1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Webhp virus, google redirect, and stop my antivirus.

Discussion in 'Virus & Other Malware Removal' started by Pourliver, Sep 8, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. Pourliver

    Pourliver Thread Starter

    Joined:
    Jul 11, 2012
    Messages:
    11
    Hi guys !

    Recently ( Last week ) I found that sometimes my Google search got redirected. It was sending me to : www.google.ca/webhp or something like that. Sometimes, I have strange popups which close automatically because of Ad-block, and something really strange happened too, there was a popup, and the Web address was actually an ip, whit a blank screen. After making a quick search, I found that it was a virus, and I wasn't able to remove it. Now, the 3/4th of my search are redirected, I'm getting alert that a Virus tried to update Firefox, it's happening almost twice a day.

    I think that maybe someone is connected to my computer. Internet gets slower, and looks like someone is downloading on my computer, as a background downloading.

    Here are the files. Have a nice day, and thank you !

    EDIT : My antivirus is disabled, because a virus disabled it. I think it's the same thing for the firewall.



    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 15:57:41, on 08/09/2012
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16447)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Users\Administrateur\Local Settings\Apps\F.lux\flux.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
    C:\Users\Administrateur\Desktop\HijackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=11...HP_ss&mntrId=7496dc0b0000000000001c6f6575a6e4
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\prxtbSof0.dll (file missing)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Softonic_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\prxtbSof0.dll (file missing)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\prxtbSof0.dll (file missing)
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
    O4 - HKCU\..\Run: [F.lux] "C:\Users\Administrateur\Local Settings\Apps\F.lux\flux.exe" /noshow
    O4 - HKUS\S-1-5-21-3197330394-2753671593-1607463747-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-3197330394-2753671593-1607463747-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: *.line6.net
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
    O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Mappage de découverte de topologie de la couche de liaison (lltdsvc32) - Unknown owner - c:\windows\system32\migisol32.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files (x86)\ma-config.com\maconfservice.exe
    O23 - Service: metasploitPostgreSQL - Unknown owner - C:/METASP~1/POSTGR~1/bin/pg_ctl.exe (file missing)
    O23 - Service: Metasploit Pro Service (metasploitProSvc) - Unknown owner - C:\METASP~1\ruby\bin\rubyw.exe (file missing)
    O23 - Service: Metasploit Thin Service (metasploitThin) - Unknown owner - C:\METASP~1\ruby\bin\rubyw.exe (file missing)
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Groupement de mise en réseau de pairs (p2psvc32) - Unknown owner - c:\windows\system32\iscsium32.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Planificateur de tâches (Schedule32) - Unknown owner - c:\windows\system32\dhcpcsvc632.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Détection matériel noyau (ShellHWDetection32) - Unknown owner - c:\windows\system32\tapimigplugin32.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Découverte SSDP (SSDPSRV3232) - Unknown owner - c:\windows\system32\msxml332.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Téléphonie (TapiSrv32) - Unknown owner - c:\windows\system32\kbdsmsno32.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Gestionnaire d’informations d’identification (VaultSvc32) - Unknown owner - c:\windows\system32\kbdno132.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: xsherlock - Wellbia.com Co., Ltd. - C:\Windows\system32\xsherlock.xem

    --
    End of file - 24060 bytes




    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2
    Run by Administrateur at 15:58:16 on 2012-09-08
    Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.8190.6219 [GMT -4:00]
    .
    AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Sandboxie\SbieSvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    C:\Windows\SysWOW64\IoctlSvc.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Logitech\SetPointP\SetPoint.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Users\Administrateur\Local Settings\Apps\F.lux\flux.exe
    C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
    C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Logitech\SetPointG\SetPointII.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Program Files\NVIDIA Corporation\Display\NvTray.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
    "C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.babylon.com/?affID=110195&tt=060612_8_&babsrc=HP_ss&mntrId=7496dc0b0000000000001c6f6575a6e4
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: Softonic_France Toolbar: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\prxtbSof0.dll
    mURLSearchHooks: Softonic_France Toolbar: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\prxtbSof0.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Softonic_France Toolbar: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\prxtbSof0.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Programme d'aide de l'Assistant de connexion Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Softonic_France Toolbar: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\prxtbSof0.dll
    TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
    uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
    uRun: [F.lux] "C:\Users\Administrateur\Local Settings\Apps\F.lux\flux.exe" /noshow
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: SoftwareSASGeneration = 3 (0x3)
    IE: E&xporter vers Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
    LSP: mswsock.dll
    Trusted Zone: line6.net
    DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{FA0DC836-6AF4-42F2-8AC2-ADBA26CAB309} : DhcpNameServer = 192.168.0.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
    {4daac69c-cba7-45e2-9bc8-1044483d3352}
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    {9030D464-4C02-4ABF-8ECC-5164760863C6}
    {DBC80044-A445-435b-BC74-9C25C1C588A9}
    {4daac69c-cba7-45e2-9bc8-1044483d3352}
    TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\yzj4pdhw.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=110195&tt=060612_8_&babsrc=KW_ss&mntrId=7496dc0b0000000000001c6f6575a6e4&q=
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
    FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
    FF - plugin: C:\Program Files (x86)\ma-config.com\nphardwaredetection.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll
    FF - plugin: C:\ProgramData\id Software\QuakeLive\npquakezero.dll
    FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110195&tt=060612_8_
    FF - user.js: extensions.BabylonToolbar_i.babExt -
    FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
    FF - user.js: extensions.BabylonToolbar_i.id - 7496dc0b0000000000001c6f6575a6e4
    FF - user.js: extensions.BabylonToolbar_i.hardId - 7496dc0b0000000000001c6f6575a6e4
    FF - user.js: extensions.BabylonToolbar_i.instlDay - 15505
    FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1714:54:48
    FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
    FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
    FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
    FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
    FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
    FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
    R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Program Files\HWiNFO64\HWiNFO64A.SYS [2012-7-11 30592]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
    R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-8-29 2369960]
    R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-6-16 8704]
    R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-7-17 4948992]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-3-13 1258856]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-8 382312]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-11-23 158336]
    R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\system32\drivers\ScreamingBAudio64.sys --> C:\Windows\system32\drivers\ScreamingBAudio64.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Service Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-7 136176]
    S2 lltdsvc32;Mappage de découverte de topologie de la couche de liaison ;c:\windows\system32\migisol32.exe --> c:\windows\system32\migisol32.exe [?]
    S2 metasploitPostgreSQL;metasploitPostgreSQL;C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N "metasploitPostgreSQL" -D "C:/METASP~1/POSTGR~1/data" --> C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N metasploitPostgreSQL [?]
    S2 metasploitProSvc;Metasploit Pro Service;C:\METASP~1\ruby\bin\rubyw.exe -C "C:\METASP~1\apps\pro\engine" prosvc_service.rb -E production --> C:\METASP~1\ruby\bin\rubyw.exe -C C:\METASP~1\apps\pro\engine [?]
    S2 metasploitThin;Metasploit Thin Service;C:\METASP~1\ruby\bin\rubyw.exe -C "C:\METASP~1\apps\pro\ui" thin_service.rb --> C:\METASP~1\ruby\bin\rubyw.exe -C C:\METASP~1\apps\pro\ui [?]
    S2 p2psvc32;Groupement de mise en réseau de pairs ;c:\windows\system32\iscsium32.exe --> c:\windows\system32\iscsium32.exe [?]
    S2 Schedule32;Planificateur de tâches ;c:\windows\system32\dhcpcsvc632.exe --> c:\windows\system32\dhcpcsvc632.exe [?]
    S2 ShellHWDetection32;Détection matériel noyau ;c:\windows\system32\tapimigplugin32.exe --> c:\windows\system32\tapimigplugin32.exe [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
    S2 SSDPSRV3232;Découverte SSDP ;c:\windows\system32\msxml332.exe --> c:\windows\system32\msxml332.exe [?]
    S2 TapiSrv32;Téléphonie ;c:\windows\system32\kbdsmsno32.exe --> c:\windows\system32\kbdsmsno32.exe [?]
    S2 VaultSvc32;Gestionnaire d’informations d’identification ;c:\windows\system32\kbdno132.exe --> c:\windows\system32\kbdno132.exe [?]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-4 250568]
    S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
    S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
    S3 driverhardwarev2x64;driverhardwarev2x64;C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-8-30 15872]
    S3 gupdatem;Service Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-7 136176]
    S3 maconfservice;Ma-Config Service;C:\Program Files (x86)\ma-config.com\maconfservice.exe [2011-4-12 311744]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120]
    S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    S3 NisSrv;Inspection du réseau Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
    S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [2012-7-29 14544]
    S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem [2011-11-18 670224]
    .
    =============== File Associations ===============
    .
    .txt=Notepad++_file
    .
    =============== Created Last 30 ================
    .
    2012-09-08 14:25:18 -------- d-----w- C:\Users\Administrateur\AppData\Local\{15E2F6C5-649A-4547-86B8-8571C8DB79A8}
    2012-09-07 19:57:41 -------- d-----w- C:\Users\Administrateur\AppData\Local\{33C63880-F2EC-4EBD-8177-A7861D2F7CD9}
    2012-09-06 20:20:31 -------- d-----w- C:\Users\Administrateur\AppData\Local\{09F52604-7BD9-44C7-B5CE-9BD9339F62A8}
    2012-09-05 20:21:16 -------- d-----w- C:\Users\Administrateur\AppData\Local\{E7F94447-A011-4ECE-B0BE-15DCB9287DF2}
    2012-09-04 19:44:41 -------- d-----w- C:\Program Files (x86)\Guild Wars 2
    2012-09-03 23:22:13 -------- d-----w- C:\Users\Administrateur\AppData\Local\{EE48D007-EE12-4C7E-9325-4FBF516AA63D}
    2012-08-31 21:57:56 -------- d-----w- C:\Users\Administrateur\AppData\Local\{8C641561-0BC5-4B66-9E48-3D45120DE842}
    2012-08-30 13:28:37 -------- d-----w- C:\Users\Administrateur\AppData\Local\CrossLoop
    2012-08-30 13:27:18 -------- d-----w- C:\Users\Administrateur\AppData\Local\{AFD30723-FC26-4259-BC70-CB088DC4609B}
    2012-08-30 02:53:59 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
    2012-08-29 16:35:15 -------- d-----w- C:\Users\Administrateur\AppData\Local\{F02B574B-0957-4BE3-AD48-BD252EAA3E63}
    2012-08-29 16:34:39 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
    2012-08-28 18:44:21 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2012-08-28 18:44:12 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-08-28 17:14:41 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{714E8E3C-5D35-4522-8B6A-78E8E16B33F8}\mpengine.dll
    2012-08-28 17:04:38 -------- d-----w- C:\Users\Administrateur\AppData\Local\{92D9E210-EE15-406D-A1D4-9ACD38C359CD}
    2012-08-27 17:13:36 -------- d-----w- C:\Users\Administrateur\AppData\Local\{8C037009-738B-462E-AAF6-513E61A570F6}
    2012-08-27 03:45:22 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-08-26 16:20:24 -------- d-----w- C:\Users\Administrateur\AppData\Local\{10258661-5B1D-4343-A84D-4147BF165AAB}
    2012-08-26 03:16:11 -------- d-----w- C:\Users\Administrateur\AppData\Local\{734AE4D8-0F9B-46A8-9AC5-E5F9F1D7311D}
    2012-08-25 16:32:04 -------- d-----w- C:\Users\Administrateur\AppData\Local\{668BFE23-B22C-4FCD-85B7-0A12AF78F8D4}
    2012-08-24 17:49:10 -------- d-----w- C:\Users\Administrateur\AppData\Local\{6A181185-20C5-4239-8DD9-7832D0999E17}
    2012-08-23 16:01:18 -------- d-----w- C:\Users\Administrateur\AppData\Local\{E644EF21-3338-48F6-B516-D6EC34FA337C}
    2012-08-22 17:15:58 -------- d-----w- C:\Users\Administrateur\AppData\Local\{2DB9FE6C-B8B9-43BF-B3EB-8FD864207FAC}
    2012-08-22 03:28:57 -------- d-----w- C:\Users\Administrateur\AppData\Local\{31629F35-75B6-43B4-B755-14C86F90EFA9}
    2012-08-21 15:28:32 -------- d-----w- C:\Users\Administrateur\AppData\Local\{BAA6753B-2876-4600-984C-D270D07B9328}
    2012-08-20 15:55:33 -------- d-----w- C:\Users\Administrateur\AppData\Local\{FE9555CD-9546-40CD-9DFA-970B95A356AB}
    2012-08-20 00:46:14 -------- d-----w- C:\Users\Administrateur\AppData\Local\{8292B5A3-293C-471C-8BFC-EDA10633655C}
    2012-08-17 16:35:14 -------- d-----w- C:\Users\Administrateur\AppData\Local\{EE3F2D58-7E6C-4504-A7EB-604FA8744947}
    2012-08-17 16:34:53 -------- d-----w- C:\Users\Administrateur\AppData\Local\{A22F49E3-7801-4330-B7D1-F40C5EE8BC66}
    2012-08-16 16:03:57 -------- d-----w- C:\Users\Administrateur\AppData\Local\{9F708FB4-D9C2-45F9-9B35-D75690A96309}
    2012-08-16 16:03:46 -------- d-----w- C:\Users\Administrateur\AppData\Local\{4FD42350-9053-4EC4-BA5A-5A00072E81E8}
    2012-08-15 16:24:25 -------- d-----w- C:\Users\Administrateur\AppData\Local\{E1545319-ADA4-497B-960E-C867D9C83850}
    2012-08-15 16:23:49 -------- d-----w- C:\Users\Administrateur\AppData\Local\{6CF2AB6A-050F-42F4-AEFD-B38BEF90819B}
    2012-08-14 18:12:46 -------- d-----w- C:\ProgramData\Hagel Technologies
    2012-08-14 16:26:45 -------- d-----w- C:\Users\Administrateur\AppData\Local\{6EF18779-3222-435C-875D-20DBCAEC16BA}
    2012-08-14 16:26:33 -------- d-----w- C:\Users\Administrateur\AppData\Local\{42687013-DCE1-4C58-8090-A6E7031AF363}
    2012-08-13 18:02:28 -------- d-----w- C:\Users\Administrateur\AppData\Local\{541E89AE-3944-45CF-BC15-80295BBF50F3}
    2012-08-13 18:02:16 -------- d-----w- C:\Users\Administrateur\AppData\Local\{33165AAB-8D45-4D94-B40B-97BC34E7389F}
    2012-08-12 20:00:44 -------- d-----w- C:\Users\Administrateur\AppData\Local\SplitMediaLabs
    2012-08-12 16:26:14 -------- d-----w- C:\Users\Administrateur\AppData\Local\{3F65FA0F-E658-420D-9592-D0A0F72D9E65}
    2012-08-12 16:26:03 -------- d-----w- C:\Users\Administrateur\AppData\Local\{0674A466-8CBD-497C-986F-F8E302B322A2}
    2012-08-11 16:54:31 -------- d-----w- C:\Users\Administrateur\AppData\Local\{26165FF4-F021-4356-A2FF-43B75EDF0013}
    2012-08-11 16:54:17 -------- d-----w- C:\Users\Administrateur\AppData\Local\{C5E57A67-AF7D-4570-B430-5EE5E1329D7E}
    2012-08-10 21:46:17 -------- d-----w- C:\Users\Administrateur\AppData\Local\{15265608-100A-4847-BD52-0503942F47F1}
    2012-08-10 21:46:01 -------- d-----w- C:\Users\Administrateur\AppData\Local\{4B99B3D9-5062-4F8E-A574-E4E1B87761A7}
    .
    ==================== Find3M ====================
    .
    2012-08-28 18:44:00 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-08-28 17:11:06 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-08-28 17:11:06 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-08-08 16:48:10 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
    2012-08-08 16:48:09 63336 ----a-w- C:\Windows\System32\nvshext.dll
    2012-08-08 16:48:09 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
    2012-08-08 16:48:09 118120 ----a-w- C:\Windows\System32\nvmctray.dll
    2012-08-08 16:47:52 3266408 ----a-w- C:\Windows\System32\nvsvc64.dll
    2012-08-08 16:47:48 6193000 ----a-w- C:\Windows\System32\nvcpl.dll
    2012-08-08 16:47:29 3485076 ----a-w- C:\Windows\System32\nvcoproc.bin
    2012-08-08 15:30:18 428904 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    2012-08-03 00:51:03 298016 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
    2012-08-03 00:47:41 298016 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
    2012-06-12 03:02:52 3147264 ----a-w- C:\Windows\System32\win32k.sys
    .
    ============= FINISH: 15:59:29,59 ===============






    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Édition Familiale Premium, 64 bit
    Processor: Intel(R) Celeron(R) CPU E3400 @ 2.60GHz, Intel64 Family 6 Model 23 Stepping 10
    Processor Count: 2
    RAM: 8190 Mb
    Graphics Card: NVIDIA GeForce GT 430, 1023 Mb
    Hard Drives: C: Total - 953766 MB, Free - 585560 MB;
    Motherboard: Gigabyte Technology Co., Ltd., G41MT-D3
    Antivirus: Microsoft Security Essentials, Disabled
     

    Attached Files:

  2. Pourliver

    Pourliver Thread Starter

    Joined:
    Jul 11, 2012
    Messages:
    11
    Something strange happened at the moment. Mozilla Firefox told me the an "unsure" program tried to make an update. I don't know if it's related with this, but I think it could be good to say it.
     
  3. Pourliver

    Pourliver Thread Starter

    Joined:
    Jul 11, 2012
    Messages:
    11
  4. Pourliver

    Pourliver Thread Starter

    Joined:
    Jul 11, 2012
    Messages:
    11
  5. Pourliver

    Pourliver Thread Starter

    Joined:
    Jul 11, 2012
    Messages:
    11
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1068208

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice