Musique qui se met en route toute seule

Fermé
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009 - 10 déc. 2009 à 09:36
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009 - 13 déc. 2009 à 01:11
Bonjour,
voila ce matin j allume mon pc et depuis j ai une musique africaine qui tourne en boucle,ca fait plus d 1h.J aurai besoin de conseil de votre part pour pouvoir arreter ca,je ne sais vraiment pas comment faire.Je vous remercie d avance

53 réponses

amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 11:32
Logfile of random's system information tool 1.06 (written by random/random)
Run by amel at 2009-12-11 11:31:08
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 36 GB (24%) free of 149 GB
Total RAM: 767 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:31:10, on 11/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\sdclt.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\amel\Downloads\RSIT(3).exe
C:\Program Files\trend micro\amel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoo1.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoo1.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:\Program Files\toox.com\tbtoo1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe"
O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/5.0 (Windows; U; Windows NT 6.0; fr; rv:1.9.0.14) Gecko/2009082707 Firefox/3.0.14 GTB5 (.NET CLR 3.5.30729) FBSMTWB" -"http://www.aufeminin.com/..."
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcr_device - - C:\Windows\system32\lxcrcoms.exe
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
O23 - Service: lxdx_device - - C:\Windows\system32\lxdxcoms.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
0
Utilisateur anonyme
11 déc. 2009 à 11:37
▶ Télécharge OTM de OldTimer sur ton Bureau.

• Double-clique sur OTM.exe afin de le lancer.

• Copie (Ctrl+C) le texte suivant ci-dessous :



:processes
explorer.exe

:services
a7nyonlh
CLTNetCnService

:files
C:\cleannavi.txt
C:\Program Files\Navilog1
C:\Program Files\Ad-Remover
C:\Program Files\Macrogaming
C:\Program Files\Iminent

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"????r"=-
"?????????"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}]

:commands
[emptytemp]
[reboot]



• Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

• Clique maintenant sur le bouton MoveIt! puis ferme OTM.

▶ Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
▶ Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log


0
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 11:38
je ne sais pas comment faire pour avoir le rapport texte,tout a l heure il me le mettait automatiquement avec le rapport log
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 11:49
rapport OTM
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Error: No service named a7nyonlh was found to stop!
Unable to stop service a7nyonlh!
Service CLTNetCnService stopped successfully!
Service CLTNetCnService deleted successfully!
========== FILES ==========
C:\cleannavi.txt moved successfully.
C:\Program Files\Navilog1\Safebackup folder moved successfully.
C:\Program Files\Navilog1\Report folder moved successfully.
C:\Program Files\Navilog1\Contents folder moved successfully.
C:\Program Files\Navilog1\Backupnavi folder moved successfully.
C:\Program Files\Navilog1 folder moved successfully.
C:\Program Files\Ad-Remover\RegDACL folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Windows\INSTAL~1\{E1B94~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Windows\INSTAL~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Windows folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\Desktop folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\Mozilla\Firefox\Profiles\KPCRZ4~1.DEF\SEARCH~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\Mozilla\Firefox\Profiles\KPCRZ4~1.DEF\EXTENS~1\{E9A1D~1\META-INF folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\Mozilla\Firefox\Profiles\KPCRZ4~1.DEF\EXTENS~1\{E9A1D~1\defaults\PREFER~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\Mozilla\Firefox\Profiles\KPCRZ4~1.DEF\EXTENS~1\{E9A1D~1\defaults folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\Mozilla\Firefox\Profiles\KPCRZ4~1.DEF\EXTENS~1\{E9A1D~1\chrome folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\Mozilla\Firefox\Profiles\KPCRZ4~1.DEF\EXTENS~1\{E9A1D~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\Mozilla\Firefox\Profiles\KPCRZ4~1.DEF\EXTENS~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\Mozilla\Firefox\Profiles\KPCRZ4~1.DEF folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\Mozilla\Firefox\Profiles folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\Mozilla\Firefox folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\Mozilla folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\ItsLabel\ItsTV folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\ItsLabel folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\EoRezo\SOFTWA~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\EoRezo\EOWEAT~1\IMAGES~2 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\EoRezo\EOWEAT~1\IMAGES~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\EoRezo\EOWEAT~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\EoRezo\EODESK~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\EoRezo\db folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming\EoRezo folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Roaming folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData\Local folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel\AppData folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\amel folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\IMBOOS~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\MICROS~1\Windows\STARTM~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\MICROS~1\Windows folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\MICROS~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MOZILL~1\COMPON~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MOZILL~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MACROG~1\SWEETI~1\Cache folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MACROG~1\SWEETI~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MACROG~1\SweetIM\RESOUR~1\images folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MACROG~1\SweetIM\RESOUR~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MACROG~1\SweetIM\data\CONTEN~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MACROG~1\SweetIM\data folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MACROG~1\SweetIM\conf\users\AMEL59~1.FR folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MACROG~1\SweetIM\conf\users folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MACROG~1\SweetIM\conf folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MACROG~1\SweetIM folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MACROG~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\ro folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\pt folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\it folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\fr folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\es folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\en folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\de folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\EoRezo\EoAdv folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\EoRezo folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\AskTBar\SrchAstt\1.bin folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\AskTBar\SrchAstt folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\AskTBar\PopSwatr\History folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\AskTBar\PopSwatr folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\AskTBar\bar\Settings folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\AskTBar\bar\History folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\AskTBar\bar\Cache folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\AskTBar\bar\1.bin folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\AskTBar\bar folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\AskTBar folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\ASKBAR~1\bar\Settings folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\ASKBAR~1\bar\bin folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\ASKBAR~1\bar folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\ASKBAR~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE folder moved successfully.
C:\Program Files\Ad-Remover\ERUNT folder moved successfully.
C:\Program Files\Ad-Remover\BACKUP\Registry 11-12-2009\Users\00000002 folder moved successfully.
C:\Program Files\Ad-Remover\BACKUP\Registry 11-12-2009\Users\00000001 folder moved successfully.
C:\Program Files\Ad-Remover\BACKUP\Registry 11-12-2009\Users folder moved successfully.
C:\Program Files\Ad-Remover\BACKUP\Registry 11-12-2009 folder moved successfully.
C:\Program Files\Ad-Remover\BACKUP folder moved successfully.
C:\Program Files\Ad-Remover\1 folder moved successfully.
C:\Program Files\Ad-Remover folder moved successfully.
C:\Program Files\Macrogaming\SweetIM folder moved successfully.
C:\Program Files\Macrogaming folder moved successfully.
C:\Program Files\Iminent folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\????r not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\????????? not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: amel
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 7153662 bytes
->Java cache emptied: 8442944 bytes
->FireFox cache emptied: 70521232 bytes
->Google Chrome cache emptied: 6053089 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 24694 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 164471 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 88,14 mb


OTM by OldTimer - Version 3.1.2.2 log created on 12112009_114135

Files moved on Reboot...
File C:\Windows\temp\_avast4_\Webshlock.txt not found!

Registry entries deleted on Reboot...
0
Utilisateur anonyme
11 déc. 2009 à 11:51
ou en est ton probleme initial ?
0
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 11:53
Ben pour l instant pas de musique.Mais elle se mettait pas en route tout le temps,1 a 2 fois par jour,donc je peut pas dire si ca va ou pas.En tout cas mon pc ramer beaucoup et la ca va parfait
0
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 11:58
Je suis contente mon pc n a jamais ete aussi rapide,je devais etre bien infectée.Que me conseille tu de faire pour que mon pc ne soit plus infectée.Car j ai que avast] en anti virus.En tout cas un grand merci pour votre aide.Et si jamais la musique revient je reposterai.Merci encore
0
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 12:00
Sinon est ce que je peut reactiver le compte utilisateur car j ai un message alerte de securité windows?
0
Utilisateur anonyme
11 déc. 2009 à 12:03
sur qu'avast, a une mauvaise réputation en ce moment

perso, j'utilise actuellement microsoft security suite, gratuit ,mais je sais pas ce qu'il vaut, pas assez de recul ( chiquitine ? )

en tout cas, il est discret et léger

couplé à malwarebytes, et un bon scan complet de temps en temps

et surtout, attention de pas installer des cochonneries genre toolbar, searchbar, enfin toutes ce qui contient le mot "bar" en général ^^
0
Utilisateur anonyme
11 déc. 2009 à 12:06
tu vas réactiver le controle des comptes apres cette manipe :

on va virer un toolbar :


• Double-clique sur OTM.exe afin de le lancer.

• Copie (Ctrl+C) le texte suivant ci-dessous :



:processes
explorer.exe

:files
C:\Program Files\toox.com\tbtoo1.dll
C:\Program Files\toox.com

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a841a1c1-4687-4285-89fe-e9df6c5ed4c6}]

:commands
[emptytemp]
[reboot]



• Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

• Clique maintenant sur le bouton MoveIt! puis ferme OTM.

▶ Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
▶ Accepte en cliquant sur YES.

• Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

0
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 12:10
D accord merci.je vais enlever avast alors.Ah ben tout ce qui est toolbar etc j en ai plusieur,je vais m empresser d aller virer ca alors.C est bon a savoir.Merci.Alala trop contente de retrouver mon ordi comme neuf.Ca faisait longtemps.:))
0
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 12:12
Merci chiquitine.Je le ferait a 13h30,car la faut que j aille chercher mes enfants a l ecole.Désolé.A tout a l heure
0
Utilisateur anonyme
11 déc. 2009 à 12:12
je ne t ai pas dis de virer avast ...

mais de faire la maipe decrite plus haut .
0
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 12:47
non,je repondai a webernard.Qui disais plus haut que avast avait une mauvaise reputation en ce moment.Et toi tu penses quoi d avast?
Sinon,je reviens a 13h30 une fois que j aurai ramené mes enfants a l ecole,pour faire ta manipe.
0
Utilisateur anonyme
11 déc. 2009 à 12:49
Avast a des grosses lacunes contre les infections recentes .

On va en discuter a ton retour .

a tout de suite .
0
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 13:39
ca y est je suis de retour,je fait la manip
0
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 13:50
rapport OTM

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Program Files\toox.com\tbtoo1.dll moved successfully.
C:\Program Files\toox.com folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersi­on\Explorer\Browser Helper Objects\{a841a1c1-4687-4285-89fe-e9df6c5ed4c6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a841a1c1-4687-4285-89fe-e9df6c5ed4c6}\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: amel
->Temp folder emptied: 33289 bytes
->Temporary Internet Files folder emptied: 33522 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 25038411 bytes
->Google Chrome cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 548982 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 24,50 mb


OTM by OldTimer - Version 3.1.2.2 log created on 12112009_134406

Files moved on Reboot...
File C:\Windows\temp\_avast4_\Webshlock.txt not found!

Registry entries deleted on Reboot...
0
Utilisateur anonyme
11 déc. 2009 à 13:52
T es une chef Amélie ;) joli taff :)

Refais un scan RSIT tout neuf et post log.txt et on termine ....

... dis moi si tu veux garder avast ou pas .

0
amelie.59 Messages postés 34 Date d'inscription jeudi 10 décembre 2009 Statut Membre Dernière intervention 13 décembre 2009
11 déc. 2009 à 13:58
Merci,mais c est a vous que je le dois.Tout ce que vous m avez demandé de faire etait tres bien expliquer pour le coup c etait assez simple a realiser.Pourtant c etait pas gagner d avance lol .

Logfile of random's system information tool 1.06 (written by random/random)
Run by amel at 2009-12-11 13:55:34
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 36 GB (24%) free of 149 GB
Total RAM: 767 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:55:43, on 11/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Windows\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxMsdMon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\amel\Downloads\RSIT(4).exe
C:\Program Files\trend micro\amel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: (no name) - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - (no file)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe"
O4 - HKLM\..\Run: [lxdxamon] "C:\Program Files\Lexmark 3600-4600 Series\lxdxamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/5.0 (Windows; U; Windows NT 6.0; fr; rv:1.9.0.14) Gecko/2009082707 Firefox/3.0.14 GTB5 (.NET CLR 3.5.30729) FBSMTWB" -"https://www.aufeminin.com/"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcr_device - - C:\Windows\system32\lxcrcoms.exe
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
O23 - Service: lxdx_device - - C:\Windows\system32\lxdxcoms.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
0