » November 8th, 2010, 8:18 am

Frederick,
I would suggest changing your browser page away from sympatico.
It has some web pages that are blocked by protection software due to spyware/adware content.
----------------------------------------------
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    SRV - [2010-01-15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    FF - prefs.js..keyword.URL: "http://ca.search.yahoo.com/search?fr=mcafee&p="
    [2008-09-03 19:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
    O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\DNA\btdna.exe" =-
    "C:\Program Files\BitTorrent\bittorrent.exe" =-
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" =-
    "{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" =- Microsoft Antimalware
    "McAfee Security Scan" =-
    
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "BitTorrent" =-
    "BitTorrent DNA" =-
    
    :Files
    C:\WINDOWS\System32\drivers\hitmanpro35.sys
    C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
    C:\Program Files\Safer Networking
    C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
    C:\Program Files\McAfee Security Scan
    C:\Documents and Settings\Propriétaire\Bureau\zbotkiller
    C:\Documents and Settings\Propriétaire\Bureau\salitykiller
    C:\Documents and Settings\Propriétaire\Mes documents\Ad-AwareInstall.exe
    C:\Documents and Settings\Propriétaire\Application Data\AVG10
    C:\Documents and Settings\All Users\Application Data\AVG10
    C:\Program Files\Hitman Pro 3.5
    C:\Documents and Settings\All Users\Application Data\Hitman Pro
    C:\Program Files\ewido anti-malware
    C:\Program Files\Microsoft Security Essentials
    C:\Program Files\AA Antimalware
    C:\Documents and Settings\Propriétaire\Mes documents\AdwareAway.exe
    C:\Documents and Settings\All Users\Bureau\McAfee Security Scan Plus.lnk
    C:\Documents and Settings\All Users\Bureau\Hitman Pro 3.5.lnk
    C:\Documents and Settings\Propriétaire\Mes documents\AdwareAway.exe
    
    :Commands
    [EMPTYTEMP]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Re: Dewsperately need any help with redirecting or disappear

Unread postby Frederick » November 8th, 2010, 8:42 am

Good MooooOOOOooorning,
I did this and when the computer opened up again, there was a message do I want to run this program (OTL?) ?.
I did and this report came out:

All processes killed
========== PROCESSES ==========
========== OTL ==========
Service McComponentHostService stopped successfully!
Service McComponentHostService deleted successfully!
C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "http://ca.search.yahoo.com/search?fr=mcafee&p=" removed from keyword.URL
C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk moved successfully.
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\DNA\btdna.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BitTorrent\bittorrent.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{b2ec4a38-b545-4a00-8214-13fe0e915e6d} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" |- Microsoft Antimalware /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\McAfee Security Scan not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\BitTorrent not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\BitTorrent DNA not found.
========== FILES ==========
C:\WINDOWS\System32\drivers\hitmanpro35.sys moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\Program Files\Safer Networking\FileAlyzer\Languages folder moved successfully.
C:\Program Files\Safer Networking\FileAlyzer\Help folder moved successfully.
C:\Program Files\Safer Networking\FileAlyzer folder moved successfully.
C:\Program Files\Safer Networking folder moved successfully.
C:\Documents and Settings\All Users\Application Data\McAfee Security Scan folder moved successfully.
C:\Program Files\McAfee Security Scan\2.0.181\sacoredata folder moved successfully.
C:\Program Files\McAfee Security Scan\2.0.181 folder moved successfully.
C:\Program Files\McAfee Security Scan folder moved successfully.
C:\Documents and Settings\Propriétaire\Bureau\zbotkiller folder moved successfully.
C:\Documents and Settings\Propriétaire\Bureau\salitykiller folder moved successfully.
C:\Documents and Settings\Propriétaire\Mes documents\Ad-AwareInstall.exe moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\AVG10\cfgall folder moved successfully.
C:\Documents and Settings\Propriétaire\Application Data\AVG10 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10\scanlogs folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10\log folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10\Chjw\2c74049a74046942 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10\Chjw folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10\cfgall folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10\Cfg folder moved successfully.
C:\Documents and Settings\All Users\Application Data\AVG10 folder moved successfully.
C:\Program Files\Hitman Pro 3.5 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Hitman Pro\Quarantine folder moved successfully.
C:\Documents and Settings\All Users\Application Data\Hitman Pro folder moved successfully.
C:\Program Files\ewido anti-malware\Signatures folder moved successfully.
C:\Program Files\ewido anti-malware\Reports folder moved successfully.
C:\Program Files\ewido anti-malware\Quarantine folder moved successfully.
C:\Program Files\ewido anti-malware\Modules folder moved successfully.
C:\Program Files\ewido anti-malware folder moved successfully.
C:\Program Files\Microsoft Security Essentials\fr-fr folder moved successfully.
C:\Program Files\Microsoft Security Essentials\en-us folder moved successfully.
C:\Program Files\Microsoft Security Essentials\Drivers\mpnwmon folder moved successfully.
C:\Program Files\Microsoft Security Essentials\Drivers\mpfilter folder moved successfully.
C:\Program Files\Microsoft Security Essentials\Drivers folder moved successfully.
C:\Program Files\Microsoft Security Essentials\Backup\en-us folder moved successfully.
C:\Program Files\Microsoft Security Essentials\Backup folder moved successfully.
C:\Program Files\Microsoft Security Essentials folder moved successfully.
C:\Program Files\AA Antimalware\en-US folder moved successfully.
C:\Program Files\AA Antimalware folder moved successfully.
C:\Documents and Settings\Propriétaire\Mes documents\AdwareAway.exe moved successfully.
C:\Documents and Settings\All Users\Bureau\McAfee Security Scan Plus.lnk moved successfully.
C:\Documents and Settings\All Users\Bureau\Hitman Pro 3.5.lnk moved successfully.
File\Folder C:\Documents and Settings\Propriétaire\Mes documents\AdwareAway.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 2658 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Propriétaire
->Temp folder emptied: 180222 bytes
->Temporary Internet Files folder emptied: 32661193 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2965 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34892 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 31,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11082010_073318

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF671B.tmp not found!
File\Folder C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF6735.tmp not found!
File\Folder C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF67ED.tmp not found!
File\Folder C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF6807.tmp not found!
File\Folder C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF6855.tmp not found!
File\Folder C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF686F.tmp not found!
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\ZPS72Y5T\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully.

Registry entries deleted on Reboot...


I will now do a quick scan and post the log. OF COURSE I THANK YOU !
Last edited by Frederick on November 8th, 2010, 9:00 am, edited 1 time in total.
Frederick
Regular Member
 
Posts: 30
Joined: November 3rd, 2010, 9:33 pm

Re: Dewsperately need any help with redirecting or disappear

Unread postby Frederick » November 8th, 2010, 8:59 am

Here is the quick scan log:


OTL logfile created on: 2010-11-08 07:42:38 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Propriétaire\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 400,53 Gb Free Space | 86,00% Space Free | Partition Type: NTFS

Computer Name: FREDERICK | User Name: Propriétaire | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010-11-07 13:32:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe
PRC - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-08-02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010-08-02 16:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-08-02 16:09:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010-07-21 06:43:54 | 000,965,176 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi.exe
PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010-05-07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010-05-07 17:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2010-05-07 17:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010-05-07 17:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2010-04-29 14:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010-04-29 14:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010-02-02 17:31:56 | 000,279,296 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2010-01-27 11:37:22 | 000,091,392 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-08-18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009-08-18 10:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009-02-18 23:33:08 | 000,809,488 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009-02-18 23:28:52 | 000,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\KHAL2\KHALMNPR.exe
PRC - [2008-12-10 23:00:00 | 000,016,680 | ---- | M] (Sage Software) -- C:\Program Files\winsim\ConnectionManager\SimplyConnectionManager.exe
PRC - [2008-08-12 15:45:20 | 000,112,640 | ---- | M] (ZeroG Software) -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPMmonitor.exe
PRC - [2008-08-12 15:45:19 | 000,112,640 | ---- | M] (ZeroG Software) -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPMRMI.exe
PRC - [2008-08-12 15:45:17 | 000,112,640 | ---- | M] (ZeroG Software) -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPM.exe
PRC - [2008-08-12 15:44:57 | 000,020,576 | ---- | M] () -- C:\Program Files\Belkin Automatic Power Management Software\jre\bin\javaw.exe
PRC - [2008-08-09 13:21:23 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-04-13 18:34:14 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008-04-13 18:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-08-23 16:40:48 | 000,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
PRC - [2003-12-17 08:50:00 | 000,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE


========== Modules (SafeList) ==========

MOD - [2010-11-07 13:32:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe
MOD - [2010-08-23 11:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009-07-12 01:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-02-18 23:31:16 | 000,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\zzz\PEV.cfx -- (PEVSystemStart)
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - File not found [Auto | Stopped] -- c:\PROGRA~1\mcafee\siteadvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010-08-13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010-08-02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010-08-02 16:09:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-05-07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010-04-29 14:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010-03-18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010-03-18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-01-27 15:18:22 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\599\g2aservice.exe -- (GoToAssist)
SRV - [2010-01-27 11:37:22 | 000,091,392 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009-08-18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009-07-20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009-02-18 23:30:20 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008-12-10 23:00:00 | 000,016,680 | ---- | M] (Sage Software) [Auto | Running] -- C:\Program Files\winsim\ConnectionManager\SimplyConnectionManager.exe -- (Gestionnaire de connexion de Simple Comptable)
SRV - [2008-11-04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008-08-12 15:45:21 | 000,112,640 | ---- | M] (ZeroG Software) [On_Demand | Stopped] -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPMmanager.exe -- (BelkinAPMmanager)
SRV - [2008-08-12 15:45:20 | 000,112,640 | ---- | M] (ZeroG Software) [On_Demand | Running] -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPMmonitor.exe -- (BelkinAPMmonitor)
SRV - [2008-08-12 15:45:19 | 000,112,640 | ---- | M] (ZeroG Software) [On_Demand | Running] -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPMRMI.exe -- (BelkinAPMRMI)
SRV - [2008-08-12 15:45:17 | 000,112,640 | ---- | M] (ZeroG Software) [Auto | Running] -- C:\Program Files\Belkin Automatic Power Management Software\BelkinAPM.exe -- (BelkinAPM)
SRV - [2008-08-08 20:28:27 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-04-10 19:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2007-10-25 14:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007-08-23 16:40:48 | 000,079,136 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2007-03-20 15:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006-10-26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\smserial.sys -- (smserial)
DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010-08-02 16:10:08 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010-08-02 16:10:08 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010-07-27 03:15:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2010-07-27 03:14:58 | 006,842,464 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 9000(UVC)
DRV - [2010-07-27 03:12:50 | 000,282,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010-07-07 09:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010-06-17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010-05-07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010-04-29 14:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010-04-29 14:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMDrvService)
DRV - [2009-10-27 12:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2008-12-18 22:44:00 | 000,028,816 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008-12-18 22:43:48 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008-12-18 22:43:40 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008-12-18 22:43:18 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2008-12-17 01:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008-08-08 19:27:56 | 000,006,784 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2008-07-04 01:33:33 | 003,230,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008-05-23 15:54:38 | 000,030,816 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2008-04-13 10:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008-04-13 08:36:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-04-10 19:10:10 | 001,271,032 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008-02-06 17:39:32 | 000,242,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2008-01-31 20:05:04 | 000,054,272 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2007-05-11 18:00:14 | 000,045,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2006-12-28 10:57:00 | 000,045,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\intelsmb.sys -- (smbusp) Intel(R)
DRV - [2003-12-17 08:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003-12-17 08:50:00 | 000,037,887 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHIDUSB.SYS -- (LHidUsb)
DRV - [2003-12-17 08:50:00 | 000,025,505 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2003-12-12 18:03:10 | 000,652,689 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003-11-03 15:39:10 | 000,036,484 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SMBios.sys -- (SMBios) Intel (R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.cyberpresse.ca/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll File not found
IE - HKCU\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=10588"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/home?AF=10588"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..network.proxy.no_proxies_on: "*.local"


FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010-02-06 16:31:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-06-03 14:45:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-10-27 08:05:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-11-07 07:28:51 | 000,000,000 | ---D | M]

[2009-03-29 09:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Extensions
[2010-09-21 10:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\vyazh9z2.default\extensions
[2010-09-21 10:59:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\vyazh9z2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-06-03 12:33:29 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\vyazh9z2.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010-09-21 10:59:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\vyazh9z2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-03 12:32:56 | 000,001,827 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\vyazh9z2.default\searchplugins\bing.xml
[2010-11-05 11:24:13 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008-08-09 13:23:27 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010-05-05 04:35:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-11-05 11:24:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2008-08-09 13:23:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\google-ggic@partners.mozilla.com
[2010-11-05 11:24:01 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010-09-21 10:59:27 | 000,002,027 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2010-10-31 07:21:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll File not found
O2 - BHO: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Program Files\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunServices: [BelkinAPM] C:\Program Files\Belkin Automatic Power Management Software\BelkinAPM.exe (ZeroG Software)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Outlook Express.lnk = C:\Program Files\Outlook Express\msimn.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 8230099531 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Fichiers communs\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Propriétaire\Mes documents\Mes images\Papier peint de Internet Explorer.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Propriétaire\Mes documents\Mes images\Papier peint de Internet Explorer.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008-08-07 15:06:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-11-08 07:33:42 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010-11-08 07:33:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-11-07 13:32:11 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe
[2010-11-07 10:59:04 | 002,992,752 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Propriétaire\Bureau\filealyz.exe
[2010-11-07 10:12:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Avira
[2010-11-07 10:06:57 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010-11-07 10:06:55 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010-11-07 10:06:55 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010-11-07 10:06:55 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010-11-07 10:06:55 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010-11-07 10:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010-11-07 10:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010-11-07 09:54:56 | 000,000,000 | --SD | C] -- C:\zzz
[2010-11-07 07:51:05 | 001,329,752 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Propriétaire\Bureau\tdsskiller.exe
[2010-11-07 07:39:43 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\TFC.exe
[2010-11-06 21:28:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\vlc
[2010-11-05 11:35:09 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Propriétaire\Bureau\mbam-setup-1.46.exe
[2010-11-05 05:14:51 | 027,634,824 | ---- | C] ( ) -- C:\Documents and Settings\Propriétaire\Bureau\AdbeRdr940_en_US.exe
[2010-11-04 18:40:01 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010-11-04 17:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\kk
[2010-11-04 17:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\tdsskiller
[2010-11-04 16:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\rectordecryptor
[2010-11-04 11:21:27 | 000,955,272 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\Propriétaire\Bureau\SkypeSetup.exe
[2010-11-02 19:42:49 | 027,634,824 | ---- | C] ( ) -- C:\Documents and Settings\Propriétaire\Mes documents\AdbeRdr940_en_US.exe
[2010-11-02 07:03:18 | 004,329,496 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Propriétaire\Mes documents\avg_free_stb_all_2011_1153_cnet.exe
[2010-11-01 21:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2010-10-31 13:21:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\FixItCenter
[2010-10-31 13:19:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\MATS
[2010-10-31 13:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2010-10-31 13:00:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-10-31 13:00:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-10-31 13:00:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-10-31 12:17:40 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2010-10-31 11:31:51 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Propriétaire\Mes documents\mbam-setup-1.46.exe
[2010-10-31 11:27:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010-10-31 08:40:44 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010-10-31 07:37:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Propriétaire\Recent
[2010-10-31 06:42:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\SmitfraudFix
[2010-10-30 14:07:13 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2010-10-30 14:05:47 | 000,000,000 | ---D | C] -- C:\Navilog1
[2010-10-30 11:59:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2010-10-30 00:08:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010-10-29 22:02:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010-10-29 12:33:36 | 000,000,000 | ---D | C] -- C:\rsit
[2010-10-29 10:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010-10-28 20:15:06 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010-10-28 20:10:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Sunbelt Software
[2010-10-28 19:46:29 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010-10-28 19:46:27 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010-10-28 19:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2011
[2010-10-28 19:45:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010-10-28 14:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010-10-28 10:39:24 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010-10-28 10:36:31 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010-10-28 10:36:31 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010-10-28 10:36:31 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010-10-28 10:36:31 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010-10-28 10:36:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-10-28 10:13:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010-10-26 13:32:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010-10-19 19:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Skype
[2010-10-18 11:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Mes documents\Mes télécopies

========== Files - Modified Within 30 Days ==========

[2010-11-08 07:37:38 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010-11-08 07:37:21 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010-11-08 07:37:21 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-1425521274-839522115-1003.job
[2010-11-08 07:37:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-11-08 07:37:02 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010-11-08 07:27:53 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-1425521274-839522115-1003.job
[2010-11-08 07:27:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010-11-07 16:45:34 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7C65EE39-0893-47DD-AB1C-7C2541AEA912}.job
[2010-11-07 13:32:15 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTL.exe
[2010-11-07 13:30:06 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\SystemLook.exe
[2010-11-07 10:59:11 | 002,992,752 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Propriétaire\Bureau\filealyz.exe
[2010-11-07 10:07:11 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2010-11-07 09:44:17 | 053,123,856 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\avira_antivir_personal_en.exe
[2010-11-07 09:31:38 | 003,904,516 | R--- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\zzz.exe
[2010-11-07 08:47:27 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\rkill.exe
[2010-11-07 07:51:07 | 001,329,752 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Propriétaire\Bureau\tdsskiller.exe
[2010-11-07 07:40:52 | 000,604,720 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010-11-07 07:40:52 | 000,508,068 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-11-07 07:40:52 | 000,116,306 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010-11-07 07:40:52 | 000,090,478 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-11-07 07:39:45 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\TFC.exe
[2010-11-07 01:40:03 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010-11-06 21:27:45 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010-11-06 21:25:12 | 019,657,194 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\vlc-1.1.4-win32.exe
[2010-11-06 16:29:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-11-06 15:30:46 | 027,634,824 | ---- | M] ( ) -- C:\Documents and Settings\Propriétaire\Bureau\AdbeRdr940_en_US.exe
[2010-11-06 09:44:06 | 000,169,459 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\Boatttail Rolls Royce.jpg
[2010-11-05 21:15:49 | 000,088,576 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2010-11-05 11:36:36 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010-11-05 11:36:36 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-11-05 11:35:21 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Propriétaire\Bureau\mbam-setup-1.46.exe
[2010-11-05 06:01:34 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-11-05 06:00:41 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-11-04 17:04:32 | 001,213,675 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\tdsskiller.zip
[2010-11-04 14:48:14 | 000,001,916 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010-11-04 11:22:08 | 000,955,272 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\Propriétaire\Bureau\SkypeSetup.exe
[2010-11-03 20:12:06 | 000,002,867 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.lnk
[2010-11-03 20:11:45 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.msi
[2010-11-03 05:53:10 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010-11-02 19:45:13 | 019,657,194 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\vlc-1.1.4-win32.exe
[2010-11-02 19:42:51 | 027,634,824 | ---- | M] ( ) -- C:\Documents and Settings\Propriétaire\Mes documents\AdbeRdr940_en_US.exe
[2010-11-02 19:41:14 | 003,099,848 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\TeamViewer_Setup.exe
[2010-11-02 19:35:55 | 000,000,720 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Secunia PSI.lnk
[2010-11-02 18:48:01 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Propriétaire\Mes documents\mbam-setup-1.46.exe
[2010-11-02 17:07:45 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-02 14:25:13 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010-11-02 14:25:13 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010-11-02 14:19:36 | 001,791,112 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Mes documents\C`estpasduHeinz.wmv
[2010-11-02 07:03:41 | 004,329,496 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Propriétaire\Mes documents\avg_free_stb_all_2011_1153_cnet.exe
[2010-11-01 22:21:32 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-10-31 13:19:07 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Microsoft Fix it Center.lnk
[2010-10-31 13:14:06 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Puro.url
[2010-10-31 12:47:53 | 000,059,664 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\mbam-clean.exe
[2010-10-31 11:41:12 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\housecall.guid.cache
[2010-10-31 08:40:45 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2010-10-31 07:21:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-10-30 12:23:12 | 000,000,739 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ewido anti-malware.lnk
[2010-10-30 11:20:12 | 000,000,332 | RHS- | M] () -- C:\boot.ini
[2010-10-30 00:08:58 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Acrobat_com.lnk
[2010-10-28 14:09:23 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\TeamViewer 5.lnk
[2010-10-28 11:12:11 | 000,423,488 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.old
[2010-10-28 10:45:42 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101028-121211.backup
[2010-10-27 17:25:18 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010-10-27 17:21:08 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010-10-20 06:30:06 | 002,855,069 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolillo4.jpg
[2010-10-20 06:26:51 | 002,037,018 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolillo3.jpg
[2010-10-20 06:23:55 | 004,070,861 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolilo2.jpg
[2010-10-20 06:20:42 | 001,525,424 | ---- | M] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolilio 1.jpg
[2010-10-19 19:16:00 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2010-10-13 22:18:53 | 001,573,040 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2010-11-07 13:30:06 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\SystemLook.exe
[2010-11-07 10:07:10 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2010-11-07 09:44:15 | 053,123,856 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\avira_antivir_personal_en.exe
[2010-11-07 09:31:31 | 003,904,516 | R--- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\zzz.exe
[2010-11-07 08:47:26 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\rkill.exe
[2010-11-06 21:44:08 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-1425521274-839522115-1003.job
[2010-11-06 21:27:45 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2010-11-06 15:58:08 | 019,657,194 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\vlc-1.1.4-win32.exe
[2010-11-06 09:44:04 | 000,169,459 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\Boatttail Rolls Royce.jpg
[2010-11-03 19:48:32 | 000,002,867 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.lnk
[2010-11-03 19:47:01 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.msi
[2010-11-02 19:45:12 | 019,657,194 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\vlc-1.1.4-win32.exe
[2010-11-02 19:41:02 | 003,099,848 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\TeamViewer_Setup.exe
[2010-11-02 19:35:55 | 000,000,720 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Secunia PSI.lnk
[2010-11-02 14:25:09 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010-11-02 14:19:29 | 001,791,112 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\C`estpasduHeinz.wmv
[2010-11-01 22:21:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-10-31 13:19:07 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Microsoft Fix it Center.lnk
[2010-10-31 13:00:35 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010-10-31 12:47:46 | 000,059,664 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\mbam-clean.exe
[2010-10-31 12:12:35 | 001,213,675 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\tdsskiller.zip
[2010-10-31 11:41:12 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\housecall.guid.cache
[2010-10-30 12:23:12 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ewido anti-malware.lnk
[2010-10-30 08:10:50 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-10-28 14:09:23 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\TeamViewer 5.lnk
[2010-10-28 11:11:29 | 000,000,408 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010-10-28 10:39:28 | 000,000,216 | ---- | C] () -- C:\Boot.bak
[2010-10-28 10:39:26 | 000,263,488 | RHS- | C] () -- C:\cmldr
[2010-10-28 10:36:31 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010-10-28 10:36:31 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010-10-28 10:36:31 | 000,088,576 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010-10-28 10:36:31 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010-10-28 10:36:31 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010-10-26 10:42:07 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-10-20 06:30:03 | 002,855,069 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolillo4.jpg
[2010-10-20 06:26:46 | 002,037,018 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolillo3.jpg
[2010-10-20 06:23:52 | 004,070,861 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolilo2.jpg
[2010-10-20 06:20:40 | 001,525,424 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Paolilio 1.jpg
[2010-09-19 15:48:15 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\fusioncache.dat
[2010-07-27 03:03:20 | 010,829,656 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010-07-27 03:03:18 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010-05-07 17:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010-05-07 17:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2010-02-15 11:46:56 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Application Data\$_hpcst$.hpc
[2009-02-12 21:59:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2009-02-12 19:03:41 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\psCamDat.dll
[2009-01-05 14:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2008-12-16 18:06:50 | 000,090,411 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008-10-31 08:30:11 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\nssckbi.dll
[2008-08-13 12:00:16 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008-08-12 15:45:27 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\smemory.dll
[2008-08-12 15:45:27 | 000,035,992 | ---- | C] () -- C:\WINDOWS\System32\jspWinRnia.DLL
[2008-08-12 15:45:26 | 000,060,156 | ---- | C] () -- C:\WINDOWS\System32\jspWinNm.DLL
[2008-08-12 15:45:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\jspWinRni.DLL
[2008-08-12 15:45:26 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\TrayIcon12.dll
[2008-08-12 15:45:26 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\jspWin.dll
[2008-08-10 18:04:35 | 000,000,110 | ---- | C] () -- C:\WINDOWS\fiery.ini
[2008-08-10 17:50:04 | 000,000,248 | ---- | C] () -- C:\WINDOWS\efinl.ini
[2008-08-10 09:04:38 | 000,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2008-08-10 09:01:47 | 000,001,904 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2008-08-09 14:12:05 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008-08-09 13:41:37 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008-08-09 09:18:58 | 000,000,106 | ---- | C] () -- C:\WINDOWS\Simply.ini
[2008-08-09 02:49:27 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\ventmon.dll
[2008-08-09 02:02:26 | 000,001,916 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008-08-09 01:56:16 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\Implode.dll
[2008-08-08 21:48:47 | 000,002,597 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008-08-08 20:37:13 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008-08-07 10:54:40 | 000,004,374 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008-05-26 21:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 21:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 21:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2006-05-20 12:44:46 | 000,051,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2006-01-30 09:00:00 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1018.DLL
[2003-02-26 14:47:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\MimicICM.dll
[1999-01-27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997-06-13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

========== LOP Check ==========

[2010-06-17 08:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2008-08-09 11:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avocent AdminWorks
[2010-11-02 12:43:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2010-02-15 17:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2008-08-08 18:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010-11-02 12:40:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009-07-20 20:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009-03-22 08:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008-08-09 01:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sage Software
[2010-10-29 23:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010-10-28 19:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010-10-28 19:45:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010-04-03 17:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009-09-26 19:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009-06-23 17:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009-02-14 10:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{92E7A367-8E12-4830-AA70-29C32E331A81}
[2010-06-03 12:41:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010-10-28 19:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\BitTorrent
[2009-02-13 07:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Canon
[2010-10-30 00:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010-09-21 12:23:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\DNA
[2009-07-22 05:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\FDRLab
[2008-09-11 07:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\FotoWire
[2008-09-30 18:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\InternetCalls
[2009-02-15 10:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\IObit
[2008-12-16 10:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Leadertech
[2009-07-20 20:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\NCH Swift Sound
[2009-02-16 20:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\PanoramaStudio
[2010-10-29 21:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TeamViewer
[2010-10-28 19:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\TuneUp Software
[2009-02-13 11:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Uniblue
[2008-08-09 00:08:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\URSoft
[2008-08-08 19:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\USBSafelyRemove
[2008-08-08 16:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Desktop Search
[2008-08-08 22:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Propriétaire\Application Data\Windows Search
[2010-11-07 01:40:03 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010-11-07 16:45:34 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7C65EE39-0893-47DD-AB1C-7C2541AEA912}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Vignoble de la Bauge Logo(76).jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Vignoble de la Bauge Logo 2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\TecnoLegno Espresso.wpl:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Sydney Morning Herald.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Plan d'implantation.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\PL divisions 002.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Pewter cardholder.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Packard.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Packard wall copy.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Morning Herald.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Manubois letter inc.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Lvejoy rebuild 1.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Lovejoy rebuild 4.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Lovejoy rebuild 3.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Lovejoy rebuild 2.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Lovejoy rebuild 5.gif:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Liste anglaise1 Avril prix de gros.corrected.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\La Sorrentina box front (1).jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\KICX0296.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\frederick page coup de pinceau.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 8.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 7.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 6.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 5.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\convertible top 4.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 3.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 2.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Convertible top 1.png:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Carte de voeux de Dorothy.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Brésil 2007 344.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Bovetti Carroussel photoshop001.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\AusCar Collectibles Sunrise.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atomic British Patent_page5.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atomic British patent_page4.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atomic British patent_page3.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atomic British patent_page2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atomic British patent_page1.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atom instruc.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atom instruc. 3.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\Atom instruc, 2.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\14-07-08_1836.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Propriétaire\Mes documents\1_gtabouret[1].jpg:Roxio EMC Stream
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13

< End of report >



I really appreciate this....
Frederick
Regular Member
 
Posts: 30
Joined: November 3rd, 2010, 9:33 pm

Re: Dewsperately need any help with redirecting or disappear

Unread postby askey127 » November 8th, 2010, 10:18 am

I am reviewing the new logs.
Are you still getting the redirects?
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Dewsperately need any help with redirecting or disappear

Unread postby Frederick » November 8th, 2010, 10:50 am

Yes. Unfortunately.
Frederick
Regular Member
 
Posts: 30
Joined: November 3rd, 2010, 9:33 pm

Re: Dewsperately need any help with redirecting or disappear

Unread postby Frederick » November 8th, 2010, 10:56 am

I went to google and chose randomly 5 subjects and.......no redirect.
Frederick
Regular Member
 
Posts: 30
Joined: November 3rd, 2010, 9:33 pm

Re: Dewsperately need any help with redirecting or disappear

Unread postby Frederick » November 8th, 2010, 10:57 am

Do I dare believe.....?
Frederick
Regular Member
 
Posts: 30
Joined: November 3rd, 2010, 9:33 pm

Re: Dewsperately need any help with redirecting or disappear

Unread postby Frederick » November 8th, 2010, 11:11 am

When I chose a subject on top of the list , A message appears with the Internet globe symbol: This web page cannot be displayed or cannot open the page....something like that.
Frederick
Regular Member
 
Posts: 30
Joined: November 3rd, 2010, 9:33 pm

Re: Dewsperately need any help with redirecting or disappear

Unread postby Frederick » November 8th, 2010, 11:23 am

Still redirecting.......
Frederick
Regular Member
 
Posts: 30
Joined: November 3rd, 2010, 9:33 pm

Re: Dewsperately need any help with redirecting or disappear

Unread postby askey127 » November 8th, 2010, 11:44 am

Go to Start, Run
Type the following into the box and click OK
ipconfig /flushDNS

There's a space between ipconfig and /flushDNS.
A black window should flash briefly.
Unfortunately, the machine has a memory for redirected sites, but you just removed them.
Now keep an eye on it.

Have you had a chance to check the router?
Are there any other computers on the same router, and are they getting redirects?
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Dewsperately need any help with redirecting or disappear

Unread postby Frederick » November 8th, 2010, 12:10 pm

I do have a router for a second "computer" this is always shut becuase it is a Fiery unit for my color printer (a big thing). I'm doin what you told me now.
Thank you for your patience. I don't know what in tarnation you are doing, looks good though.
Frederick
Regular Member
 
Posts: 30
Joined: November 3rd, 2010, 9:33 pm

Re: Dewsperately need any help with redirecting or disappear

Unread postby Frederick » November 8th, 2010, 12:22 pm

It seems like it is doing less. I searched for : Cleaning concrete floors and I did get a:

Redirect....redirect and jump. Then blank page.
I shut the page with the top right red cross and it comes back to google with the same search unit. I click on the same item and with no hesitation I'm there.
Frederick
Regular Member
 
Posts: 30
Joined: November 3rd, 2010, 9:33 pm

Re: Dewsperately need any help with redirecting or disappear

Unread postby Frederick » November 9th, 2010, 10:40 am

Good MoooOOoooorning,

I'm on a site, peacefully reading some rotten news when all of a sudden the Google home page appears.This happens frequently.
Don't give up on me please!
Redirects are in the usual numbers: 3 out of 5.
Thank you.
Frederick
Regular Member
 
Posts: 30
Joined: November 3rd, 2010, 9:33 pm

Re: Dewsperately need any help with redirecting or disappear

Unread postby askey127 » November 9th, 2010, 3:58 pm

You have a very large number of Browser Helper Objects (BHOs), and a very large number of Toolbars.
Some of them may be trying to serve themselves by being a popup nuisance (that's what they do).
We can disable a significant number, or all of them.
None of them are necessary for your system to function, although I can see where MyBabylon could be important.
How about If we disable all but My Babylon and check results.?
All of these toolbars can be re-installed if you wish, later.

In addition, the Roxio applications are notoriously buggy, and may not be doing what you expect.
If you give me a bit of guidance, we can begin.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Dewsperately need any help with redirecting or disappear

Unread postby Frederick » November 9th, 2010, 4:17 pm

Thank you.
I have an appointment with my eye doctor (sand in my eyes for a month...seems like it, horribly disturbing) I was about to leave and I will be back at around 5. If you are still here, we will take it from there. Okay?
Thank you so much. Frederick
My eyes are so red looks like they are about to bleed.
Frederick
Regular Member
 
Posts: 30
Joined: November 3rd, 2010, 9:33 pm
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 58 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware