probleme d'arret + beug

[Falkra]

Attends, on s'occupe de ta machine sur combien de forums ??

[cedricmsn31]

non j'avais poster sur plusieur forum car j'etais desepere mais sur les autres forum on ne m'a pas repondu j'ais juste vu le meme cas que moi donc j'ai fais la meme manipulation

[Falkra]

Il ne faut qu'un forum à la fois, sinon les consignes se télescopent, les rapports sont incohérents, et en prime, ta machine en fait les frais, fermes les autres topics si tu veux poursuivre ici (sinon je ferme celui-là, pas de souci).

[marion23]

Bonsoir Falkra,

Je suis vraiment désolée de polluer un sujet comme ca mais j'ai créé mon sujet "Besoin d'aide pour un Trojan ou Rootkit" cette aprem.

Aurais-tu le temps de me filer un coup de main ?

Merci beaucoup !

[cedricmsn31]

C'est bon j'ais ferme les autres topics!

[Falkra]

Allons-y.

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

Si ça ne se télécharge pas, que tu es redirigé, ou que MBAM ne démarre pas, signale-le moi : c'est un symptôme.

Si tu l'as déjà, passe au point 2 directement (mise à jour).

 

• Double clique sur le fichier téléchargé pour lancer le processus d'installation, puis démarre MBAM.
  
• Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  
• Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  
• Sélectionne "Exécuter un examen rapide"
  
• Clique sur "Rechercher"
  
• L'analyse démarre.
  
• A la fin de l'analyse (mais ce n'est pas fini), un message s'affiche :

  L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi. N'oublie pas la suite.
  
• Ferme tes navigateurs.
  
• Si des malwares ont été détectés, clique sur Afficher les résultats.
  Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  
• MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.
  

 

NB : Si MBAM te demande à redémarrer, fais-le.

Pour récupérer le rapport de MBAM si tu as redémarré un peu vite, démarre MBAM et va dans l'onglet log/rapports, tu pourras double cliquer dessus (ils sont datés) pour le poster.

[cedricmsn31]

il se bloque au demarrage de l'analyse.

j'ai ete oblige de redemarrer le pc (a la sauvage) pour faire l'analyse

sa pourrait venir du pc? car il est garantie

voici le rapport

 

Malwarebytes' Anti-Malware 1.45

www.malwarebytes.org

 

Version de la base de données: 4035

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

27/04/2010 06:35:54

mbam-log-2010-04-27 (06-35-54).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 105878

Temps écoulé: 4 minute(s), 32 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

[cedricmsn31]

je te joint un nouveau rapport rsit

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by Cédric at 2010-04-27 06:40:51

Microsoft Windows 7 Édition Familiale Premium Service Pack 2

System drive C: has 222 GB (75%) free of 295 GB

Total RAM: 3067 MB (61% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 06:40:54, on 27/04/2010

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe

C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe

C:\Windows\PLFSetI.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\eMule\emule.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe

C:\Users\Cédric\Downloads\RSIT.exe

C:\Program Files\trend micro\Cédric.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...p;m=aspire_5738

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...p;m=aspire_5738

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe

O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"

O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O13 - Gopher Prefix:

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe

O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe

 

--

End of file - 11024 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Ad-Aware Update (Weekly).job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]

scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2010-02-17 62784]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-11 279664]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-04-11 812528]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-11 279664]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-12-05 1410344]

"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-08-26 494112]

"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-01-21 156968]

"BackupManagerTray"=C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-04-11 249600]

"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2009-01-21 202024]

"EgisTecLiveUpdate"=C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [2009-05-13 199464]

"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-04-11 30192]

"mwlDaemon"=C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-05-14 345384]

"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-12-26 173288]

"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-28 13797920]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-03-26 142120]

"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]

"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-04-14 2790472]

"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-27 1194504]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-11-17 135168]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-04-11 68856]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-04-14 319792]

"eMuleAutoStart"=C:\Program Files\eMule\emule.exe [2010-04-07 5758976]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"legalnoticetext"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1afd08ee-4565-11df-8043-806e6f6e6963}]

shell\AutoRun\command - D:\autorun.exe

 

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2010-04-25 19:44:11 ----D---- C:\Users\Cédric\AppData\Roaming\Malwarebytes

2010-04-25 19:43:59 ----D---- C:\ProgramData\Malwarebytes

2010-04-25 19:43:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-04-25 18:49:55 ----A---- C:\ZHPExportRegistry-25-04-2010-18-49-54.txt

2010-04-25 16:42:53 ----A---- C:\Windows\ntbtlog.txt

2010-04-25 13:25:17 ----A---- C:\Windows\system32\mdimon.dll

2010-04-25 13:22:49 ----D---- C:\Program Files\Microsoft Visual Studio

2010-04-25 13:22:49 ----D---- C:\Program Files\Common Files\DESIGNER

2010-04-25 13:22:07 ----D---- C:\Program Files\Microsoft.NET

2010-04-25 13:19:46 ----D---- C:\Program Files\trend micro

2010-04-25 13:19:45 ----D---- C:\rsit

2010-04-25 13:19:14 ----D---- C:\IDE

2010-04-25 13:19:12 ----D---- C:\Program Files\Microsoft Visual Studio 8

2010-04-25 13:18:35 ----D---- C:\Program Files\Common Files\Java

2010-04-25 12:39:24 ----D---- C:\Program Files\ZHPFix

2010-04-25 12:36:38 ----D---- C:\Program Files\ZHPDiag

2010-04-25 12:23:47 ----SHD---- C:\Config.Msi

2010-04-23 11:02:46 ----D---- C:\Program Files\CCleaner

2010-04-22 12:22:59 ----A---- C:\Windows\system32\lsdelete.exe

2010-04-22 11:49:47 ----D---- C:\ProgramData\Lavasoft

2010-04-22 11:49:47 ----D---- C:\Program Files\Lavasoft

2010-04-22 11:23:47 ----D---- C:\Windows\BDOSCAN8

2010-04-22 10:56:00 ----HDC---- C:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}

2010-04-22 10:39:36 ----D---- C:\Users\Cédric\AppData\Roaming\ArchiFacile

2010-04-22 09:56:19 ----D---- C:\ProgramData\Hewlett-Packard

2010-04-21 05:31:10 ----D---- C:\Program Files\rkfree

2010-04-21 05:31:10 ----AD---- C:\ProgramData\rkfree

2010-04-21 03:20:13 ----A---- C:\Windows\system32\browserchoice.exe

2010-04-18 03:03:03 ----D---- C:\Windows\PCHEALTH

2010-04-17 19:10:46 ----A---- C:\Windows\system32\spr32d35.dll

2010-04-17 18:55:31 ----D---- C:\Program Files\Architecte_3D_Silver_Advanced

2010-04-17 10:42:13 ----A---- C:\Windows\system32\deployJava1.dll

2010-04-14 16:21:31 ----D---- C:\ProgramData\eMule

2010-04-14 16:21:00 ----D---- C:\Program Files\eMule

2010-04-14 16:18:48 ----N---- C:\Windows\system32\MpSigStub.exe

2010-04-14 15:58:10 ----A---- C:\Windows\system32\aswBoot.exe

2010-04-14 15:57:59 ----D---- C:\Program Files\DIFX

2010-04-14 14:57:19 ----D---- C:\Windows\Minidump

2010-04-14 14:43:19 ----D---- C:\ProgramData\Alwil Software

2010-04-14 14:43:19 ----D---- C:\Program Files\Alwil Software

2010-04-14 14:43:07 ----D---- C:\Program Files\Lavalys

2010-04-14 14:35:19 ----D---- C:\Program Files\uTorrent

2010-04-14 14:34:43 ----D---- C:\Users\Cédric\AppData\Roaming\uTorrent

2010-04-14 14:19:37 ----D---- C:\Program Files\Common Files\Adobe

2010-04-14 06:38:55 ----D---- C:\Program Files\Adobe

2010-04-14 03:25:35 ----A---- C:\Windows\system32\ntoskrnl.exe

2010-04-14 03:25:34 ----A---- C:\Windows\system32\vbscript.dll

2010-04-14 03:25:34 ----A---- C:\Windows\system32\ntkrnlpa.exe

2010-04-14 03:25:28 ----A---- C:\Windows\system32\wintrust.dll

2010-04-14 03:25:28 ----A---- C:\Windows\system32\cabview.dll

2010-04-13 19:25:13 ----D---- C:\ProgramData\CanonIJPLM

2010-04-13 19:23:42 ----D---- C:\Program Files\Common Files\CANON

2010-04-13 19:21:06 ----HD---- C:\ProgramData\CanonBJ

2010-04-13 19:20:55 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information

2010-04-13 19:20:24 ----A---- C:\Windows\system32\CNMLM93.DLL

2010-04-13 19:20:16 ----A---- C:\Windows\system32\CNC610O.DLL

2010-04-13 19:20:15 ----A---- C:\Windows\system32\CNC610L.DLL

2010-04-13 19:20:15 ----A---- C:\Windows\system32\CNC610I.DLL

2010-04-13 19:20:15 ----A---- C:\Windows\system32\CNC610C.DLL

2010-04-13 19:20:05 ----HD---- C:\Program Files\CanonBJ

2010-04-13 19:18:58 ----D---- C:\Program Files\Canon

2010-04-13 19:18:44 ----D---- C:\ProgramData\Sun

2010-04-11 22:54:47 ----A---- C:\Windows\Interop.IWshRuntimeLibrary.dll

2010-04-11 22:54:47 ----A---- C:\Windows\AcerStore.exe

2010-04-11 22:54:29 ----A---- C:\Windows\GVUni.exe

2010-04-11 22:43:39 ----N---- C:\Windows\system32\WscEapPr.dll

2010-04-11 22:43:39 ----N---- C:\Windows\system32\wcnwiz2.dll

2010-04-11 22:43:39 ----N---- C:\Windows\system32\FunctionDiscoveryFolder.dll

2010-04-11 22:42:40 ----A---- C:\Windows\UNINST32.EXE

2010-04-11 22:42:37 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll

2010-04-11 22:42:37 ----A---- C:\Windows\system32\SynTPCo4.dll

2010-04-11 22:42:37 ----A---- C:\Windows\system32\SynTPAPI.dll

2010-04-11 22:42:37 ----A---- C:\Windows\system32\SynCtrl.dll

2010-04-11 22:42:37 ----A---- C:\Windows\system32\SynCOM.dll

2010-04-11 22:41:28 ----A---- C:\Windows\system32\oemdspif.dll

2010-04-11 22:41:28 ----A---- C:\Windows\system32\nvcohda.dll

2010-04-11 22:41:27 ----A---- C:\Windows\system32\nvmccsrs.dll

2010-04-11 22:41:27 ----A---- C:\Windows\system32\nvmccs.dll

2010-04-11 22:41:27 ----A---- C:\Windows\system32\nvd3dum.dll

2010-04-11 22:41:27 ----A---- C:\Windows\system32\nvcolor.exe

2010-04-11 22:41:27 ----A---- C:\Windows\system32\nvcod135.dll

2010-04-11 22:41:27 ----A---- C:\Windows\system32\nvapi.dll

2010-04-11 22:41:27 ----A---- C:\Windows\system32\dpinst.exe

2010-04-11 22:41:12 ----A---- C:\Windows\PATCHFUL.EXE

2010-04-11 22:41:10 ----D---- C:\Windows\Lan

2010-04-11 20:45:08 ----D---- C:\Users\Cédric\AppData\Roaming\Apple Computer

2010-04-11 20:45:03 ----DC---- C:\Windows\system32\DRVSTORE

2010-04-11 20:45:03 ----A---- C:\Windows\system32\GEARAspi.dll

2010-04-11 20:44:23 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-04-11 20:44:23 ----D---- C:\Program Files\iPod

2010-04-11 20:44:22 ----D---- C:\Program Files\iTunes

2010-04-11 20:09:08 ----D---- C:\ProgramData\Apple Computer

2010-04-11 20:09:08 ----D---- C:\Program Files\QuickTime

2010-04-11 20:08:56 ----D---- C:\Program Files\Apple Software Update

2010-04-11 20:08:14 ----D---- C:\Program Files\Bonjour

2010-04-11 20:08:04 ----D---- C:\ProgramData\Apple

2010-04-11 20:08:04 ----D---- C:\Program Files\Common Files\Apple

2010-04-11 18:25:05 ----A---- C:\Windows\system32\msv1_0.dll

2010-04-11 18:18:01 ----A---- C:\Windows\system32\MRT.exe

2010-04-11 18:15:51 ----A---- C:\Windows\system32\mshtml.dll

2010-04-11 18:15:50 ----A---- C:\Windows\system32\ieframe.dll

2010-04-11 18:15:49 ----A---- C:\Windows\system32\urlmon.dll

2010-04-11 18:15:49 ----A---- C:\Windows\system32\mstime.dll

2010-04-11 18:15:48 ----A---- C:\Windows\system32\wininet.dll

2010-04-11 18:15:48 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-04-11 18:15:48 ----A---- C:\Windows\system32\iedkcs32.dll

2010-04-11 18:15:44 ----A---- C:\Windows\system32\wmp.dll

2010-04-11 18:15:43 ----A---- C:\Windows\system32\winload.exe

2010-04-11 18:15:43 ----A---- C:\Windows\system32\CertEnroll.dll

2010-04-11 18:15:42 ----A---- C:\Windows\system32\wmploc.DLL

2010-04-11 18:15:42 ----A---- C:\Windows\system32\winresume.exe

2010-04-11 18:15:40 ----A---- C:\Windows\system32\tzres.dll

2010-04-11 18:15:33 ----A---- C:\Windows\system32\winlogon.exe

2010-04-11 18:15:33 ----A---- C:\Windows\explorer.exe

2010-04-11 18:15:32 ----A---- C:\Windows\system32\tsbyuv.dll

2010-04-11 18:15:32 ----A---- C:\Windows\system32\quartz.dll

2010-04-11 18:15:32 ----A---- C:\Windows\system32\msyuv.dll

2010-04-11 18:15:32 ----A---- C:\Windows\system32\msvidc32.dll

2010-04-11 18:15:32 ----A---- C:\Windows\system32\msrle32.dll

2010-04-11 18:15:32 ----A---- C:\Windows\system32\mciavi32.dll

2010-04-11 18:15:32 ----A---- C:\Windows\system32\iyuv_32.dll

2010-04-11 18:15:32 ----A---- C:\Windows\system32\avifil32.dll

2010-04-11 18:15:31 ----A---- C:\Windows\system32\kernel32.dll

2010-04-11 18:15:31 ----A---- C:\Windows\system32\apphelp.dll

2010-04-11 18:15:29 ----A---- C:\Windows\system32\t2embed.dll

2010-04-11 18:15:29 ----A---- C:\Windows\system32\jscript.dll

2010-04-11 18:15:29 ----A---- C:\Windows\system32\fontsub.dll

2010-04-11 18:15:29 ----A---- C:\Windows\system32\atmfd.dll

2010-04-11 18:15:28 ----A---- C:\Windows\system32\msasn1.dll

2010-04-11 18:15:21 ----A---- C:\Windows\system32\secproc_ssp_isv.dll

2010-04-11 18:15:21 ----A---- C:\Windows\system32\secproc_ssp.dll

2010-04-11 18:15:21 ----A---- C:\Windows\system32\secproc_isv.dll

2010-04-11 18:15:21 ----A---- C:\Windows\system32\secproc.dll

2010-04-11 18:15:21 ----A---- C:\Windows\system32\RMActivate_isv.exe

2010-04-11 18:15:21 ----A---- C:\Windows\system32\RMActivate.exe

2010-04-11 18:15:20 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe

2010-04-11 18:15:20 ----A---- C:\Windows\system32\RMActivate_ssp.exe

2010-04-11 18:15:19 ----A---- C:\Windows\system32\psisdecd.dll

2010-04-11 18:15:19 ----A---- C:\Windows\system32\msdri.dll

2010-04-11 18:15:19 ----A---- C:\Windows\system32\CPFilters.dll

2010-04-11 16:03:19 ----D---- C:\Windows\Panther

2010-04-11 15:59:04 ----D---- C:\ProgramData\OEM

2010-04-11 15:54:43 ----HD---- C:\$WINDOWS.~Q

2010-04-11 15:52:49 ----HD---- C:\$INPLACE.~TR

2010-04-11 15:36:44 ----A---- C:\Windows\system32\nvuhda.exe

2010-04-11 15:36:44 ----A---- C:\Windows\system32\nvhdap32.dll

2010-04-11 15:36:44 ----A---- C:\Windows\system32\nvapo32v.dll

2010-04-11 15:35:29 ----A---- C:\Windows\system32\nvudisp.exe

2010-04-11 15:34:34 ----A---- C:\Windows\system32\RtkAPO.dll

2010-04-11 15:34:20 ----D---- C:\Program Files\Launch Manager

2010-04-11 15:32:37 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-04-11 15:29:19 ----SHD---- C:\Recovery

2010-04-11 15:29:19 ----SHD---- C:\ProgramData\Modèles

2010-04-11 15:29:19 ----SHD---- C:\ProgramData\Menu Démarrer

2010-04-11 15:29:19 ----SHD---- C:\ProgramData\Favoris

2010-04-11 15:29:19 ----SHD---- C:\ProgramData\Bureau

2010-04-11 15:29:19 ----SHD---- C:\Program Files\Fichiers communs

2010-04-11 15:07:55 ----SD---- C:\Users\Cédric\AppData\Roaming\Microsoft

2010-04-11 15:07:55 ----D---- C:\Users\Cédric\AppData\Roaming\Media Center Programs

2010-04-11 15:06:36 ----D---- C:\Program Files\Realtek

2010-04-11 15:06:29 ----A---- C:\Windows\system32\nvuninst.exe

2010-04-11 15:06:17 ----D---- C:\Program Files\Synaptics

2010-04-11 15:04:38 ----D---- C:\Windows\Prefetch

2010-04-11 14:17:59 ----D---- C:\Windows\SoftwareDistribution

2010-04-11 14:16:42 ----SHD---- C:\System Volume Information

2010-04-11 14:11:13 ----D---- C:\Windows\acerTemp

2010-04-11 14:10:18 ----D---- C:\ProgramData\InstallShield

2010-04-11 14:10:00 ----D---- C:\OEM

2010-04-11 14:08:29 ----D---- C:\Users\Cédric\AppData\Roaming\Adobe

2010-04-11 14:05:39 ----D---- C:\Program Files\Microsoft Silverlight

2010-04-11 14:03:09 ----D---- C:\Program Files\Microsoft

2010-04-11 13:53:46 ----HD---- C:\MyWinLockerData

2010-04-11 13:52:25 ----D---- C:\ProgramData\EgisTec

2010-04-11 13:52:09 ----D---- C:\Users\Cédric\AppData\Roaming\Google

2010-04-11 13:49:42 ----D---- C:\Program Files\Acer Inc

2010-04-11 13:48:25 ----D---- C:\ProgramData\eSobi

2010-04-11 13:48:14 ----D---- C:\Program Files\eSobi

2010-04-11 13:46:53 ----D---- C:\Program Files\EgisTec Egis Software Update

2010-04-11 13:46:53 ----D---- C:\Program Files\Common Files\EgisTec

2010-04-11 13:46:47 ----D---- C:\Program Files\EgisTec

2010-04-11 13:46:13 ----D---- C:\Program Files\Acer

2010-04-11 13:45:24 ----A---- C:\Windows\regfile_I.cmd

2010-04-11 13:45:24 ----A---- C:\Windows\regfile_E.cmd

2010-04-11 13:44:01 ----D---- C:\Users\Cédric\AppData\Roaming\Macromedia

2010-04-11 13:44:00 ----D---- C:\Windows\Screensavers

2010-04-11 13:42:37 ----A---- C:\Windows\USB_VIDEO_REG.exe

2010-04-11 13:42:37 ----A---- C:\Windows\PLFSetI.exe

2010-04-11 13:42:37 ----A---- C:\Windows\PidList.ini

2010-04-11 13:42:37 ----A---- C:\Windows\Image.dll

2010-04-11 13:42:36 ----A---- C:\Windows\Acer Crystal Eye webcam.EXE

2010-04-11 13:42:22 ----D---- C:\Users\Cédric\AppData\Roaming\InstallShield

2010-04-11 13:41:18 ----A---- C:\Windows\DIFxAPI.dll

2010-04-11 13:41:12 ----A---- C:\Windows\system32\RTPCEE32.dll

2010-04-11 13:41:02 ----HD---- C:\Program Files\Temp

2010-04-11 13:41:02 ----D---- C:\Users\Cédric\AppData\Roaming\PowerCinema

2010-04-11 13:40:41 ----D---- C:\Program Files\Convesoft

2010-04-11 13:40:35 ----D---- C:\Users\Cédric\AppData\Roaming\Identities

2010-04-11 13:40:29 ----D---- C:\ProgramData\Partner

2010-04-11 13:40:28 ----D---- C:\ProgramData\Google

2010-04-11 13:40:18 ----D---- C:\Program Files\Google

2010-04-11 13:39:53 ----A---- C:\Windows\system32\SETAFR_Temp_DiskPart.txt

2010-04-11 13:39:11 ----D---- C:\ProgramData\NVIDIA

2010-04-11 13:39:08 ----D---- C:\Users\Cédric\AppData\Roaming\Acer GameZone Console

 

======List of files/folders modified in the last 1 months======

 

2010-04-27 06:40:52 ----D---- C:\Windows\Temp

2010-04-27 06:36:07 ----D---- C:\Windows\System32

2010-04-27 06:36:07 ----D---- C:\Windows\inf

2010-04-27 06:31:45 ----D---- C:\Windows\Tasks

2010-04-25 19:44:00 ----D---- C:\Windows\system32\drivers

2010-04-25 19:43:59 ----RD---- C:\Program Files

2010-04-25 19:43:59 ----HD---- C:\ProgramData

2010-04-25 18:52:23 ----D---- C:\Windows\system32\Tasks

2010-04-25 18:50:46 ----D---- C:\Windows\system32\config

2010-04-25 16:42:53 ----D---- C:\Windows

2010-04-25 13:25:24 ----SHD---- C:\Windows\Installer

2010-04-25 13:25:24 ----SD---- C:\ProgramData\Microsoft

2010-04-25 13:25:22 ----D---- C:\ProgramData\Microsoft Help

2010-04-25 13:25:17 ----RSD---- C:\Windows\assembly

2010-04-25 13:23:40 ----D---- C:\Program Files\Microsoft Works

2010-04-25 13:23:31 ----D---- C:\Program Files\Common Files\microsoft shared

2010-04-25 13:23:07 ----D---- C:\Program Files\MSBuild

2010-04-25 13:22:54 ----D---- C:\Program Files\Microsoft Office

2010-04-25 13:22:49 ----D---- C:\Program Files\Common Files

2010-04-25 13:22:44 ----D---- C:\Windows\ShellNew

2010-04-25 13:22:19 ----RSD---- C:\Windows\Fonts

2010-04-25 13:18:53 ----A---- C:\Windows\win.ini

2010-04-25 13:18:51 ----D---- C:\Program Files\Common Files\System

2010-04-24 21:20:14 ----D---- C:\Windows\system32\NDF

2010-04-23 11:03:23 ----D---- C:\Windows\debug

2010-04-22 13:04:45 ----D---- C:\Windows\system32\wdi

2010-04-22 11:51:34 ----D---- C:\Windows\system32\catroot

2010-04-22 11:23:49 ----D---- C:\Windows\Downloaded Program Files

2010-04-22 11:05:38 ----D---- C:\Windows\winsxs

2010-04-22 11:02:51 ----D---- C:\Windows\system32\DriverStore

2010-04-22 09:30:14 ----D---- C:\Windows\system32\LogFiles

2010-04-19 17:38:28 ----AD---- C:\ProgramData\Temp

2010-04-18 16:05:35 ----D---- C:\Windows\Logs

2010-04-14 16:00:53 ----D---- C:\ProgramData\McAfee

2010-04-14 15:58:05 ----D---- C:\Windows\system32\catroot2

2010-04-14 15:54:20 ----D---- C:\Program Files\Common Files\McAfee

2010-04-14 15:53:54 ----D---- C:\Program Files\McAfee

2010-04-14 14:19:43 ----D---- C:\ProgramData\Adobe

2010-04-13 19:24:29 ----RSD---- C:\Windows\Media

2010-04-13 19:20:51 ----D---- C:\Windows\twain_32

2010-04-11 22:54:55 ----D---- C:\Book

2010-04-11 20:09:45 ----D---- C:\Program Files\Internet Explorer

2010-04-11 19:05:04 ----D---- C:\Windows\system32\Boot

2010-04-11 19:05:04 ----D---- C:\Windows\AppPatch

2010-04-11 19:05:04 ----D---- C:\Program Files\Windows Media Player

2010-04-11 18:55:51 ----D---- C:\Windows\rescache

2010-04-11 18:36:11 ----D---- C:\Windows\Microsoft.NET

2010-04-11 18:17:51 ----D---- C:\Windows\ehome

2010-04-11 18:17:44 ----D---- C:\Windows\system32\fr-FR

2010-04-11 16:03:06 ----RASH---- C:\BOOTSECT.BAK

2010-04-11 16:03:04 ----SHD---- C:\Boot

2010-04-11 16:01:53 ----SD---- C:\Windows\system32\Microsoft

2010-04-11 15:37:19 ----D---- C:\Windows\system32\restore

2010-04-11 15:32:00 ----D---- C:\Windows\system32\wbem

2010-04-11 15:29:19 ----D---- C:\Windows\system32\Recovery

2010-04-11 15:29:19 ----D---- C:\Program Files\Windows NT

2010-04-11 15:20:50 ----D---- C:\Windows\Registration

2010-04-11 15:17:10 ----RD---- C:\Users

2010-04-11 15:14:08 ----D---- C:\Windows\system32\CodeIntegrity

2010-04-11 15:12:57 ----D---- C:\Windows\WindowsMobile

2010-04-11 15:12:57 ----D---- C:\Windows\system32\zh-TW

2010-04-11 15:12:57 ----D---- C:\Windows\system32\zh-HK

2010-04-11 15:12:57 ----D---- C:\Windows\system32\zh-CN

2010-04-11 15:12:57 ----D---- C:\Windows\system32\XPSViewer

2010-04-11 15:12:57 ----D---- C:\Windows\system32\WCN

2010-04-11 15:12:57 ----D---- C:\Windows\system32\uk-UA

2010-04-11 15:12:57 ----D---- C:\Windows\system32\tr-TR

2010-04-11 15:12:56 ----D---- C:\Windows\system32\th-TH

2010-04-11 15:12:56 ----D---- C:\Windows\system32\sysprep

2010-04-11 15:12:56 ----D---- C:\Windows\system32\sv-SE

2010-04-11 15:12:56 ----D---- C:\Windows\system32\sr-Latn-CS

2010-04-11 15:12:51 ----D---- C:\Windows\system32\sl-SI

2010-04-11 15:12:51 ----D---- C:\Windows\system32\sk-SK

2010-04-11 15:12:51 ----D---- C:\Windows\system32\ru-RU

2010-04-11 15:12:51 ----D---- C:\Windows\system32\ro-RO

2010-04-11 15:12:51 ----D---- C:\Windows\system32\RemInst

2010-04-11 15:12:51 ----D---- C:\Windows\system32\pt-PT

2010-04-11 15:12:51 ----D---- C:\Windows\system32\pt-BR

2010-04-11 15:12:51 ----D---- C:\Windows\system32\pl-PL

2010-04-11 15:12:49 ----D---- C:\Windows\system32\oobe

2010-04-11 15:12:49 ----D---- C:\Windows\system32\OEM

2010-04-11 15:12:44 ----D---- C:\Windows\system32\nl-NL

2010-04-11 15:12:44 ----D---- C:\Windows\system32\nb-NO

2010-04-11 15:12:44 ----D---- C:\Windows\system32\Macromed

2010-04-11 15:12:44 ----D---- C:\Windows\system32\lv-LV

2010-04-11 15:12:44 ----D---- C:\Windows\system32\lt-LT

2010-04-11 15:12:44 ----D---- C:\Windows\system32\ko-KR

2010-04-11 15:12:44 ----D---- C:\Windows\system32\ja-JP

2010-04-11 15:12:44 ----D---- C:\Windows\system32\it-IT

2010-04-11 15:12:44 ----D---- C:\Windows\system32\hu-HU

2010-04-11 15:12:44 ----D---- C:\Windows\system32\hr-HR

2010-04-11 15:12:44 ----D---- C:\Windows\system32\he-IL

2010-04-11 15:12:43 ----D---- C:\Windows\system32\fi-FI

2010-04-11 15:12:43 ----D---- C:\Windows\system32\et-EE

2010-04-11 15:12:43 ----D---- C:\Windows\system32\es-ES

2010-04-11 15:12:43 ----D---- C:\Windows\system32\en-US

2010-04-11 15:12:43 ----D---- C:\Windows\system32\el-GR

2010-04-11 15:12:43 ----D---- C:\Windows\system32\de-DE

2010-04-11 15:12:42 ----D---- C:\Windows\system32\da-DK

2010-04-11 15:12:42 ----D---- C:\Windows\system32\cs-CZ

2010-04-11 15:12:42 ----D---- C:\Windows\system32\Branding

2010-04-11 15:12:42 ----D---- C:\Windows\system32\bg-BG

2010-04-11 15:12:42 ----D---- C:\Windows\system32\ar-SA

2010-04-11 15:12:41 ----D---- C:\Windows\system

2010-04-11 15:12:36 ----D---- C:\Windows\nap

2010-04-11 15:12:32 ----D---- C:\Windows\Help

2010-04-11 15:12:28 ----D---- C:\Windows\Boot

2010-04-11 15:12:26 ----D---- C:\ProgramData\SiteAdvisor

2010-04-11 15:12:12 ----D---- C:\ProgramData\CyberLink

2010-04-11 15:12:12 ----D---- C:\ProgramData\Acer GameZone Console

2010-04-11 15:12:10 ----D---- C:\Program Files\Windows Photo Gallery

2010-04-11 15:12:10 ----D---- C:\Program Files\Windows Live SkyDrive

2010-04-11 15:12:10 ----D---- C:\Program Files\Windows Live

2010-04-11 15:12:09 ----D---- C:\Program Files\Windows Collaboration

2010-04-11 15:12:09 ----D---- C:\Program Files\Windows Calendar

2010-04-11 15:12:03 ----D---- C:\Program Files\NewTech Infosystems

2010-04-11 15:11:54 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition

2010-04-11 15:11:53 ----D---- C:\Program Files\Microsoft Office Suite Activation Assistant

2010-04-11 15:11:41 ----D---- C:\Program Files\Microsoft Games

2010-04-11 15:11:10 ----HD---- C:\Program Files\InstallShield Installation Information

2010-04-11 15:11:10 ----D---- C:\Program Files\Intel

2010-04-11 15:10:58 ----D---- C:\Program Files\Cyberlink

2010-04-11 15:10:57 ----D---- C:\Program Files\Common Files\Windows Live

2010-04-11 15:10:56 ----D---- C:\Program Files\Common Files\Oberon Media

2010-04-11 15:10:50 ----D---- C:\Program Files\Common Files\InstallShield

2010-04-11 15:10:49 ----D---- C:\Program Files\Broadcom

2010-04-11 15:10:41 ----D---- C:\Program Files\Acer GameZone

2010-04-11 15:10:05 ----D---- C:\Program Files\Acer Arcade Deluxe

2010-04-11 13:55:11 ----D---- C:\Elements

2010-04-11 13:47:18 ----D---- C:\Acer

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-04-14 23376]

R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-04-14 162768]

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-04-14 46672]

R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2010-02-17 214664]

R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-07-16 130424]

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2008-12-04 19504]

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2008-12-04 16432]

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2008-12-04 59952]

R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]

R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]

R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-04-14 19024]

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-04-14 51792]

R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]

R3 CmBatt;Pilote d’adaptateur secteur Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-14 14080]

R3 CompositeBus;Pilote de l’énumérateur de bus composite; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]

R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-09-04 223232]

R3 NETw5s32;Pilote de carte Intel® Wireless WiFi Link pour Windows 7 32 bits ; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\Drivers\NTIDrvr.sys [2009-03-26 15360]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-04-30 64032]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-28 9791552]

R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]

R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-12-02 62976]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-12-05 204976]

R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2009-07-14 146176]

R3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-07-14 11264]

R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]

S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys []

S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]

S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]

S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]

S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]

S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]

S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]

S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-14 430080]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

S3 drmkaud;Pilotes audio approuvés par Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2009-07-14 5120]

S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-14 3100160]

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]

S3 flash;flash; \??\C:\Users\Public\Documents\Acer\BIOS_Acer_1.25_A_A\BIOS_ACER_1.25_Windows_Aspire 5738\Winflash32\flash.sys [2007-08-03 7680]

S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]

S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-14 26624]

S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]

S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]

S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []

S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]

S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]

S3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2010-02-17 79816]

S3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2010-02-17 35272]

S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2010-02-17 34248]

S3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2010-02-17 40552]

S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2009-07-14 8320]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2009-07-14 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2009-07-14 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]

S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]

S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]

S3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel® 5000 Series pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]

S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]

S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]

S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]

S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-10-16 41472]

S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]

S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]

S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-03-19 144672]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-02-12 345376]

R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-12-18 75048]

R2 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]

R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-08-26 690720]

R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-04-22 1265264]

R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe [2009-07-08 359952]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]

R2 MWLService;MyWinLocker Service; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-05-14 305448]

R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-04-11 61184]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-28 211488]

R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-03-26 545576]

S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-11 135664]

S2 McShield;McAfee Real-time Scanner; C:\Program Files\McAfee\VirusScan\Mcshield.exe [2010-02-17 144704]

S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]

S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-07-14 522752]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-04-11 30192]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-11 182768]

S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 McSysmon;McAfee SystemGuards; C:\Program Files\McAfee\VirusScan\mcsysmon.exe [2010-02-17 606736]

S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Partner Service;Partner Service; C:\ProgramData\Partner\partner.exe [2010-04-11 110576]

S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]

S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-07-14 1202688]

S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]

 

-----------------EOF-----------------

[Falkra]

Télécharge OTMoveIt (OTM) par OldTimer.

• Enregistre ce fichier sur le Bureau.
  
• Fais un double clic sur OTM.exe pour lancer l'exécution de l'outil. (Note: Si tu utilises Windows Vista ou 7, fais un clic droit sur le fichier puis choisir Exécuter en tant qu'administrateur).
  
• Copie les lignes de la zone "Code" ci-dessous dans le Presse-papiers en les sélectionnant toutes puis en appuyant simultanément sur les touches CTRL et C (ou, après les avoir sélectionnées, en faisant un clic droit puis en choisissant Copier):
  

  :processes
  :files
  C:\ProgramData\Partner
  C:\Program Files\rkfree
  C:\ProgramData\rkfree
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "QuickTime Task"=-
  "iTunesHelper"=-
  "Adobe Reader Speed Launcher"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "swg"=-
  "ProductReg"=-
  :Services
  Partner Service
  
  :commands
  [zipfiles]
  [emptytemp]
  [Start Explorer]

  
  

• Retourne dans la fenêtre de OTM, fais un clic droit dans la zone de gauche intitulée "Paste List Of Files/Folders to Move" (sous la barre jaune) puis choisir Coller.
  
• Clique sur le bouton rouge Moveit!.
  
• Ferme OTMoveIt3
  
• Poste dans ta prochaine réponse le rapport de OTMoveIt3 (contenu du fichier C:\_OTM\MovedFiles\********_******.log - les *** sont des chiffres représentant la date [moisjourannée] et l'heure)
  

Note: Si un fichier ou un dossier ne peut pas être déplacé immédiatement, un redémarrage sera peut-être nécessaire pour permettre de terminer le processus de déplacement. Si le redémarrage de la machine vous est demandé, choisir Oui/Yes.

[cedricmsn31]

voici le rapport

 

All processes killed

========== PROCESSES ==========

========== FILES ==========

C:\ProgramData\Partner folder moved successfully.

C:\Program Files\rkfree folder moved successfully.

C:\ProgramData\rkfree\maps folder moved successfully.

C:\ProgramData\rkfree\data\Cédric folder moved successfully.

C:\ProgramData\rkfree\data folder moved successfully.

C:\ProgramData\rkfree folder moved successfully.

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ProductReg deleted successfully.

========== SERVICES/DRIVERS ==========

Service Partner Service stopped successfully!

Service Partner Service deleted successfully!

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Cédric

->Temp folder emptied: 10016170 bytes

->Temporary Internet Files folder emptied: 36980180 bytes

->Java cache emptied: 1647046 bytes

->Flash cache emptied: 6153 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 75 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 269986 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 47,00 mb

 

 

OTM by OldTimer - Version 3.1.11.0 log created on 04272010_190259

 

Files moved on Reboot...

C:\Users\Cédric\AppData\Local\Temp\MessengerCache\+7uDijMiG22FC2FrsHfgT8Xwfjwhs= moved successfully.

C:\Users\Cédric\AppData\Local\Temp\MessengerCache\dE0t0oShxk8ESUtEA4fy2UCMPko= moved successfully.

C:\Users\Cédric\AppData\Local\Temp\MessengerCache\GDt22FH4NrUyWhef8KHqnkpeMyLc= moved successfully.

C:\Users\Cédric\AppData\Local\Temp\MessengerCache\N3xWiRHSesJmY9vSu4IsdNbzIqk= moved successfully.

C:\Users\Cédric\AppData\Local\Temp\MessengerCache\OgJbNIAUGnKRT2F3V3OSDkoTFq+A= moved successfully.

C:\Users\Cédric\AppData\Local\Temp\MessengerCache\UplZlYWcm5rKbilW2FzOAt2vPhbA= moved successfully.

C:\Users\Cédric\AppData\Local\Temp\MessengerCache\yAnh0hYrpt9UIDrHrO6TYOAit2FI= moved successfully.

C:\Users\Cédric\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QU7LCJ3J\hp[1].htm moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QU7LCJ3J\img[4].htm moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QU7LCJ3J\povh[1].htm moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IUK2FH8P\img[6].htm moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IUK2FH8P\rectangle_300x250[1].htm moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2PGGPIWL\ban_728x90[1].htm moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2PGGPIWL\iframe[1].htm moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2ODZJQIX\ads[3].htm moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2ODZJQIX\probleme-d-arret-beug-t176082[1].htm moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1U1ZRECQ\01[1].htm moved successfully.

C:\Users\Cédric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1U1ZRECQ\ADSAdClient31[1].txt moved successfully.

File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...