Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015 Ran by MOI at 2015-06-18 14:10:39 Running from C:\Documents and Settings\MOI\Bureau Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-1292428093-343818398-1801674531-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrateur ASPNET (S-1-5-21-1292428093-343818398-1801674531-1001 - Limited - Enabled) HelpAssistant (S-1-5-21-1292428093-343818398-1801674531-1000 - Limited - Disabled) Invité (S-1-5-21-1292428093-343818398-1801674531-501 - Limited - Disabled) MOI (S-1-5-21-1292428093-343818398-1801674531-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\MOI ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ACDSee Pro 2.5 (HKLM\...\{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}) (Version: 2.5.363 - ACD Systems International) Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.160 - Adobe Systems Incorporated) Adobe Reader 9.3 - Français (HKLM\...\{AC76BA86-7AD7-1036-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated) Assistant de connexion Windows Live (HKLM\...\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}) (Version: 5.000.818.5 - Microsoft Corporation) Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software) Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment) Bing Bar (HKLM\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation) Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v4.31.02.6(D) - ) Configuration DivX (HKLM\...\DivX Setup) (Version: 2.7.0.70 - DivX, LLC) Defiance (HKLM\...\Glyph Defiance) (Version: - Trion Worlds, Inc.) FileZipper (HKLM\...\FileZipper) (Version: - FileZipper) Forged By Chaos (HKLM\...\ForgedByChaos) (Version: - ) FPS Creator Demo (HKLM\...\{E70E9721-A42A-4D7A-8087-AA69614328A0}) (Version: - ) Free Sound Recorder v10.5.1 (HKLM\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2015 FreeSoundRecorder Technologies, Inc.) GeneralTouch TouchScreen Driver (HKLM\...\GenTouchscreen) (Version: - ) Glyph (HKLM\...\Glyph) (Version: - Trion Worlds, Inc.) Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.) Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation) Installation Windows Live (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Installation Windows Live (Version: 14.0.8089.726 - Microsoft Corporation) Hidden Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle) LiveReg (Symantec Corporation) (HKLM\...\LiveReg) (Version: 2.2.0.1621 - Symantec Corporation) LiveUpdate 1.80 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 1.80.19.0 - Symantec Corporation) Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Media Player Classic - Home Cinema v. 1.3.1249.0 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: - ) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 French Language Pack (HKLM\...\{9A394342-4A68-4EBA-85A6-55B559F4E700}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA (HKLM\...\{72AD53CC-CCC0-3757-8480-9EE176866A7C}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA (HKLM\...\{0BD83598-C2EF-3343-847B-7D2E84599128}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Module linguistique Microsoft .NET Framework 3.5 SP1- fra (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - fra) (Version: - Microsoft Corporation) MotioninJoy Gamepad tool Packages (HKU\S-1-5-21-1292428093-343818398-1801674531-1003\...\MotioninJoy Gamepad tool Packages) (Version: - ) <==== ATTENTION Mozilla Firefox 26.0 (x86 fr) (HKLM\...\Mozilla Firefox 26.0 (x86 fr)) (Version: 26.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla) MSFN Codec Pack 5.4 (HKLM\...\MSFN Codec Pack 5.4) (Version: - ) Mywellness device reader (HKLM\...\{2B1E31CE-2BDE-4CC3-A4EA-12169704AA64}) (Version: 1.01.0005 - Technogym SpA) Mywellness Key USB Device (Driver Removal) (HKLM\...\SIUSBXP&10C4&8407) (Version: - ) Nero 8 Lite 8.3.6.0 (HKLM\...\Nero8Lite_is1) (Version: 8.3.6.0 - Updatepack.nl) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - ) O2Micro Flash Memory Card Reader Driver (x86) (HKLM\...\{E2867240-F889-4D76-9AAF-252D9A1A623E}) (Version: 3.27 - O2Micro) Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC) Panzar (HKLM\...\{4FF82163-423A-43CE-898D-3B60D19A5E8F}_is1) (Version: 1.0 - Panzar) PDF Architect 3 (HKLM\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH) PDF Architect 3 Create Module (Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Architect 3 Edit Module (Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Architect 3 View Module (Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge) PhotoPad Image Editor (HKLM\...\PhotoPad) (Version: 2.43 - NCH Software) Pilote de dispositif de pointage universel (HKLM\...\TBUPDDV3) (Version: - ) REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.16.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5512 - Realtek Semiconductor Corp.) Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.19 - Safer-Networking Ltd.) UltraISO Premium V9.3 (HKLM\...\UltraISO_is1) (Version: - ) Utilitaire de la carte réseau local sans fil Wireless de Dell (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VideoPad - Logiciel de montage vidéo (HKLM\...\VideoPad) (Version: 3.86 - NCH Software) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation) Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - ) WinRAR (HKLM\...\WinRAR archiver) (Version: - ) World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) World of Warplanes (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net) XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden ZHPDiag 2015 (HKLM\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 16-02-2015 17:55:34 Installation de pilote non signé 16-02-2015 17:57:32 Installation de pilote non signé 16-02-2015 17:58:10 Installation de pilote non signé 16-02-2015 20:17:55 Removed Cleaner Pro 16-02-2015 20:18:19 Removed Cleaner Pro 16-02-2015 20:36:31 Configuré REALTEK GbE & FE Ethernet PCI-E NIC Driver 16-02-2015 20:56:17 Installed Hi-Rez Studios Games 20-04-2015 07:07:34 Opération de restauration 22-04-2015 14:20:23 Opération de restauration 22-04-2015 14:21:34 Opération de restauration 22-04-2015 19:43:45 avast! antivirus system restore point 23-04-2015 20:12:08 Installation de pilote non signé 24-04-2015 07:53:26 Installation de pilote non signé 24-04-2015 08:10:49 Installation de pilote non signé 24-04-2015 08:11:26 Installation de pilote non signé 28-04-2015 00:57:16 DirectX est installé 28-04-2015 12:26:23 Installation de pilote non signé 28-04-2015 12:27:37 Installation de pilote non signé 28-04-2015 13:06:20 DRAKERZ Confrontation installé 19-05-2015 06:15:58 Opération de restauration 19-05-2015 06:23:35 avast! antivirus system restore point 19-05-2015 08:12:56 Installation de pilote non signé 20-05-2015 04:11:54 Installation de pilote non signé 20-05-2015 18:21:44 Uniblue PC Mechanic installation 20-05-2015 18:21:54 Installed Windows Media Format 9 Series Runtime Setup 20-05-2015 20:56:14 Installé Pinnacle VideoSpin. 22-05-2015 14:51:49 Installation de pilote non signé 22-05-2015 14:55:39 Installation de pilote non signé 26-05-2015 17:04:32 Installation de pilote non signé 26-05-2015 17:08:59 Installation de pilote non signé 26-05-2015 20:22:55 Installation de pilote non signé 27-05-2015 14:32:12 Installation de pilote non signé 27-05-2015 19:31:16 Installé Microsoft Visual C++ 2005 Redistributable 27-05-2015 19:31:44 League of Legends installé 27-05-2015 19:32:03 DirectX est installé 29-05-2015 16:58:21 Installation de pilote non signé 29-05-2015 16:59:15 Installation de pilote non signé 29-05-2015 19:45:52 Installation de pilote non signé 30-05-2015 07:36:23 League of Legends désinstallé 30-05-2015 07:37:49 Pinnacle VideoSpin supprimé. 02-06-2015 19:47:56 Installation de pilote non signé 04-06-2015 22:28:19 Opération de restauration 04-06-2015 22:57:16 Opération de restauration 09-06-2015 19:15:58 Opération de restauration 15-06-2015 07:49:45 Pilote d'imprimante PDFCreator installé 15-06-2015 07:51:34 Installed PDF Architect 3 View Module 15-06-2015 07:52:14 Installé PDF Architect 3 Edit Module 15-06-2015 07:53:39 Installed PDF Architect 3 Create Module 16-06-2015 07:44:42 Installation de pilote non signé ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-10-23 21:00 - 2015-02-02 10:35 - 00448007 ____R C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 www.123moviedownload.com 127.0.0.1 123moviedownload.com There are 1000 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Loaded Modules (Whitelisted) ============== 2013-10-31 00:00 - 2008-11-26 12:39 - 00024576 _____ () C:\WINDOWS\System32\WLTRYSVC.EXE 2013-10-31 00:00 - 2008-11-26 12:39 - 00753664 _____ () C:\WINDOWS\System32\bcm1xsup.dll 2015-04-22 19:45 - 2015-04-22 19:45 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-04-22 19:45 - 2015-04-22 19:45 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-06-18 06:30 - 2015-06-18 06:30 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15061702\algo.dll 2009-02-27 17:37 - 2009-02-27 17:37 - 00311296 _____ () C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA 2013-10-30 23:57 - 2008-06-09 08:23 - 00466944 _____ () C:\WINDOWS\system32\nvshell.dll 2013-10-30 23:02 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll 2004-07-20 18:04 - 2004-07-20 18:04 - 00094208 _____ () C:\WINDOWS\system32\TosBtHcrpAPI.dll 2015-04-22 14:33 - 2015-04-22 19:45 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe 2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll 2009-10-23 21:00 - 2009-10-23 21:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2015-05-19 06:34 - 2014-02-10 13:44 - 04592128 _____ () C:\Documents and Settings\MOI\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll 2015-05-19 06:34 - 2014-02-10 13:44 - 00112128 _____ () C:\Documents and Settings\MOI\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll 2015-04-28 12:52 - 2015-04-13 23:55 - 14980424 _____ () C:\Program Files\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:373E1720 ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7823 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1292428093-343818398-1801674531-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\MOI\Local Settings\Application Data\Microsoft\Wallpaper1.bmp DNS Servers: 212.27.40.241 - 212.27.40.240 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^MyPC Backup.lnk => C:\WINDOWS\pss\MyPC Backup.lnkStartup MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Bluetooth Manager.lnk => C:\WINDOWS\pss\Bluetooth Manager.lnkCommon Startup MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Mywellness device reader.lnk => C:\WINDOWS\pss\Mywellness device reader.lnkCommon Startup MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^OfferBox.lnk => C:\WINDOWS\pss\OfferBox.lnkCommon Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: Alcmtr => ALCMTR.EXE MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\WINDOWS\system32\WLTRAY.exe MSCONFIG\startupreg: ccleaner => "C:\Program Files\CCleaner\CCleaner.exe" /AUTO MSCONFIG\startupreg: GenDkMon => C:\WINDOWS\GenTouchScreen\GenDkMon.exe MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup MSCONFIG\startupreg: NVHotkey => rundll32.exe nvHotkey.dll,Start MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit MSCONFIG\startupreg: nwiz => nwiz.exe /installquiet MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TBSysTray => C:\Program Files\UPDD\TBSystry.exe MSCONFIG\startupreg: Vistadrv => C:\WINDOWS\system32\vsdrv\vsdrv.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) DomainProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger StandardProfile\AuthorizedApplications: [C:\Program Files\Windows Live\Messenger\msnmsgr.exe] => Enabled:Windows Live Messenger StandardProfile\AuthorizedApplications: [C:\Program Files\UltraVNC\vncviewer.exe] => Enabled:Client UltraVNC StandardProfile\AuthorizedApplications: [C:\Program Files\eMule\emule.exe] => Enabled:eMule StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\sessmgr.exe] => Disabled:@xpsp2res.dll,-22019 StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\FileZipperSetup.exe] => Enabled:FileZipperSetup.exe (in) StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrateur\Local Settings\Temp\ibtmp09b9737\SearchProtectInstaller] => Enabled:SearchProtectInstaller (in) StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome StandardProfile\AuthorizedApplications: [C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe] => Enabled:Render Manager StandardProfile\AuthorizedApplications: [C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe] => Enabled:umi StandardProfile\AuthorizedApplications: [C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe] => Enabled:Pinnacle VideoSpin StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype StandardProfile\GloballyOpenPorts: [12530:TCP] => Enabled:eMule_TCP StandardProfile\GloballyOpenPorts: [65530:UDP] => Enabled:eMule_UDP StandardProfile\GloballyOpenPorts: [65535:UDP] => Enabled:eMule_UDPServeur StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004 StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005 StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001 StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/16/2015 07:46:03 PM) (Source: WmiAdapter) (EventID: 4099) (User: BUILTIN) Description: Échec de l'ouverture de services. Error: (06/16/2015 00:42:24 PM) (Source: JavaQuickStarterService) (EventID: 1) (User: ) Description: Unable to open C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf: No such file or directory Error: (06/16/2015 07:30:57 AM) (Source: JavaQuickStarterService) (EventID: 1) (User: ) Description: Unable to open C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf: No such file or directory Error: (06/15/2015 09:37:47 PM) (Source: JavaQuickStarterService) (EventID: 1) (User: ) Description: Unable to open C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf: No such file or directory Error: (06/15/2015 07:44:47 PM) (Source: JavaQuickStarterService) (EventID: 1) (User: ) Description: Unable to open C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf: No such file or directory Error: (06/15/2015 07:22:35 PM) (Source: JavaQuickStarterService) (EventID: 1) (User: ) Description: Unable to open C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf: No such file or directory Error: (06/15/2015 11:14:49 AM) (Source: JavaQuickStarterService) (EventID: 1) (User: ) Description: Unable to open C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf: No such file or directory Error: (06/15/2015 06:51:53 AM) (Source: JavaQuickStarterService) (EventID: 1) (User: ) Description: Unable to open C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf: No such file or directory Error: (06/15/2015 06:39:01 AM) (Source: JavaQuickStarterService) (EventID: 1) (User: ) Description: Unable to open C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf: No such file or directory Error: (06/14/2015 03:45:35 PM) (Source: JavaQuickStarterService) (EventID: 1) (User: ) Description: Unable to open C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf: No such file or directory System errors: ============= Error: (06/18/2015 01:21:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Spybot-S&D 2 Security Center Service n'a pas pu démarrer en raison de l'erreur : %%1053 Error: (06/18/2015 01:21:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Délai (30000 millisecondes) d'attente pour une connexion du service Spybot-S&D 2 Security Center Service. Error: (06/18/2015 01:21:37 PM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Le service Spybot-S&D 2 Updating Service dépend du service inexistant : seclogon. Error: (06/18/2015 01:21:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Spybot-S&D 2 Scanner Service n'a pas pu démarrer en raison de l'erreur : %%1053 Error: (06/18/2015 01:21:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Délai (30000 millisecondes) d'attente pour une connexion du service Spybot-S&D 2 Scanner Service. Error: (06/18/2015 06:28:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Spybot-S&D 2 Security Center Service n'a pas pu démarrer en raison de l'erreur : %%1053 Error: (06/18/2015 06:28:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Délai (30000 millisecondes) d'attente pour une connexion du service Spybot-S&D 2 Security Center Service. Error: (06/18/2015 06:28:21 AM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Le service Spybot-S&D 2 Updating Service dépend du service inexistant : seclogon. Error: (06/18/2015 06:28:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Spybot-S&D 2 Scanner Service n'a pas pu démarrer en raison de l'erreur : %%1053 Error: (06/18/2015 06:28:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Délai (30000 millisecondes) d'attente pour une connexion du service Spybot-S&D 2 Scanner Service. Microsoft Office: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T9300 @ 2.50GHz Percentage of memory in use: 44% Total physical RAM: 3070.36 MB Available physical RAM: 1689.95 MB Total Pagefile: 4954.02 MB Available Pagefile: 3618.89 MB Total Virtual: 2047.88 MB Available Virtual: 1898.96 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.75 GB) (Free:306.03 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: F18CF18C) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End of log ============================