Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business
  


  


  Comment se débarrasser de Babylon isearch

 

SECURITE : brunette777, Rolandin, TC59 et 309 utilisateurs inconnus
Ajouter une réponse

 Mot :  Pseudo :  
Vider la liste des messages à citer  
 Page :
1
Auteur
 Sujet :

Comment se débarrasser de Babylon isearch

Prévenir les modérateurs en cas d'abus 
n°578012
romurn
Posté le 18-05-2012 à 00:23:46  answer
Prévenir les modérateurs en cas d'abus
 

Bonjour,

 J'ai un problème avec isearch babylon qui squatte mon pc depuis 22h51 et je ne parviens pas à le supprimer...

 Merci beaucoup par avance pour votre aide !

 Voici le dernier log fait avec OTL (après suppression manuelle de dossiers "babylon" ):

 OTL logfile created on: 18/05/2012 00:03:41 - Run 2
 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Utilisateur\Downloads​
 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
 Internet Explorer (Version = 9.0.8112.16421)
 Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 3,75 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 68,33% Memory free
 7,49 Gb Paging File | 5,77 Gb Available in Paging File | 77,09% Paging File free
 Paging file location(s): ?:\pagefile.sys [binary data]

 %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
 Drive C: | 451,81 Gb Total Space | 174,66 Gb Free Space | 38,66% Space Free | Partition Type: NTFS
 Drive D: | 13,65 Gb Total Space | 2,27 Gb Free Space | 16,59% Space Free | Partition Type: NTFS
 Drive E: | 97,53 Mb Total Space | 90,94 Mb Free Space | 93,24% Space Free | Partition Type: FAT32
 Drive F: | 88,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 Computer Name: UTILISATEUR-PC | User Name: Utilisateur | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 1 Day

 ========== Processes (SafeList) ==========

 PRC - [2012/05/17 23:12:41 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Utilisateur\Downloads​\OTL.exe
 PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.36​1.0\SeaPort.EXE
 PRC - [2011/08/30 20:50:34 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
 PRC - [2011/04/27 21:05:54 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
 PRC - [2009/10/05 23:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSma​rt\Media\Kernel\CLML\CLMLSvc.e​xe
 PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe


 ========== Modules (No Company Name) ==========

 MOD - [2012/05/12 11:54:59 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Manage​ment\9b2f17fb61b7197f2a04108f5​d1a1cc6\System.Management.ni.d​ll
 MOD - [2012/05/12 10:59:29 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\PresentationF​ramewo#\8e56489276063ededde74e​597a121df3\PresentationFramewo​rk.Aero.ni.dll
 MOD - [2012/05/12 10:59:05 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Runtim​e.Remo#\03dee80574f4ec770b6f77​ca030ded6c\System.Runtime.Remo​ting.ni.dll
 MOD - [2012/05/12 10:59:02 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Data\f​3814b488d9e083cbbc623e01b389f0​9\System.Data.ni.dll
 MOD - [2012/05/12 10:58:48 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\PresentationF​ramewo#\07f019692c382d588d3c6c​b2da2a9ec5\PresentationFramewo​rk.ni.dll
 MOD - [2012/05/12 10:58:29 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Window​s.Forms\90555968565afd59bce4b0​974e9903bd\System.Windows.Form​s.ni.dll
 MOD - [2012/05/12 10:58:18 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Drawin​g\69f6e582cb79f107c61308b468c1​a215\System.Drawing.ni.dll
 MOD - [2012/05/12 10:58:14 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\UIAutomationT​ypes\d8af9a65cf0ed85d47360796e​2645a06\UIAutomationTypes.ni.d​ll
 MOD - [2012/05/12 10:58:11 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\PresentationC​ore\2d1fd350e9bc62ce659e5cbcfd​555796\PresentationCore.ni.dll​
 MOD - [2012/05/12 10:57:57 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\WindowsBase\4​6fce56db7685a586d3eeb7c373e3c1​c\WindowsBase.ni.dll
 MOD - [2012/05/12 10:57:50 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Xml\ba​3d70b651454c7d49b407b93663bfed​\System.Xml.ni.dll
 MOD - [2012/05/12 10:57:45 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System.Config​uration\cfa9c506bfb9254c89dace​7b83bc9f9d\System.Configuratio​n.ni.dll
 MOD - [2012/05/12 10:57:44 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\System\ce9ff6​baf9053ed2ed673d948179195c\Sys​tem.ni.dll
 MOD - [2012/05/12 10:57:35 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImag​es_v2.0.50727_32\mscorlib\acfc​1391e45fedd2a359778ea57d914c\m​scorlib.ni.dll
 MOD - [2010/11/13 02:54:34 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\m​scorlib.resources\2.0.0.0_fr_b​77a5c561934e089\mscorlib.resou​rces.dll
 MOD - [2010/11/05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\Sys​tem.Data\2.0.0.0__b77a5c561934​e089\System.Data.dll
 MOD - [2009/11/06 09:53:26 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\P​resentationFramework.resources​\3.0.0.0_fr_31bf3856ad364e35\P​resentationFramework.resources​.dll
 MOD - [2009/10/05 23:08:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSma​rt\Media\Kernel\CLML\CLMediaLi​brary.dll
 MOD - [2009/09/29 16:25:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAle​rtsPillar.dll
 MOD - [2009/09/29 16:25:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibr​ary.dll
 MOD - [2009/09/29 16:25:38 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
 MOD - [2009/09/29 16:25:38 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
 MOD - [2009/09/29 16:25:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
 MOD - [2009/09/29 16:25:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll​
 MOD - [2009/09/29 16:25:28 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
 MOD - [2009/09/29 16:25:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.En​terpriseLibrary.ExceptionHandl​ing.Logging.dll
 MOD - [2009/08/20 12:35:48 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
 MOD - [2009/08/20 12:35:46 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
 MOD - [2009/08/20 12:35:46 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imag​eformats\qjpeg4.dll


 ========== Win32 Services (SafeList) ==========

 SRV:64bit: - [2009/08/05 06:44:56 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.​exe -- (AMD External Events Utility)
 SRV:64bit: - [2009/07/22 03:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverSto​re\FileRepository\stwrt64.inf_​amd64_neutral_ccf0dd3cb081af84​\stacsv64.exe -- (STacSV)
 SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
 SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice​.exe -- (hpsrv)
 SRV:64bit: - [2009/03/02 23:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverSto​re\FileRepository\stwrt64.inf_​amd64_neutral_ccf0dd3cb081af84​\AESTSr64.exe -- (AESTFilters)
 SRV - [2012/05/12 10:56:44 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe​ -- (MozillaMaintenance)
 SRV - [2012/05/05 13:17:20 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\F​lash\FlashPlayerUpdateService.​exe -- (AdobeFlashPlayerUpdateSvc)
 SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.36​1.0\SeaPort.EXE -- (BBUpdate)
 SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.36​1.0\BBSvc.EXE -- (BBSvc)
 SRV - [2011/08/30 20:50:34 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
 SRV - [2011/04/27 21:05:54 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
 SRV - [2010/10/12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
 SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Frame​work\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_3​2)
 SRV - [2009/07/22 03:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStor​e\FileRepository\stwrt64.inf_a​md64_neutral_ccf0dd3cb081af84\​STacSV64.exe -- (STacSV)
 SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_3​2)
 SRV - [2009/03/02 23:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStor​e\FileRepository\stwrt64.inf_a​md64_neutral_ccf0dd3cb081af84\​AESTSr64.exe -- (AESTFilters)
 SRV - [2009/02/22 13:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll​ -- (ezSharedSvc)


 ========== Driver Services (SafeList) ==========

 DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\f​s_rec.sys -- (Fs_Rec)
 DRV:64bit: - [2011/08/30 20:50:35 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\a​vipbb.sys -- (avipbb)
 DRV:64bit: - [2011/08/30 20:50:35 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\a​vgntflt.sys -- (avgntflt)
 DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\a​mdsata.sys -- (amdsata)
 DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\a​mdxata.sys -- (amdxata)
 DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\H​pSAMD.sys -- (HpSAMD)
 DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\T​sUsbFlt.sys -- (TsUsbFlt)
 DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s​dbus.sys -- (sdbus)
 DRV:64bit: - [2009/12/07 20:53:26 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e​wusbmdm.sys -- (hwdatacard)
 DRV:64bit: - [2009/12/07 20:36:48 | 000,246,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e​wusbnet.sys -- (ewusbnet)
 DRV:64bit: - [2009/10/12 16:23:22 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e​wusbdev.sys -- (hwusbdev)
 DRV:64bit: - [2009/09/21 19:47:14 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\a​thrx.sys -- (athr)
 DRV:64bit: - [2009/08/05 07:23:00 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\a​tikmdag.sys -- (atikmdag)
 DRV:64bit: - [2009/07/24 09:49:00 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\A​tiHdmi.sys -- (AtiHdmiService)
 DRV:64bit: - [2009/07/22 03:33:32 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\s​twrt64.sys -- (STHDA)
 DRV:64bit: - [2009/07/15 01:16:34 | 000,273,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\S​ynTP.sys -- (SynTP)
 DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\a​mdsbs.sys -- (amdsbs)
 DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\l​si_sas2.sys -- (LSI_SAS2)
 DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\s​texstor.sys -- (stexstor)
 DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\h​pdskflt.sys -- (hpdskflt)
 DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\A​ccelerometer.sys -- (Accelerometer)
 DRV:64bit: - [2009/06/29 20:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e​necir.sys -- (enecir)
 DRV:64bit: - [2009/06/24 21:00:18 | 000,216,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\R​tsUStor.sys -- (RSUSBSTOR)
 DRV:64bit: - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V​STDPV6.SYS -- (SrvHsfV92)
 DRV:64bit: - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V​STCNXT6.SYS -- (SrvHsfWinac)
 DRV:64bit: - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V​STAZL6.SYS -- (SrvHsfHDA)
 DRV:64bit: - [2009/06/10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a​grsm64.sys -- (AgereSoftModem)
 DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\i​gdkmd64.sys -- (igfx)
 DRV:64bit: - [2009/06/10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\y​k62x64.sys -- (yukonw7)
 DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\n​etw5v64.sys -- (netw5v64) Intel(R)
 DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e​vbda.sys -- (ebdrv)
 DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b​xvbda.sys -- (b06bdrv)
 DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b​57nd60a.sys -- (b57nd60a)
 DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\h​cw85cir.sys -- (hcw85cir)
 DRV:64bit: - [2009/05/23 08:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\R​t64win7.sys -- (RTL8167)
 DRV:64bit: - [2009/05/05 07:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\A​tiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
 DRV:64bit: - [2009/04/29 09:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\H​pqKbFiltr.sys -- (HpqKbFiltr)
 DRV:64bit: - [2009/03/09 06:49:08 | 000,036,408 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\u​sbfilter.sys -- (usbfilter)
 DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\R​imUsb_AMD64.sys -- (RimUsb)
 DRV:64bit: - [2007/02/07 17:51:18 | 000,169,496 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a​diusbawx64.sys -- (adiusbaw)
 DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wi​mmount.sys -- (WIMMount)


 ========== Standard Registry (SafeList) ==========


 ========== Internet Explorer ==========

 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
 IE:64bit: - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/3
 IE:64bit: - HKLM\..\SearchScopes,DefaultSc​ope = {B8926058-6119-4D03-B3D4-E2D84​0D598B8}
 IE:64bit: - HKLM\..\SearchScopes\{B8926058​-6119-4D03-B3D4-E2D840D598B8}:​ "URL" = http://www.bing.com/search?q={ [...] -SearchBox
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/3
 IE - HKLM\..\SearchScopes,DefaultSc​ope = {B8926058-6119-4D03-B3D4-E2D84​0D598B8}
 IE - HKLM\..\SearchScopes\{B8926058​-6119-4D03-B3D4-E2D840D598B8}:​ "URL" = http://www.bing.com/search?q={ [...] -SearchBox


 IE - HKU\.DEFAULT\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0

 IE - HKU\S-1-5-18\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0



 IE - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
 IE - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?aff [...] &(...)
 IE - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000\..\Search​Scopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C​0A66CC9}
 IE - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000\..\Search​Scopes\{0ECDF796-C2DC-4d79-A62​0-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={ [...] 7bcb572579
 IE - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000\..\Search​Scopes\{B8926058-6119-4D03-B3D​4-E2D840D598B8}: "URL" = http://www.bing.com/search?q={ [...] -SearchBox
 IE - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000\Software\​Microsoft\Windows\CurrentVersi​on\Internet Settings: "ProxyEnable" = 0

 ========== FireFox ==========

 FF - prefs.js..browser.search.defau​ltenginename: ""
 FF - prefs.js..browser.search.order​.1: ""
 FF - prefs.js..browser.search.selec​tedEngine: "Search the web (Babylon)"
 FF - prefs.js..browser.startup.home​page: "http://search.babylon.com/?affID=111252&tt=100512_4_&babsrc=HP_ss&mntrId=ca7e671c000000000000f07bcb572579"
 FF - prefs.js..keyword.URL: "http://search.babylon.com/?af​fID=111252&tt=100512_4_&babsrc​=KW_ss&mntrId=ca7e671c00000000​0000f07bcb572579&q="
 FF - prefs.js..network.proxy.type: 0


 FF:64bit: - HKLM\Software\MozillaPlugins\@​adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
 FF:64bit: - HKLM\Software\MozillaPlugins\@​java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin​\npjp2.dll (Sun Microsystems, Inc.)
 FF:64bit: - HKLM\Software\MozillaPlugins\@​microsoft.com/GENUINE: disabled File not found
 FF - HKLM\Software\MozillaPlugins\@​adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
 FF - HKLM\Software\MozillaPlugins\@​adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\np​jp2.dll (Sun Microsystems, Inc.)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/GENUINE: disabled File not found
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WLPG,version=15.​4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​microsoft.com/WLPG,version=15.​4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 FF - HKLM\Software\MozillaPlugins\@​WildTangent.com/GamesAppPresen​ceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\R​egistered\2\NP_wtapp.dll ()
 FF - HKLM\Software\MozillaPlugins\A​dobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=3: C:\Users\Utilisateur\AppData\L​ocal\Google\Update\1.3.21.111\​npGoogleUpdate3.dll (Google Inc.)
 FF - HKCU\Software\MozillaPlugins\@​tools.google.com/Google Update;version=9: C:\Users\Utilisateur\AppData\L​ocal\Google\Update\1.3.21.111\​npGoogleUpdate3.dll (Google Inc.)

 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/12 10:56:44 | 000,000,000 | ---D | M]
 FF - HKEY_LOCAL_MACHINE\software\mo​zilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 [2011/06/03 13:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\R​oaming\mozilla\Extensions
 [2012/05/17 22:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\R​oaming\mozilla\Firefox\Profile​s\b2wunc33.default\extensions
 [2012/04/23 21:10:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
 [2012/01/08 22:42:40 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\UTILISATEUR\APPDATA\R​OAMING\MOZILLA\FIREFOX\PROFILE​S\B2WUNC33.DEFAULT\EXTENSIONS\​{D10D0BF8-F5B5-C8B4-A8B2-2B987​9E08C5D}.XPI
 [2012/05/12 10:56:44 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomp​s.dll
 [2012/03/10 20:58:19 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-f​rance.xml
 [2012/05/17 22:51:29 | 000,002,352 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.​xml
 [2012/03/10 20:58:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml​
 [2012/03/10 20:58:19 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tl​fi-fr.xml
 [2012/03/10 20:58:19 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-fra​nce.xml
 [2012/03/10 20:58:19 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedi​a-fr.xml
 [2012/03/10 20:58:19 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-fr​ance.xml

 ========== Chrome ==========

 CHR - default_search_provider: Search the web (Babylon) (Enabled)
 CHR - default_search_provider: search_url = http://search.babylon.com/?q={ [...] src=SP_crm
 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?​{google:searchFieldtrialParame​ter}{google:instantFieldTrialG​roupParameter}client=chrome&hl​={language}&q={searchTerms}
 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
 CHR - plugin: Native Client (Enabled) = C:\Users\Utilisateur\AppData\L​ocal\Google\Chrome\Application​\18.0.1025.168\ppGoogleNaClPlu​ginChrome.dll
 CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Utilisateur\AppData\L​ocal\Google\Chrome\Application​\18.0.1025.168\pdf.dll
 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Utilisateur\AppData\L​ocal\Google\Chrome\Application​\18.0.1025.168\gcswf32.dll
 CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Utilisateur\AppData\L​ocal\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
 CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\F​lash\NPSWF32_11_2_202_235.dll
 CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll​
 CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\np​jp2.dll
 CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\R​egistered\2\NP_wtapp.dll
 CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
 CHR - plugin: Google Update (Enabled) = C:\Users\Utilisateur\AppData\L​ocal\Google\Update\1.3.21.111\​npGoogleUpdate3.dll
 CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Dire​ctor\np32dsw.dll
 CHR - Extension: YouTube = C:\Users\Utilisateur\AppData\L​ocal\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
 CHR - Extension: Recherche Google = C:\Users\Utilisateur\AppData\L​ocal\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
 CHR - Extension: Click 2 Save = C:\Users\Utilisateur\AppData\L​ocal\Google\Chrome\User Data\Default\Extensions\kbnfohcpbgdedlpkmdcgekonacnnkmnc\1.1_0\
 CHR - Extension: Gmail = C:\Users\Utilisateur\AppData\L​ocal\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 O1 HOSTS File: ([2012/05/17 23:39:46 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\e​tc\Hosts
 O1 - Hosts: 127.0.0.1 localhost
 O1 - Hosts: ::1 localhost
 O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF​1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
 O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2​f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.36​1.0\BingExt.dll (Microsoft Corporation.)
 O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa84​4297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.36​1.0\BingExt.dll (Microsoft Corporation.)
 O3 - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000\..\Toolba​r\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - No CLSID value found.
 O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
 O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
 O4 - HKLM..\Run: [] File not found
 O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
 O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
 O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\We​bcam\MUITransfer\MUIStartMenu.​exe (CyberLink Corp.)
 O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Stat​ic\CLIStart.exe (Advanced Micro Devices, Inc.)
 O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
 O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
 O4 - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.e​xe File not found
 O4 - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
 O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.e​xe File not found
 O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.e​xe File not found
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoActiveDesktop = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoActiveDesktopChanges = 1
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ConsentPromptBehaviorAdmin = 5
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Syst​em: ConsentPromptBehaviorUser = 3
 O1364bit: - gopher Prefix: missing
 O13 - gopher Prefix: missing
 O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_22)
 O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_22)
 O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Reg Error: Key error.)
 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805​F499D93} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_31)
 O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_31)
 O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDE​FFEDCBA} http://java.sun.com/update/1.6 [...] s-i586.cab (Java Plug-in 1.6.0_31)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters\Interfaces\{2A85D6​2F-FCFF-47F1-9DBD-0CAB855670E6​}: NameServer = 212.217.0.1 212.217.0.12
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters\Interfaces\{6FD619​17-FF1A-417F-A6AD-0E4630942874​}: DhcpNameServer = 192.168.30.1 0.0.0.0
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters\Interfaces\{B1DDBA​C6-5C91-4989-BB13-64A79EDEA092​}: DhcpNameServer = 192.168.1.1
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters\Interfaces\{FE315F​5A-52B5-452D-98F6-D452A922DF51​}: NameServer = 212.217.0.1 212.217.0.12
 O18:64bit: - Protocol\Handler\livecall - No CLSID value found
 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
 O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
 O18:64bit: - Protocol\Handler\msnim - No CLSID value found
 O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
 O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
 O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D​022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\​OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
 O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.​exe) - C:\Windows\SysNative\userinit.​exe (Microsoft Corporation)
 O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.e​xe) - C:\Windows\SysNative\SystemPro​pertiesPerformance.exe (Microsoft Corporation)
 O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.e​xe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.e​xe (Microsoft Corporation)
 O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
 O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA0​05127ED} - No CLSID value found.
 O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA0​05127ED} - No CLSID value found.
 O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389E​A579090} - C:\Windows\SysWOW64\ezUPBHook.​dll (EasyBits Software Corp.)
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2008/12/05 20:41:03 | 000,000,088 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
 O33 - MountPoints2\{13d01698-2659-11​e0-bbac-c80aa945b475}\Shell - "" = AutoRun
 O33 - MountPoints2\{13d01698-2659-11​e0-bbac-c80aa945b475}\Shell\Au​toRun\command - "" = G:\AutoRun.exe
 O33 - MountPoints2\{13d016a8-2659-11​e0-bbac-c80aa945b475}\Shell - "" = AutoRun
 O33 - MountPoints2\{13d016a8-2659-11​e0-bbac-c80aa945b475}\Shell\Au​toRun\command - "" = G:\AutoRun.exe
 O33 - MountPoints2\{e0c97ebb-52d7-11​df-b4aa-806e6f6e6963}\Shell - "" = AutoRun
 O33 - MountPoints2\{e0c97ebb-52d7-11​df-b4aa-806e6f6e6963}\Shell\Au​toRun\command - "" = F:\Setup\Autorun.exe -- [2009/03/13 17:36:11 | 001,744,896 | R--- | M] ()
 O33 - MountPoints2\{e8196332-2722-11​e0-8dcf-c80aa945b475}\Shell - "" = AutoRun
 O33 - MountPoints2\{e8196332-2722-11​e0-8dcf-c80aa945b475}\Shell\Au​toRun\command - "" = G:\AutoRun.exe
 O34 - HKLM BootExecute: (autocheck autochk *)
 O35:64bit: - HKLM\..comfile [open] -- "%1" %*
 O35:64bit: - HKLM\..exefile [open] -- "%1" %*
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
 O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
 O37 - HKLM\...com [@ = comfile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDl​lInitialization,3)
 O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDll​Initialization,2)
 O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 ========== Files/Folders - Created Within 1 Day ==========

 [2012/05/17 23:38:20 | 000,000,000 | ---D | C] -- C:\_OTL
 [2012/05/17 23:09:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
 [2012/05/17 23:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\{A8DA1505-E615-​42BB-BB77-74D5CC91FE7E}

 ========== Files - Modified Within 1 Day ==========

 [2012/05/17 23:57:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-3736371925-238​6739784-3306869782-1000UA.job
 [2012/05/17 23:48:14 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-​376B-497e-B012-9C450E1B7327-5P​-1.C7483456-A289-439d-8115-601​632D005A0
 [2012/05/17 23:48:14 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-​376B-497e-B012-9C450E1B7327-5P​-0.C7483456-A289-439d-8115-601​632D005A0
 [2012/05/17 23:45:34 | 001,549,936 | ---- | M] () -- C:\Windows\SysNative\PerfStrin​gBackup.INI
 [2012/05/17 23:45:34 | 000,704,714 | ---- | M] () -- C:\Windows\SysNative\perfh00C.​dat
 [2012/05/17 23:45:34 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.​dat
 [2012/05/17 23:45:34 | 000,130,988 | ---- | M] () -- C:\Windows\SysNative\perfc00C.​dat
 [2012/05/17 23:45:34 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.​dat
 [2012/05/17 23:40:59 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeSchedule​ForUtilisateur.job
 [2012/05/17 23:40:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
 [2012/05/17 23:40:31 | 3016,904,704 | -HS- | M] () -- C:\hiberfil.sys
 [2012/05/17 23:39:46 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\e​tc\Hosts
 [2012/05/17 23:17:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
 [2012/05/17 21:10:14 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateT​askUserS-1-5-21-3736371925-238​6739784-3306869782-1000Core.jo​b

 ========== Files Created - No Company Name ==========

 [2011/04/03 23:55:43 | 001,314,064 | ---- | C] () -- C:\Users\Utilisateur\AppData\L​ocal\tmpIMG_1555.JPG
 [2011/04/03 23:55:42 | 002,866,892 | ---- | C] () -- C:\Users\Utilisateur\AppData\L​ocal\tmpIMG_1555.0
 [2011/01/23 23:19:23 | 000,143,360 | ---- | C] () -- C:\Windows\autoclk.exe
 [2011/01/23 20:50:22 | 000,000,046 | ---- | C] () -- C:\Windows\adiras.ini
 [2011/01/23 20:50:20 | 000,126,976 | ---- | C] () -- C:\Windows\SysWow64\coclassfas​t.dll
 [2011/01/17 14:44:44 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.da​t

 < End of report >


 Merci beaucoup par avance,

 Romain

n°578013
did80
Profil : Equipe sécurité
Posté le 19-05-2012 à 22:19:01  answer
Prévenir les modérateurs en cas d'abus
 

:hello:

 Relance OTL par un double-clic

 vérifie que la case "Rapport minimal" soit bien cochée.

 Copie et colle le contenu de cette citation (en bleu ) dans la fenêtre "Personnalisation:otl
 
 IE:64bit: - HKLM\..\SearchScopes,DefaultSc​ope = {B8926058-6119-4D03-B3D4-E2D84​0D598B8}
 IE:64bit: - HKLM\..\SearchScopes\{B8926058​-6119-4D03-B3D4-E2D840D598B8}:​ "URL" = http://www.bing.com/search?q={ [...] -SearchBox
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 IE - HKLM\..\SearchScopes,DefaultSc​ope = {B8926058-6119-4D03-B3D4-E2D84​0D598B8}
 IE - HKLM\..\SearchScopes\{B8926058​-6119-4D03-B3D4-E2D840D598B8}:​ "URL" = http://www.bing.com/search?q={ [...] -SearchBox

 IE - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000\SOFTWARE\​Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?aff [...] (...)(...)

 IE - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000\..\Search​Scopes\{0ECDF796-C2DC-4d79-A62​0-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={ [...] 7bcb572579
 FF - prefs.js..browser.search.selec​tedEngine: "Search the web (Babylon)"
 FF - prefs.js..browser.startup.home​page: "http://search.babylon.com/?affID=111252&tt=100512_4_&babsrc=HP_ss&mntrId=ca7e671c000000000000f07bcb572579"
 FF - prefs.js..keyword.URL: "http://search.babylon.com/?af​fID=111252&tt=100512_4_&babsrc​=KW_ss&mntrId=ca7e671c00000000​0000f07bcb572579&q="
 CHR - default_search_provider: Search the web (Babylon) (Enabled)
 CHR - default_search_provider: search_url = http://search.babylon.com/?q={ [...] src=SP_crm
 O3 - HKU\S-1-5-21-3736371925-238673​9784-3306869782-1000\..\Toolba​r\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - No CLSID value found.

 :Commands
 [emptytemp]
 [emptyflash]
 [reboot]
 


 Clique sur le bouton "Correction".

 Ne touche plus au PC avant son redémarrage en mode normal.
 A l'ouverture du PC un rapport va s'ouvrir --> 04212011_xxxxxx.log ... Si ce n'est le cas tu le retrouveras sous le même nom sur le Bureau ou alors dans son dossier --> C:\_OTL
 Copie et colle ici en réponse le contenu de ce rapport.
 ;)

 ps avoir infection usb


---------------
l'urgent est fait , l'impossible est en cours
pour les miracles prévoir des délais
n°578014
did80
Profil : Equipe sécurité
Posté le 19-05-2012 à 22:51:31  answer
Prévenir les modérateurs en cas d'abus
 

au fait

 http://forum.telecharger.01net [...] ges-1.html

 bonne continuation,


---------------
l'urgent est fait , l'impossible est en cours
pour les miracles prévoir des délais
 Page :
1

Aller à :
Ajouter une réponse
  01net

  FORUM high-tech

  SECURITE

  Infections

  Comment se débarrasser de Babylon isearch

 

Sujets relatifs
Plus de sujets relatifs à : Comment se débarrasser de Babylon isearch

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
service windows bloqués 1 19-05-2012 à 16:14:17
internet se lance tout seul pour les site de pub non sollicite(résolu) 3 30-04-2012 à 20:39:08
Fichier " svchost.exe " 1 19-05-2012 à 15:59:51
Babylon Search et cie RÉSOLU 13 16-05-2012 à 10:13:26
Pub intempestive 5 13-05-2012 à 20:46:25

Newsletter 01net.Forum et astuces