Ordinateur très lent. Freezes de jeu et Firefox...

[PieceOfCake]

Bonjour. J'ai découvert ce site par le biais de quelqu'un d'un autre forum. J'espère que vous pourrez m'aider mieux qu'eux.

 

J'ai donc depuis deux semaines de très gros problèmes de lenteurs avec mon ordinateur. Ils sont intermittents, mais quand ça arrive ça arrive bien.

Je vous explique.

 

Démarrage, rien de spécial. WLM se connecte, Avira se prépare à recevoir des autres virus... Mais alors dès qu'il faut démarrer un autre programme... C'est lent. Mozilla Firefox freeze toutes les 4 secondes pendant 10 secondes... Pour démarrer le bloc-notes il me faut environs 30 secondes à le démarrer...

 

Enfin c'est bien chiant quoi.

 

Donc, j'ai installé Ad-Aware, et j'ai trouvé un Malware: Virtumonde (je crois)

 

Je me dis 'Youpiiii, plus de problèmes!'

 

Et je me trompais... C'était resté plus ou moins la même chose.

 

Sachant que ni Ad-Aware ni Avira ne voit mon problème, que faire? Je vous le demande.

 

Je sais pas ce qui peut vous aider à avancer, donc si vous avez besoin de plus d'infos je les mettrai

 

Merci d'avance.

[christine33]

bonsoir.

 

je pense que demain tu auras les specialistes de la chose.

[PieceOfCake]

J'aurai besoin d'aide. Mon ordinateur est un outil très important pour ma vie quotidienne donc je ne peux pas continuer à l'utiliser dans ces conditions.

[Le sioux]

Bonjour Pieceofcake et bienvenue sur Zébulon.

 

* Afin de retrouver tes messages et d'etre prévenu par mail de mes réponses, regarde ici .

 

* Tu peux deja commencer par désinstaller Ad aware qui est inutile.

 

J'ai découvert ce site par le biais de quelqu'un d'un autre forum. J'espère que vous pourrez m'aider mieux qu'eux.

* Peux tu me donner le lien de ton début de désinfection sur l'autre forum dont tu parles stp.

 

Puis télécharge Random's System Information Tool (RSIT) de random/random et sauvegarde-le sur ton Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.(Si tu es sous Vista, fais un clic droit dessus et choisis « Exécuter en tant qu'administrateur»).
  
• Clique sur Continue à l'écran Disclaimer.
  
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
  

--> Poste le contenu de log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

 

Tuto : http://forum.pcastuces.com/randoms_system_...rsit-f31s31.htm.

Note : Les deux rapports sont également sauvegardés %systemroot%\rsit

 

@ suivre.

[PieceOfCake]

log.txt

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by User at 2009-09-19 16:42:11

Microsoft® Windows Vista™ Home Premium Service Pack 1

System drive C: has 34 GB (23%) free of 147 GB

Total RAM: 3069 MB (54% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:42:52, on 19/09/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18294)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Windows\system32\WTablet\Wacom_TabletUser.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Launch Manager\QtZgAcer.EXE

C:\Windows\PLFSetI.exe

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Users\User\AppData\Local\Temp\RtkBtMnt.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Windows\system32\WerCon.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Windows\system32\mdres.exe

C:\Program Files\Common Files\Teleca Shared\Generic.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Java\jre6\bin\jucheck.exe

C:\Program Files\Steam\Steam.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\DllHost.exe

C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe

C:\Users\User\Downloads\RSIT.exe

C:\Program Files\trend micro\User.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.cherche.us/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cherche.us/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DAEMON Tools Pro\DTProAgent.exe" -autorun

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/5.0_(Windows;_U;_Windows_NT_6.0;_fr;_rv:1.9.1.3)_Gecko/20090824_Firefox/3.5.3_(.NET_CLR_3.5.30729)" -"http://www.miniclip.com/games/spineworld/fr/"

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: SETAUDIO.EXE

O4 - Global Startup: SETRES.EXE

O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - Trusted Zone: *.chat-land.org

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{E8F8FDBE-1C9F-4AD7-8D97-8955B9F3FE99}: NameServer = 192.168.1.1,192.168.1.0

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - D:\MSGMS\SuperStoryOLOZ\npkcmsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Windows\system32\Wacom_Tablet.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 10553 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Ad-Aware Update (Weekly).job

C:\Windows\tasks\GlaryInitialize.job

C:\Windows\tasks\Google Software Updater.job

C:\Windows\tasks\uowwpbir.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-04-06 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-27 669168]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-06 34816]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2008-01-24 102400]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-11-22 178712]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-24 4702208]

"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-01-02 707080]

"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]

"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]

"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]

"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-10-10 69632]

"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-03 1848648]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-06 136600]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-05-30 292136]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-05-27 13781536]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]

"DAEMON Tools Pro Agent"=D:\DAEMON Tools Pro\DTProAgent.exe [2009-04-09 228808]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-21 39408]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-08-19 3885408]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"=C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe [2009-04-29 468408]

"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2009-02-03 240544]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

C:\Program Files\DNA\btdna.exe [2009-03-24 321344]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]

C:\Program Files\Electronic Arts\EADM\Core.exe [2009-04-29 3338240]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-08-19 3885408]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

C:\Program Files\Skype\Phone\Skype.exe [2008-08-12 21741864]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

c:\program files\steam\steam.exe [2009-06-21 1217784]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]

[]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

SETAUDIO.EXE

SETRES.EXE

 

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

"DisableTaskMgr"=0

"DisableChangePassword"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"EnableLUA"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

"HideFastUserSwitching"=0

"DisableTaskMgr"=1

"DisableRegistrytools"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoLogOff"=0

"NoClose"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

"D:\Bittorrent\bittorrent.exe"="D:\Bittorrent\bittorrent.exe:*:Enabled:BitTorrent"

"D:\Combat Arms EU\CombatArms.exe"="D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"

"D:\Combat Arms EU\Engine.exe"="D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"

"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

"D:\Free Music Zilla\FMZilla.exe"="D:\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8a9b1ef3-533f-11de-a9a9-e5861467162c}]

shell\AutoRun\command - G:\autorun.exe

 

 

======File associations======

 

.reg - open - "regedit.exe" "%1"

 

======List of files/folders created in the last 1 months======

 

2009-09-19 16:42:11 ----D---- C:\rsit

2009-09-19 16:42:11 ----D---- C:\Program Files\trend micro

2009-09-13 23:20:48 ----D---- C:\Program Files\Ipulp

2009-09-13 18:26:22 ----D---- C:\Users\User\AppData\Roaming\GlarySoft

2009-09-13 18:13:15 ----D---- C:\Program Files\Glary Utilities

2009-09-13 16:10:21 ----D---- C:\ProgramData\ma-config.com

2009-09-13 16:10:21 ----D---- C:\Program Files\ma-config.com

2009-09-13 15:27:07 ----D---- C:\HammerAutosave

2009-09-10 17:08:45 ----A---- C:\Windows\system32\netiohlp.dll

2009-09-10 17:08:44 ----A---- C:\Windows\system32\NETSTAT.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\TCPSVCS.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\ROUTE.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\MRINFO.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\HOSTNAME.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\finger.exe

2009-09-10 17:08:43 ----A---- C:\Windows\system32\ARP.EXE

2009-09-10 17:08:42 ----A---- C:\Windows\system32\netevent.dll

2009-09-10 17:08:17 ----A---- C:\Windows\system32\wlanmsm.dll

2009-09-10 17:08:17 ----A---- C:\Windows\system32\L2SecHC.dll

2009-09-10 17:08:16 ----A---- C:\Windows\system32\wlansec.dll

2009-09-10 17:08:15 ----A---- C:\Windows\system32\wlansvc.dll

2009-09-10 17:08:12 ----A---- C:\Windows\system32\WMVCORE.DLL

2009-09-10 17:08:11 ----A---- C:\Windows\system32\mf.dll

2009-09-10 17:07:54 ----A---- C:\Windows\system32\jscript.dll

2009-09-07 17:17:45 ----HDC---- C:\ProgramData\~0

2009-09-07 17:17:37 ----D---- C:\ProgramData\Lavasoft

2009-09-07 17:17:37 ----D---- C:\Program Files\Lavasoft

2009-09-03 13:37:13 ----A---- C:\Windows\system32\Apphlpdm.dll

2009-09-03 13:37:12 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

2009-08-30 17:46:05 ----D---- C:\ProgramData\id Software

2009-08-27 10:04:41 ----A---- C:\Windows\system32\tzres.dll

2009-08-23 17:11:33 ----D---- C:\Program Files\Stick Adventures Online

 

======List of files/folders modified in the last 1 months======

 

2009-09-19 16:42:23 ----D---- C:\Windows\Prefetch

2009-09-19 16:42:15 ----D---- C:\Windows\Temp

2009-09-19 16:42:11 ----RD---- C:\Program Files

2009-09-19 16:41:05 ----SHD---- C:\Windows\Installer

2009-09-19 16:41:05 ----SHD---- C:\Config.Msi

2009-09-19 16:41:05 ----HD---- C:\ProgramData

2009-09-19 16:40:56 ----DC---- C:\Windows\system32\DRVSTORE

2009-09-19 16:40:56 ----D---- C:\Windows\system32\drivers

2009-09-19 16:40:54 ----D---- C:\Windows\System32

2009-09-19 14:57:11 ----D---- C:\Windows\Tasks

2009-09-19 14:57:02 ----D---- C:\Program Files\Steam

2009-09-19 14:57:00 ----D---- C:\Program Files\Mozilla Firefox

2009-09-19 09:53:17 ----D---- C:\Windows\inf

2009-09-19 09:53:17 ----A---- C:\Windows\system32\PerfStringBackup.INI

2009-09-19 09:46:58 ----D---- C:\Users\User\AppData\Roaming\WTablet

2009-09-18 18:42:33 ----SHD---- C:\System Volume Information

2009-09-18 18:31:43 ----SD---- C:\Users\User\AppData\Roaming\Microsoft

2009-09-18 17:53:22 ----D---- C:\ProgramData\Google Updater

2009-09-17 17:42:31 ----D---- C:\Windows

2009-09-13 18:13:30 ----D---- C:\Windows\system32\Tasks

2009-09-13 15:55:11 ----D---- C:\Windows\system32\LogFiles

2009-09-13 14:33:03 ----RSD---- C:\Windows\Fonts

2009-09-12 18:16:38 ----D---- C:\Users\User\AppData\Roaming\BitTorrent

2009-09-11 19:03:25 ----D---- C:\Windows\rescache

2009-09-11 18:53:52 ----D---- C:\Windows\winsxs

2009-09-11 18:43:39 ----D---- C:\Windows\system32\catroot

2009-09-11 18:43:37 ----D---- C:\Windows\system32\catroot2

2009-09-11 17:14:11 ----D---- C:\Windows\system32\nl-NL

2009-09-11 17:14:10 ----D---- C:\Program Files\Windows Mail

2009-09-11 17:04:05 ----D---- C:\Windows\Debug

2009-09-11 17:03:16 ----D---- C:\Windows\ehome

2009-09-07 19:48:14 ----RSD---- C:\Windows\assembly

2009-09-07 19:40:24 ----HD---- C:\Program Files\InstallShield Installation Information

2009-09-05 17:47:12 ----D---- C:\Program Files\Common Files\Steam

2009-09-05 14:42:57 ----D---- C:\Windows\Minidump

2009-09-04 22:51:03 ----D---- C:\Windows\AppPatch

2009-09-04 18:06:39 ----D---- C:\Program Files\Launch Manager

2009-09-02 16:00:53 ----D---- C:\Users\User\AppData\Roaming\CoreFTP

2009-09-02 03:03:41 ----D---- C:\Windows\Microsoft.NET

2009-08-30 17:46:18 ----A---- C:\Windows\system32\PnkBstrB.exe

2009-08-30 17:46:06 ----A---- C:\Windows\system32\pbsvc.exe

2009-08-28 23:38:20 ----A---- C:\Windows\system32\mrt.exe

2009-08-24 12:20:14 ----A---- C:\Windows\BlendSettings.ini

2009-08-20 00:12:41 ----AD---- C:\ProgramData\TEMP

2009-08-20 00:12:30 ----D---- C:\Fraps

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-08-05 55656]

R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-01-24 12672]

R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]

R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-01-24 8704]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]

R3 CmBatt;Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-01-24 984064]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-01-24 208384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-24 1950552]

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]

R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-09-26 28816]

R3 NETw4v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-04-16 6144]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-05-27 9850240]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-24 192816]

R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-01-24 660480]

R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2008-01-24 43008]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

S3 awwtddfm;awwtddfm; C:\Windows\system32\drivers\awwtddfm.sys []

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-01 14336]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []

S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-04-06 25280]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NETw3v32;Stuurprogramma voor Intel® PRO/Wireless 3945ABG-adapter voor de 32 bitsversie van Windows Vista; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]

S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-01 4682]

S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]

S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]

S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]

S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]

S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]

S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2008-11-10 23600]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-05-29 39424]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-11-22 358936]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]

R2 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt --defaults-file=C:\Program Files\MySQL\MySQL Server 5.0\my.ini MySQL []

R2 npkcmsvc;npkcmsvc; D:\MSGMS\SuperStoryOLOZ\npkcmsvc.exe [2009-03-28 88728]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-05-27 211488]

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-06-06 75064]

R2 TabletServiceWacom;TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [2007-09-07 1373480]

R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-01-24 386560]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-05-30 541992]

R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-09-05 316664]

S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-11 183280]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-13 655624]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-01 234864]

S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-07-13 3091868]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]

S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]

S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe [2009-02-15 6558336]

 

-----------------EOF-----------------

 

 

info.txt

 

info.txt logfile of random's system information tool 1.06 2009-09-19 16:42:59

 

======Uninstall list======

 

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

Acer Crystal Eye Webcam-->C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\setup.exe -runfromtemp -l0x0013 -removeonly

Actionaz 2.0.7.3-->"D:\Actionaz 2\unins000.exe"

Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}

Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}

Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}

Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}

Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}

Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}

Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}

Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}

Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}

Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}

Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}

Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}

Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}

Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}

Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}

Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}

Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}

Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}

Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}

Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}

Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}

Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}

Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}

Adobe Reader 8.1.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}

Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}

Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}

Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}

Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"

Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}

Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}

Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}

AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}

AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}

Apple Mobile Device Support-->MsiExec.exe /I{659B48CD-0608-4ED5-94C0-0B6C87114F10}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe

Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

Audacity 1.2.6-->"D:\Audacity\unins000.exe"

AusLogics Disk Defrag-->"C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"

AutoHotkey 1.0.48.03-->D:\AutoHotkey\uninst.exe

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE

Bisounours Party Beta 4.0.929-->"C:\Program Files\Steam\SteamApps\Sourcemods\bisou\unins000.exe"

Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}

Call of Duty® - World at War 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409

Call of Duty® - World at War 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409

Call of Duty® - World at War 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{149464D9-B06F-4505-9968-FD1206F67AD3}\setup.exe -runfromtemp -l0x0409

Call of Duty® - World at War 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}\setup.exe -runfromtemp -l0x0409

Canon MP Navigator EX 2.0-->"C:\Program Files\Canon\MP Navigator EX 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 2.0\uninst.ini

Canon MP260 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP260_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP260_series /L0x000c

Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini

Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

CD Art Display 2.0-->"C:\Program Files\CD Art Display\unins000.exe"

CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}

Cheat Engine 5.5-->"D:\Cheat Engine\unins000.exe"

Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}

Combat Arms EU-->"C:\ProgramData\NexonEU\NGM\NGM.exe" -mode:uninstall -dll:ngm.nexoneu.com/cbangm/NGM/Bin/NGMDll.dll -game:50340359 -locale:EU

Command & Conquer Generals-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}

Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}

ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"

Core FTP LE 2.1-->C:\PROGRA~1\CoreFTP\UNWISE.EXE C:\PROGRA~1\CoreFTP\INSTALL.LOG

DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC

DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER

DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

DriverAgent by TouchStone Software-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove

EA Download Manager-->C:\Program Files\Electronic Arts\EADM\Uninstall.exe

Elite Cabal-->MsiExec.exe /I{454070F6-2CAF-49DE-84E7-07DC177789FB}

EliteDekaron-->MsiExec.exe /I{5F407B2A-F5D0-4E9E-AD3B-575BF07F46E7}

Enregistrement utilisateur de Canon MP260 series-->C:\Program Files\Canon\IJEREG\MP260 series\UNINST.EXE

FEARCombat-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{75E607CF-7BAE-4B88-84B3-97F3DF44BA28}\setup.exe" -l0x40c /zU -removeonly

FL Studio 7-->C:\Program Files\Image-Line\FL Studio 7\uninstall.exe

Fraps (remove only)-->"C:\Fraps\uninstall.exe"

Free Music Zilla-->"D:\Free Music Zilla\unins000.exe"

Freez FLV to MP3 Converter-->"D:\Freez FLV to MP3 Converter\unins000.exe"

Glary Utilities 2.15.0.738-->"C:\Program Files\Glary Utilities\unins000.exe"

Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall

Graboid Video 1.65-->C:\Program Files\Graboid\uninst.exe

Half-Life 2: Deathmatch-->"C:\Program Files\Steam\steam.exe" steam://uninstall/320

Half-Life 2: Episode One-->"C:\Program Files\Steam\steam.exe" steam://uninstall/380

Half-Life 2: Episode Two-->"C:\Program Files\Steam\steam.exe" steam://uninstall/420

Half-Life 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/220

HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -IAcrZUn32z.inf

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe

Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}

Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall

Ipulp 1.2-->"C:\Program Files\Ipulp\unins000.exe"

IsoBuster 2.5-->"D:\IsoBuster\Uninst\unins000.exe"

iTunes-->MsiExec.exe /I{CC5702D7-86E2-45A8-99D7-E8B976ADCC56}

Ivalice Launcher Version 11-->"D:\World of Warcraft\unins000.exe"

Java DB 10.4.1.3-->MsiExec.exe /X{998D6972-F58E-479D-9248-8F179E55AE38}

Java 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}

Java SE Development Kit 6 Update 10-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160100}

Java SE Development Kit 6 Update 13-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160130}

KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}

kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}

Launch Manager-->C:\Windows\UnInst32.exe QtZgAcer.UNI

Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly

Ma-Config.com-->MsiExec.exe /X{494952B3-AA5A-486C-8495-6BF830962747}

MapleStory-->MsiExec.exe /I{3062D9D0-0EF0-4F0D-9575-26013FF60FC9}

Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"

Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}

Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}

Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL

Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}

Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}

Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}

Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}

Microsoft Works-->MsiExec.exe /I{A2A0A82F-025F-458D-A0CD-9BB2320804B5}

Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MySQL Server 5.0-->MsiExec.exe /I{EFAC5A3B-4AEC-4F06-9BF9-099CF298CC12}

MySQL Tools for 5.0-->MsiExec.exe /I{EC561602-C0B9-4FAA-A175-1B3273639AC3}

NetBeans IDE 6.1-->"C:\Program Files\NetBeans 6.1\uninstall.exe"

NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI

NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}

Oblivion mod manager 1.1.12-->"C:\Program Files\Bethesda Softworks\Oblivion\obmm\uninstall\unins000.exe"

OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}

Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}

Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Overlord II-->C:\Program Files\InstallShield Installation Information\{E426CEC1-35C5-42BF-913E-6EF8F1211D01}\Setup.exe -runfromtemp -l0x040c -removeonly

PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}

Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}

Popims Animator-->D:\Uninstall.exe

Portal-->"C:\Program Files\Steam\steam.exe" steam://uninstall/400

PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall

Prince of Persia-->"C:\Program Files\InstallShield Installation Information\{7C11154F-3539-4CB5-979D-EF7913473E53}\setup.exe" -runfromtemp -l0x040c -removeonly

Prism Video Converter-->C:\Program Files\NCH Software\Prism\uninst.exe

PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u

Quake Live Mozilla Plugin-->MsiExec.exe /I{D9B3B577-26BD-4CB2-9072-8029AE097AFE}

QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}

Rappelz_USA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}\setup.exe" -l0x9 -removeonly

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x13 -removeonly

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\Setup.exe" -l0x9 anything

RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"

Sacred 2-->MsiExec.exe /I{1023383E-D9F6-478C-A965-23A4657B3C9A}

Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}

Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}

Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}

Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}

Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}

Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}

Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}

Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}

Silent Hill-->C:\Windows\iun6002ev.exe "D:\Silent Hill\irunin.ini"

Silent Hill-->C:\Windows\iun6002ev.exe "D:\Silent Hilll\irunin.ini"

Silkroad-->D:\Silkroad\Remove.Exe

Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

Sony Ericsson Device Data-->MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}

Sony Ericsson Drivers-->MsiExec.exe /I{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}

Sony Ericsson PC Suite-->C:\Windows\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe /uninstall

Sony Ericsson PC Suite-->MsiExec.exe /I{25BEC3AB-5CD4-481D-9143-215C1BBB189E}

Sothink SWF to Video Converter-->"C:\Program Files\SourceTec\Sothink SWF to Video Converter\unins000.exe"

Source SDK Base-->"C:\Program Files\Steam\steam.exe" steam://uninstall/215

Source SDK-->"C:\Program Files\Steam\steam.exe" steam://uninstall/211

Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

Stick Adventures Online-->C:\Program Files\Stick Adventures Online\uninstall.exe

StuffPlug 3-->C:\Program Files\StuffPlug3\Uninstall.exe

Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}

Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

Synergy-->"C:\Program Files\Steam\steam.exe" steam://uninstall/17520

System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe

Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe

Team Fortress 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/440

TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"

TmNationsForever-->"D:\TmNationsForever\unins000.exe"

Unix Utilities for Yahoo! Widgets-->C:\Program Files\Yahoo!\Widgets\UnixUtils\uninstall.exe

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}

Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}

Vegas Pro 9.0-->MsiExec.exe /X{DC785DB7-D389-48C3-B146-96FE99BF4E2B}

VTFEdit 1.2.5-->"D:\VTFEdit\unins000.exe"

WampServer 2.0-->"c:\wamp\unins000.exe"

Winbond CIR Drivers-->MsiExec.exe /X{427967BF-09F8-46D5-9275-37001CCBBA5D}

Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}

Worms World Party-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A200E68-D5F4-4E70-910F-2871753A0E2B}\setup.exe"

xat.com Image Optimizer-->"C:\Program Files\xat.com Image Optimizer\uninstall.exe"

Yahoo! Install Manager-->C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL

Yahoo! Widgets-->C:\PROGRA~1\Yahoo!\Widgets\uninstall.exe

 

======Security center information======

 

AS: Windows Defender

 

======System event log======

 

Computer Name: PC_van_User

Event Code: 4201

Message: Het systeem heeft ontdekt dat netwerkadapter Draadloze netwerkverbinding met het netwerk is verbonden. De normale werking is begonnen.

Record Number: 132613

Source Name: Tcpip

Time Written: 20090908183912.465165-000

Event Type: Informatie

User:

 

Computer Name: PC_van_User

Event Code: 6006

Message: De Event Log-service is gestopt.

Record Number: 132614

Source Name: EventLog

Time Written: 20090908195348.000000-000

Event Type: Informatie

User:

 

Computer Name: PC_van_User

Event Code: 6009

Message: Microsoft ® Windows ® 6.00. 6001 Service Pack 1 Multiprocessor Free.

Record Number: 132615

Source Name: EventLog

Time Written: 20090909113752.000000-000

Event Type: Informatie

User:

 

Computer Name: PC_van_User

Event Code: 6005

Message: De Event Log-service is gestart.

Record Number: 132616

Source Name: EventLog

Time Written: 20090909113752.000000-000

Event Type: Informatie

User:

 

Computer Name: PC_van_User

Event Code: 6013

Message: Het systeem is 22 seconden in gebruik.

Record Number: 132617

Source Name: EventLog

Time Written: 20090909113752.000000-000

Event Type: Informatie

User:

 

=====Application event log=====

 

Computer Name: PC_van_User

Event Code: 10000

Message: Sessie 1 - 2009-09-19T14:40:57.712Z starten.

Record Number: 42264

Source Name: Microsoft-Windows-RestartManager

Time Written: 20090919144057.712159-000

Event Type: Informatie

User: PC_van_User\User

 

Computer Name: PC_van_User

Event Code: 11724

Message: Produit : Ad-Aware -- Suppression effectuée.

Record Number: 42265

Source Name: MsiInstaller

Time Written: 20090919144105.000000-000

Event Type: Informatie

User: PC_van_User\User

 

Computer Name: PC_van_User

Event Code: 1034

Message: Het product is verwijderd. Productnaam: Ad-Aware. Productversie: 8.0.0. Producttaal: 1036. Status van geslaagde/mislukte verwijdering: 0.

Record Number: 42266

Source Name: MsiInstaller

Time Written: 20090919144105.000000-000

Event Type: Informatie

User: PC_van_User\User

 

Computer Name: PC_van_User

Event Code: 10001

Message: Session 1 beëindigen die is gestart om 2009-09-19T14:40:57.712Z.

Record Number: 42267

Source Name: Microsoft-Windows-RestartManager

Time Written: 20090919144105.774159-000

Event Type: Informatie

User: PC_van_User\User

 

Computer Name: PC_van_User

Event Code: 5

Message: Unsupported service control request (see data below)

Record Number: 42268

Source Name: LightScribeService

Time Written: 20090919144256.000000-000

Event Type: Informatie

User:

 

=====Security event log=====

 

Computer Name: PC_van_User

Event Code: 5038

Message: De kopie-hash van een bestand is ongeldig. Mogelijk is het bestand beschadigd vanwege een onbevoegde wijziging of duidt de ongeldige hash op een schijffout.

 

Bestandsnaam: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys

Record Number: 36348

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090919144250.446159-000

Event Type: Controle mislukt

User:

 

Computer Name: PC_van_User

Event Code: 5038

Message: De kopie-hash van een bestand is ongeldig. Mogelijk is het bestand beschadigd vanwege een onbevoegde wijziging of duidt de ongeldige hash op een schijffout.

 

Bestandsnaam: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys

Record Number: 36349

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090919144250.492159-000

Event Type: Controle mislukt

User:

 

Computer Name: PC_van_User

Event Code: 5038

Message: De kopie-hash van een bestand is ongeldig. Mogelijk is het bestand beschadigd vanwege een onbevoegde wijziging of duidt de ongeldige hash op een schijffout.

 

Bestandsnaam: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys

Record Number: 36350

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090919144250.529159-000

Event Type: Controle mislukt

User:

 

Computer Name: PC_van_User

Event Code: 5038

Message: De kopie-hash van een bestand is ongeldig. Mogelijk is het bestand beschadigd vanwege een onbevoegde wijziging of duidt de ongeldige hash op een schijffout.

 

Bestandsnaam: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys

Record Number: 36351

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090919144250.567159-000

Event Type: Controle mislukt

User:

 

Computer Name: PC_van_User

Event Code: 5038

Message: De kopie-hash van een bestand is ongeldig. Mogelijk is het bestand beschadigd vanwege een onbevoegde wijziging of duidt de ongeldige hash op een schijffout.

 

Bestandsnaam: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys

Record Number: 36352

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090919144250.604159-000

Event Type: Controle mislukt

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Teleca Shared;;D:\IsoBuster;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel

"PROCESSOR_REVISION"=0f0b

"NUMBER_OF_PROCESSORS"=2

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"DFSTRACINGON"=FALSE

"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

 

-----------------EOF-----------------

 

 

Merci bien pour votre aide

[Le sioux]

Re

 

• Télécharge OTM de Old_Timer sur ton Bureau.
  
• Clique droit sur OTM.exe puis "Exécuter en tant qu'administrateur".
  
• Copie la liste qui se trouve en citation ci-dessous :
  

:services

MySQL

awwtddfm

 

:reg

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8a9b1ef3-533f-11de-a9a9-e5861467162c}]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] => Firewall List Autorized Applications

"C:\Program Files\BitTorrent\bittorrent.exe"=-

"D:\Bittorrent\bittorrent.exe"=-

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableTaskMgr"=0

"DisableRegistrytools"=0

 

:files

C:\Program.exe

C:\Windows\tasks\uowwpbir.job

C:\Users\User\AppData\Roaming\BitTorrent

C:\Program Files\BitTorrentorrent

D:\Bittorrent

C:\Windows\system32\drivers\awwtddfm.sys

:commands

[emptytemp]

[reboot]

• et colle-la dans le cadre de gauche de OTM : "Paste instructions for item to be moved".
  
• Clique sur le bouton MoveIt!
  
• Attends la fin du travail de l'outil puis ferme OTM.
  

Note: Un redémarrage du PC pourra être nécessaire, clique sur Oui/Yes quand cela te sera demandé.

 

--> Poste en réponse :

 

* Le rapport de OTM (contenu du fichier Lecteur\_OTM\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure) [Lecteur représente la partition depuis laquelle OTM a été lancé, généralement C:]

 

* Un nouveau rapport RSIT.

 

@ suivre.

[PieceOfCake]

OTM Log

 

All processes killed

========== SERVICES/DRIVERS ==========

 

Service\Driver MySQL deleted successfully.

Service\Driver awwtddfm not found.

Service\Driver awwtddfm not found.

========== REGISTRY ==========

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer\ deleted successfully.

Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8a9b1ef3-533f-11de-a9a9-e5861467162c}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8a9b1ef3-533f-11de-a9a9-e5861467162c}\ not found.

Registry key HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] => Firewall List Autorized Application not found.

Registry key HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] => Firewall List Autorized Application not found.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"DisableTaskMgr"|0 /E : value set successfully!

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\\"DisableRegistrytools"|0 /E : value set successfully!

========== FILES ==========

File/Folder C:\Program.exe not found.

C:\Windows\tasks\uowwpbir.job moved successfully.

C:\Users\User\AppData\Roaming\BitTorrent moved successfully.

File/Folder C:\Program Files\BitTorrentorrent not found.

D:\Bittorrent moved successfully.

File/Folder C:\Windows\system32\drivers\awwtddfm.sys not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Journal

 

User: Public

 

User: RegBack

 

User: systemprofile

 

User: TxR

 

User: User

->Temp folder emptied: 21701702 bytes

->Temporary Internet Files folder emptied: 27356891 bytes

->Java cache emptied: 58634837 bytes

->FireFox cache emptied: 79834276 bytes

->Apple Safari cache emptied: 5043014 bytes

->Opera cache emptied: 5186370 bytes

 

%systemdrive% .tmp files removed: 0 bytes

C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP folder deleted successfully.

C:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP folder deleted successfully.

%systemroot% .tmp files removed: 356352 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

Windows Temp folder emptied: 8772 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 188,98 mb

 

 

OTM by OldTimer - Version 3.0.0.6 log created on 09202009_122336

 

Files moved on Reboot...

 

Registry entries deleted on Reboot...

 

 

RSIT Log.txt

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by User at 2009-09-20 12:55:49

Microsoft® Windows Vista™ Home Premium Service Pack 1

System drive C: has 32 GB (22%) free of 147 GB

Total RAM: 3069 MB (63% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:56:47, on 20/09/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18294)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Launch Manager\QtZgAcer.EXE

C:\Windows\PLFSetI.exe

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Windows\ehome\ehmsas.exe

C:\Users\User\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Windows\system32\WerCon.exe

C:\Windows\system32\mdres.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Common Files\Teleca Shared\Generic.exe

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Java\jre6\bin\jucheck.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\User\Downloads\RSIT.exe

C:\Program Files\trend micro\User.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.cherche.us/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cherche.us/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DAEMON Tools Pro\DTProAgent.exe" -autorun

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: SETAUDIO.EXE

O4 - Global Startup: SETRES.EXE

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - Trusted Zone: *.chat-land.org

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{E8F8FDBE-1C9F-4AD7-8D97-8955B9F3FE99}: NameServer = 192.168.1.1,192.168.1.0

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - D:\MSGMS\SuperStoryOLOZ\npkcmsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Windows\system32\Wacom_Tablet.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 9746 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Ad-Aware Update (Weekly).job

C:\Windows\tasks\GlaryInitialize.job

C:\Windows\tasks\Google Software Updater.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-04-06 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-27 669168]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-06 34816]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2008-01-24 102400]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-11-22 178712]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-24 4702208]

"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-01-02 707080]

"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]

"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]

"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]

"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-10-10 69632]

"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-03 1848648]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-06 136600]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-05-30 292136]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-05-27 13781536]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]

"DAEMON Tools Pro Agent"=D:\DAEMON Tools Pro\DTProAgent.exe [2009-04-09 228808]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-21 39408]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-08-19 3885408]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

C:\Program Files\DNA\btdna.exe [2009-03-24 321344]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]

C:\Program Files\Electronic Arts\EADM\Core.exe [2009-04-29 3338240]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-08-19 3885408]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

C:\Program Files\Skype\Phone\Skype.exe [2008-08-12 21741864]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

c:\program files\steam\steam.exe [2009-06-21 1217784]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]

[]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

SETAUDIO.EXE

SETRES.EXE

 

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

"DisableTaskMgr"=0

"DisableChangePassword"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"EnableLUA"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

"HideFastUserSwitching"=0

"DisableTaskMgr"=0

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoLogOff"=0

"NoClose"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

"D:\Bittorrent\bittorrent.exe"="D:\Bittorrent\bittorrent.exe:*:Enabled:BitTorrent"

"D:\Combat Arms EU\CombatArms.exe"="D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"

"D:\Combat Arms EU\Engine.exe"="D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"

"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

"D:\Free Music Zilla\FMZilla.exe"="D:\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.reg - open - "regedit.exe" "%1"

 

======List of files/folders created in the last 1 months======

 

2009-09-20 12:23:37 ----D---- C:\_OTM

2009-09-19 16:42:11 ----D---- C:\rsit

2009-09-19 16:42:11 ----D---- C:\Program Files\trend micro

2009-09-13 23:20:48 ----D---- C:\Program Files\Ipulp

2009-09-13 18:26:22 ----D---- C:\Users\User\AppData\Roaming\GlarySoft

2009-09-13 18:13:15 ----D---- C:\Program Files\Glary Utilities

2009-09-13 16:10:21 ----D---- C:\ProgramData\ma-config.com

2009-09-13 16:10:21 ----D---- C:\Program Files\ma-config.com

2009-09-13 15:27:07 ----D---- C:\HammerAutosave

2009-09-10 17:08:45 ----A---- C:\Windows\system32\netiohlp.dll

2009-09-10 17:08:44 ----A---- C:\Windows\system32\NETSTAT.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\TCPSVCS.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\ROUTE.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\MRINFO.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\HOSTNAME.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\finger.exe

2009-09-10 17:08:43 ----A---- C:\Windows\system32\ARP.EXE

2009-09-10 17:08:42 ----A---- C:\Windows\system32\netevent.dll

2009-09-10 17:08:17 ----A---- C:\Windows\system32\wlanmsm.dll

2009-09-10 17:08:17 ----A---- C:\Windows\system32\L2SecHC.dll

2009-09-10 17:08:16 ----A---- C:\Windows\system32\wlansec.dll

2009-09-10 17:08:15 ----A---- C:\Windows\system32\wlansvc.dll

2009-09-10 17:08:12 ----A---- C:\Windows\system32\WMVCORE.DLL

2009-09-10 17:08:11 ----A---- C:\Windows\system32\mf.dll

2009-09-10 17:07:54 ----A---- C:\Windows\system32\jscript.dll

2009-09-07 17:17:37 ----D---- C:\ProgramData\Lavasoft

2009-09-07 17:17:37 ----D---- C:\Program Files\Lavasoft

2009-09-03 13:37:13 ----A---- C:\Windows\system32\Apphlpdm.dll

2009-09-03 13:37:12 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

2009-08-30 17:46:05 ----D---- C:\ProgramData\id Software

2009-08-27 10:04:41 ----A---- C:\Windows\system32\tzres.dll

2009-08-23 17:11:33 ----D---- C:\Program Files\Stick Adventures Online

 

======List of files/folders modified in the last 1 months======

 

2009-09-20 12:56:28 ----D---- C:\Windows\Temp

2009-09-20 12:53:33 ----D---- C:\Program Files\Mozilla Firefox

2009-09-20 12:33:34 ----D---- C:\Windows\System32

2009-09-20 12:33:34 ----D---- C:\Windows\inf

2009-09-20 12:33:34 ----A---- C:\Windows\system32\PerfStringBackup.INI

2009-09-20 12:30:56 ----D---- C:\Windows\Tasks

2009-09-20 12:25:23 ----D---- C:\Windows

2009-09-20 12:25:13 ----D---- C:\Windows\Prefetch

2009-09-20 10:18:55 ----D---- C:\Program Files\Steam

2009-09-20 10:03:09 ----D---- C:\Users\User\AppData\Roaming\WTablet

2009-09-20 10:02:54 ----HD---- C:\ProgramData

2009-09-19 18:54:49 ----D---- C:\ProgramData\Google Updater

2009-09-19 16:42:11 ----RD---- C:\Program Files

2009-09-19 16:41:05 ----SHD---- C:\Windows\Installer

2009-09-19 16:41:05 ----SHD---- C:\Config.Msi

2009-09-19 16:40:56 ----DC---- C:\Windows\system32\DRVSTORE

2009-09-19 16:40:56 ----D---- C:\Windows\system32\drivers

2009-09-18 18:42:33 ----SHD---- C:\System Volume Information

2009-09-18 18:31:43 ----SD---- C:\Users\User\AppData\Roaming\Microsoft

2009-09-13 18:13:30 ----D---- C:\Windows\system32\Tasks

2009-09-13 15:55:11 ----D---- C:\Windows\system32\LogFiles

2009-09-13 14:33:03 ----RSD---- C:\Windows\Fonts

2009-09-11 19:03:25 ----D---- C:\Windows\rescache

2009-09-11 18:53:52 ----D---- C:\Windows\winsxs

2009-09-11 18:43:39 ----D---- C:\Windows\system32\catroot

2009-09-11 18:43:37 ----D---- C:\Windows\system32\catroot2

2009-09-11 17:14:11 ----D---- C:\Windows\system32\nl-NL

2009-09-11 17:14:10 ----D---- C:\Program Files\Windows Mail

2009-09-11 17:04:05 ----D---- C:\Windows\Debug

2009-09-11 17:03:16 ----D---- C:\Windows\ehome

2009-09-07 19:48:14 ----RSD---- C:\Windows\assembly

2009-09-07 19:40:24 ----HD---- C:\Program Files\InstallShield Installation Information

2009-09-05 17:47:12 ----D---- C:\Program Files\Common Files\Steam

2009-09-05 14:42:57 ----D---- C:\Windows\Minidump

2009-09-04 22:51:03 ----D---- C:\Windows\AppPatch

2009-09-04 18:06:39 ----D---- C:\Program Files\Launch Manager

2009-09-02 16:00:53 ----D---- C:\Users\User\AppData\Roaming\CoreFTP

2009-09-02 03:03:41 ----D---- C:\Windows\Microsoft.NET

2009-08-30 17:46:18 ----A---- C:\Windows\system32\PnkBstrB.exe

2009-08-30 17:46:06 ----A---- C:\Windows\system32\pbsvc.exe

2009-08-28 23:38:20 ----A---- C:\Windows\system32\mrt.exe

2009-08-24 12:20:14 ----A---- C:\Windows\BlendSettings.ini

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-08-05 55656]

R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-01-24 12672]

R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]

R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-01-24 8704]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]

R3 CmBatt;Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-01-24 984064]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-01-24 208384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-24 1950552]

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]

R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-09-26 28816]

R3 NETw4v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-04-16 6144]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-05-27 9850240]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-24 192816]

R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-01-24 660480]

R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2008-01-24 43008]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

S3 aane0hax;aane0hax; C:\Windows\system32\drivers\aane0hax.sys []

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-01 14336]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []

S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-04-06 25280]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NETw3v32;Stuurprogramma voor Intel® PRO/Wireless 3945ABG-adapter voor de 32 bitsversie van Windows Vista; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]

S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-01 4682]

S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]

S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]

S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]

S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]

S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]

S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2008-11-10 23600]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-05-29 39424]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-11-22 358936]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]

R2 npkcmsvc;npkcmsvc; D:\MSGMS\SuperStoryOLOZ\npkcmsvc.exe [2009-03-28 88728]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-05-27 211488]

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-06-06 75064]

R2 TabletServiceWacom;TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [2007-09-07 1373480]

R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-01-24 386560]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-05-30 541992]

S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-11 183280]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-13 655624]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-01 234864]

S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-07-13 3091868]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-09-05 316664]

S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]

S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]

S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe [2009-02-15 6558336]

 

-----------------EOF-----------------

[Le sioux]

Bonjour Pieceofcake

 

• Double clique sur OTM.exe sur ton Bureau afin de lancer l'outil.
  
• Copie la liste qui se trouve en citation ci-dessous :
  

:services

aane0hax

 

:files

C:\Windows\system32\drivers\aane0hax.sys

C:\Program Files\DNA

 

:reg

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\BitTorrent\bittorrent.exe"=-

"D:\Bittorrent\bittorrent.exe"=-

:commands

[emptytemp]

[reboot]

• et colle-la dans le cadre de gauche de OTM : "Paste instructions for item to be moved".
  
• Clique sur le bouton MoveIt!
  
• Attends la fin du travail de l'outil puis ferme OTM.
  

Note: Un redémarrage du PC pourra être nécessaire, clique sur Oui/Yes quand cela te sera demandé.

 

--> Poste en réponse :

 

* Le rapport de OTM (contenu du fichier Lecteur\_OTM\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure) [Lecteur représente la partition depuis laquelle OTM a été lancé, généralement C:]

 

* Un nouveau rapport RSIT

Dis moi aussi si tu constates des ameliorations.

 

@ suivre.

[PieceOfCake]

Rapport OTM

 

All processes killed

========== SERVICES/DRIVERS ==========

Service\Driver aane0hax not found.

Service\Driver aane0hax not found.

========== FILES ==========

File/Folder C:\Windows\system32\drivers\aane0hax.sys not found.

C:\Program Files\DNA\plugins moved successfully.

C:\Program Files\DNA moved successfully.

========== REGISTRY ==========

Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\BitTorrent\bittorrent.exe deleted successfully.

Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\D:\Bittorrent\bittorrent.exe deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Journal

 

User: Public

 

User: RegBack

 

User: systemprofile

 

User: TxR

 

User: User

->Temp folder emptied: 1074221 bytes

->Temporary Internet Files folder emptied: 3324545 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 68728127 bytes

->Apple Safari cache emptied: 0 bytes

->Opera cache emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

File delete failed. C:\Windows\temp\TMP0000005C958CFD4ECB04DF80 scheduled to be deleted on reboot.

File delete failed. C:\Windows\temp\TMP0000005DFAE9D7644835C980 scheduled to be deleted on reboot.

Windows Temp folder emptied: 1048576 bytes

RecycleBin emptied: 174984 bytes

 

Total Files Cleaned = 70,91 mb

 

 

OTM by OldTimer - Version 3.0.0.6 log created on 09212009_111155

 

Files moved on Reboot...

File C:\Windows\temp\TMP0000005C958CFD4ECB04DF80 not found!

File C:\Windows\temp\TMP0000005DFAE9D7644835C980 not found!

 

Registry entries deleted on Reboot...

 

Rapport RSIT

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by User at 2009-09-21 11:28:43

Microsoft® Windows Vista™ Home Premium Service Pack 1

System drive C: has 35 GB (24%) free of 147 GB

Total RAM: 3069 MB (63% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:29:10, on 21/09/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18294)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\WTablet\Wacom_TabletUser.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Launch Manager\QtZgAcer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\PLFSetI.exe

C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Users\User\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\RocketDock\RocketDock.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Windows\system32\WerCon.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Program Files\Common Files\Teleca Shared\Generic.exe

C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Windows\system32\mdres.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Java\jre6\bin\jucheck.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\User\Downloads\RSIT.exe

C:\Program Files\trend micro\User.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.cherche.us/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cherche.us/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.intl.acer.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.intl.acer.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DAEMON Tools Pro\DTProAgent.exe" -autorun

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: SETAUDIO.EXE

O4 - Global Startup: SETRES.EXE

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O15 - Trusted Zone: *.chat-land.org

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{E8F8FDBE-1C9F-4AD7-8D97-8955B9F3FE99}: NameServer = 192.168.1.1,192.168.1.0

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - D:\MSGMS\SuperStoryOLOZ\npkcmsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Windows\system32\Wacom_Tablet.exe

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 9796 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Ad-Aware Update (Weekly).job

C:\Windows\tasks\GlaryInitialize.job

C:\Windows\tasks\Google Software Updater.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-04-06 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-27 669168]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-06 34816]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2008-01-24 102400]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-11-22 178712]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-24 4702208]

"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-01-02 707080]

"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]

"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]

"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]

"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-10-10 69632]

"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-03 1848648]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-06 136600]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-05-30 292136]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-05-27 13781536]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]

"DAEMON Tools Pro Agent"=D:\DAEMON Tools Pro\DTProAgent.exe [2009-04-09 228808]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-21 39408]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-08-19 3885408]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]

C:\Program Files\Electronic Arts\EADM\Core.exe [2009-04-29 3338240]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-08-19 3885408]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

C:\Program Files\Skype\Phone\Skype.exe [2008-08-12 21741864]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

c:\program files\steam\steam.exe [2009-06-21 1217784]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]

[]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

SETAUDIO.EXE

SETRES.EXE

 

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

"DisableTaskMgr"=0

"DisableChangePassword"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"EnableLUA"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

"HideFastUserSwitching"=0

"DisableTaskMgr"=0

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoLogOff"=0

"NoClose"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"D:\Combat Arms EU\CombatArms.exe"="D:\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"

"D:\Combat Arms EU\Engine.exe"="D:\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"

"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

"D:\Free Music Zilla\FMZilla.exe"="D:\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.reg - open - "regedit.exe" "%1"

 

======List of files/folders created in the last 1 months======

 

2009-09-20 12:23:37 ----D---- C:\_OTM

2009-09-19 16:42:11 ----D---- C:\rsit

2009-09-19 16:42:11 ----D---- C:\Program Files\trend micro

2009-09-13 23:20:48 ----D---- C:\Program Files\Ipulp

2009-09-13 18:26:22 ----D---- C:\Users\User\AppData\Roaming\GlarySoft

2009-09-13 18:13:15 ----D---- C:\Program Files\Glary Utilities

2009-09-13 16:10:21 ----D---- C:\ProgramData\ma-config.com

2009-09-13 16:10:21 ----D---- C:\Program Files\ma-config.com

2009-09-13 15:27:07 ----D---- C:\HammerAutosave

2009-09-10 17:08:45 ----A---- C:\Windows\system32\netiohlp.dll

2009-09-10 17:08:44 ----A---- C:\Windows\system32\NETSTAT.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\TCPSVCS.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\ROUTE.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\MRINFO.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\HOSTNAME.EXE

2009-09-10 17:08:43 ----A---- C:\Windows\system32\finger.exe

2009-09-10 17:08:43 ----A---- C:\Windows\system32\ARP.EXE

2009-09-10 17:08:42 ----A---- C:\Windows\system32\netevent.dll

2009-09-10 17:08:17 ----A---- C:\Windows\system32\wlanmsm.dll

2009-09-10 17:08:17 ----A---- C:\Windows\system32\L2SecHC.dll

2009-09-10 17:08:16 ----A---- C:\Windows\system32\wlansec.dll

2009-09-10 17:08:15 ----A---- C:\Windows\system32\wlansvc.dll

2009-09-10 17:08:12 ----A---- C:\Windows\system32\WMVCORE.DLL

2009-09-10 17:08:11 ----A---- C:\Windows\system32\mf.dll

2009-09-10 17:07:54 ----A---- C:\Windows\system32\jscript.dll

2009-09-07 17:17:37 ----D---- C:\ProgramData\Lavasoft

2009-09-07 17:17:37 ----D---- C:\Program Files\Lavasoft

2009-09-03 13:37:13 ----A---- C:\Windows\system32\Apphlpdm.dll

2009-09-03 13:37:12 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

2009-08-30 17:46:05 ----D---- C:\ProgramData\id Software

2009-08-27 10:04:41 ----A---- C:\Windows\system32\tzres.dll

2009-08-23 17:11:33 ----D---- C:\Program Files\Stick Adventures Online

 

======List of files/folders modified in the last 1 months======

 

2009-09-21 11:28:52 ----D---- C:\Windows\Temp

2009-09-21 11:27:14 ----D---- C:\Program Files\Mozilla Firefox

2009-09-21 11:21:15 ----D---- C:\Windows\System32

2009-09-21 11:21:15 ----D---- C:\Windows\inf

2009-09-21 11:21:15 ----A---- C:\Windows\system32\PerfStringBackup.INI

2009-09-21 11:16:43 ----D---- C:\Windows\Tasks

2009-09-21 11:14:29 ----D---- C:\Users\User\AppData\Roaming\WTablet

2009-09-21 11:12:37 ----D---- C:\Windows\Prefetch

2009-09-21 11:12:15 ----RD---- C:\Program Files

2009-09-21 09:43:00 ----D---- C:\Program Files\Steam

2009-09-20 19:56:36 ----D---- C:\ProgramData\Google Updater

2009-09-20 18:38:15 ----SHD---- C:\System Volume Information

2009-09-20 12:25:23 ----D---- C:\Windows

2009-09-20 10:02:54 ----HD---- C:\ProgramData

2009-09-19 16:41:05 ----SHD---- C:\Windows\Installer

2009-09-19 16:41:05 ----SHD---- C:\Config.Msi

2009-09-19 16:40:56 ----DC---- C:\Windows\system32\DRVSTORE

2009-09-19 16:40:56 ----D---- C:\Windows\system32\drivers

2009-09-18 18:31:43 ----SD---- C:\Users\User\AppData\Roaming\Microsoft

2009-09-13 18:13:30 ----D---- C:\Windows\system32\Tasks

2009-09-13 15:55:11 ----D---- C:\Windows\system32\LogFiles

2009-09-13 14:33:03 ----RSD---- C:\Windows\Fonts

2009-09-11 19:03:25 ----D---- C:\Windows\rescache

2009-09-11 18:53:52 ----D---- C:\Windows\winsxs

2009-09-11 18:43:39 ----D---- C:\Windows\system32\catroot

2009-09-11 18:43:37 ----D---- C:\Windows\system32\catroot2

2009-09-11 17:14:11 ----D---- C:\Windows\system32\nl-NL

2009-09-11 17:14:10 ----D---- C:\Program Files\Windows Mail

2009-09-11 17:04:05 ----D---- C:\Windows\Debug

2009-09-11 17:03:16 ----D---- C:\Windows\ehome

2009-09-07 19:48:14 ----RSD---- C:\Windows\assembly

2009-09-07 19:40:24 ----HD---- C:\Program Files\InstallShield Installation Information

2009-09-05 17:47:12 ----D---- C:\Program Files\Common Files\Steam

2009-09-05 14:42:57 ----D---- C:\Windows\Minidump

2009-09-04 22:51:03 ----D---- C:\Windows\AppPatch

2009-09-04 18:06:39 ----D---- C:\Program Files\Launch Manager

2009-09-02 16:00:53 ----D---- C:\Users\User\AppData\Roaming\CoreFTP

2009-09-02 03:03:41 ----D---- C:\Windows\Microsoft.NET

2009-08-30 17:46:18 ----A---- C:\Windows\system32\PnkBstrB.exe

2009-08-30 17:46:06 ----A---- C:\Windows\system32\pbsvc.exe

2009-08-28 23:38:20 ----A---- C:\Windows\system32\mrt.exe

2009-08-24 12:20:14 ----A---- C:\Windows\BlendSettings.ini

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-08-05 55656]

R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-01-24 12672]

R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]

R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-01-24 8704]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]

R3 CmBatt;Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-01-24 984064]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-01-24 208384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-24 1950552]

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472]

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392]

R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-09-26 28816]

R3 NETw4v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-04-16 6144]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-05-27 9850240]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-24 192816]

R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-01-24 660480]

R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2008-01-24 43008]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

S3 ape0mwq0;ape0mwq0; C:\Windows\system32\drivers\ape0mwq0.sys []

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-01 14336]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []

S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-04-06 25280]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NETw3v32;Stuurprogramma voor Intel® PRO/Wireless 3945ABG-adapter voor de 32 bitsversie van Windows Vista; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]

S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-01 4682]

S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]

S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]

S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]

S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]

S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]

S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2008-11-10 23600]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-05-29 39424]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-11-22 358936]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]

R2 npkcmsvc;npkcmsvc; D:\MSGMS\SuperStoryOLOZ\npkcmsvc.exe [2009-03-28 88728]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-05-27 211488]

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-06-06 75064]

R2 TabletServiceWacom;TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [2007-09-07 1373480]

R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-01-24 386560]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-05-30 541992]

S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-11 183280]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-13 655624]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-01 234864]

S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-07-13 3091868]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-09-05 316664]

S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]

S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]

S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe [2009-02-15 6558336]

 

-----------------EOF-----------------

 

Sinon mon ordi va plus vite au démarrage, mais j'ai des fois des périodes de ram intenses...

[Le sioux]

Bonjour PieceOfCake

 

Sinon mon ordi va plus vite au démarrage, mais j'ai des fois des périodes de ram intenses...

OK? on continu

 

Afin de suivre la procédure correctement, je te conseille d'enregistrer la page en sélectionnant toutes les lignes puis de copier cette sélection dans un fichier texte sur ton PC pour pouvoir appliquer la procédure correctement.

Il faut exécuter toutes les étapes, sans interruption, dans l'ordre exact indiqué ci-dessous.

Si un élément te paraît obscure, demande des explications avant de commencer la désinfection.

 

1) Télécharge et installe

 

-- CCleaner

http://www.ccleaner.com/download/builds.aspx

Choisis de préférence la version SLIM-No Toolbar.

Installe-le en prenant soin de décocher les diverses options dont la barre Yahoo et la mise à jour.

Lance CCleaner puis Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".

Pour les autres paramètres, laisse-le avec ses réglages par défaut.

 

-- Malwarebyte's Anti-Malware

http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tuto : http://forum.pcastuces.com/malwarebytes_an...oriel-f31s3.htm

A la fin de l'installation, veille à ce que l'option « Mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK.

S'il ne s'est pas lancé tout seul, fais un clic droit sur l'icône de Malwarebyte's Anti-Malware sur ton Bureau puis "Exécuter en tant qu'administrateur".

Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK

Laisse les Mises à jour se télécharger.

 

2) Scan avec Malwarebyte's Anti-Malware

 

Relance Malwarebyte’s Anti-Malware si celui-ci s’est refermé en faisant un clic droit sur l'icône de Malwarebyte's Anti-Malware sur ton Bureau puis "Exécuter en tant qu'administrateur"

Onglet "Recherche" >>> coche Exécuter un examen rapide >>> puis clique sur Lancer l’examen.

A la fin du scan >>> clique sur Afficher les résultats

Suppression des éléments détectés >>>> clique sur Supprimer la sélection ou supprimer tout

S'il t'es demandé de redémarrer >>> clique sur "Yes"

--> Un rapport de scan s'ouvre, enregistre sur ton Bureau.

Puis ferme Malwarebyte's Anti-Malware

 

3) Suppression de fichiers inutiles avec CCleaner

 

Lance CCleaner en double-cliquant sur son raccourci sur ton Bureau.

Puis dans le menu Nettoyeur

Clique sur Analyse (laisse travailler cela peut durer longtemps la 1ere fois)

Clique sur le bouton Nettoyer .

Clique une seconde fois sur le bouton Nettoyer puis ferme CCleaner.

 

4) Optimisation du PC

 

* On peut optimiser ton démarrage en évitant que les programmes qui s'y lancent inutilement, accaparent des ressources du système. Cela désactive du démarrage des programmes qui ne sont pas primordiaux. Un programme utilise des ressources quand il est en cours d'exécution. Trop de programmes qui tournent utilisent beaucoup de ressources qui peuvent conduire au ralentissement de l'ordinateur.

 

On va faire cela via clic droit sur l'icone de CCleaner puis "Exécuter en tant qu'administrateur" et dans Outils/ Démarrage

Clique un à un sur les programmes correspondant à ces lignes O4 d'HijackThis

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DAEMON Tools Pro\DTProAgent.exe" -autorun

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

et pour chacune d'elles, clique sur "Désactiver".

 

Ferme CCleaner une fois cela fait et redémarre ton PC.

 

* Gère tes services grâce à ces liens

http://www.forum-vista.net/tutoriaux_vista...s_vista-t37.htm

Pense à redémarrer ton PC pour que cela soit pris en compte.

 

5) Rapports

 

Poste en réponse le rapport de Malwarebyte's Anti-Malware que tu as sauvegardé sur ton Bureau et dis moi s'il y a du mieux.

 

@ suivre.

PS: Pense à lancer une défragmentation.

Tuto : http://www.vista-xp.fr/forum/topic709.html

Modifié le 22 septembre 2009 par Le sioux