Infection Virus js fake warn-e (trj)

[keyronn]

Bonjour,

 

Hier, mon antivirus avast me dit que j'ai un virus du nom de: js fake warn-e (trj)qui m'a infécté. En fait il se présente sous la forme d'un antivirus à télécharger et s'installe dans les programmes. Il est localisé dans Users/.../Appdata/Local/Microsoft/temporary Internet files/...

 

J'ai fait une analyse avec hijackthis en mode sans échec.

 

J'aimerai savoir comment faire pour l'éliminer complétement.

 

Merci pour vos futures réponses.

[keyronn]

Il y a un truc bizarre qui s'est passé hier soir. J'ai allumé mon ordi pour voir comment c'etait et il était redevenu "normal". On ne m'annoncait plus que qu'il y avait un virus. J'ai essayé de faire 2-3 trucs mais tous marchait. Et ce matin je rallume l'ordinateur, tout avait l'air bien je peux faire tout ce que je veux mais l'antivirus m'annonce que j'ai 2 nouveau virus : win32 malware gen et un autre dont je ne sais plus le nom. Donc je ne sais pas trop quoi faire.J'aimerai vérifier en profondeur l'ordinateur pour nettoyer tous ca.

 

Merci de m'accorder votre aide.

 

edit: J'ai lu quelque sujets ici et j'ai updater explorer et remplacer avast par avira antivir, comme il est conseillé ici.

J'ai fait une analyse complète avec antivir et il me dit quil y a 2 fichier virale. Voila ce qui il y avait vers la fin

La recherche sur les fichiers sélectionnés commence :

 

Recherche débutant dans 'C:\' <HP>

C:\hiberfil.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

C:\pagefile.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

C:\Users\sacha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H6Y7K802\mediafix70700en02[1].exe

[RESULTAT] Contient le cheval de Troie TR/Crypt.CFI.Gen

[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ce78d8c.qua' !

C:\Users\sacha\AppData\Local\Temp\plugtmp-97\plugin-main_11403

[RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Infected.WebPage.Gen

[REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4cf88eae.qua' !

C:\Windows\System32\drivers\sptd.sys

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

C:\Windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

C:\Windows\winsxs\x86_microsoft-windows-themeui_31bf3856ad364e35_6.0.6000.16386_none_82c7d4771e961867\themeui.dll

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

C:\Windows\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.0.6000.16386_none_a3add8d809a48a3e\uxtheme.dll

[AVERTISSEMENT] Impossible d'ouvrir le fichier !

Modifié le 5 septembre 2010 par keyronn

[Thanos]

salut

 

Le fichier en question a été mis en quarantaine par Antivir, donc pas de souci!

 

Une vérification tout de même =>

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  
• Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit
  

[keyronn]

voilà ce que tu m'as demandé

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by sacha at 2010-09-10 17:18:10

Microsoft® Windows Vista™ Édition Familiale Premium

System drive C: has 46 GB (15%) free of 298 GB

Total RAM: 2046 MB (40% free)

 

HijackThis download failed

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Google Software Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\Norton Security Scan for sacha.job

C:\Windows\tasks\User_Feed_Synchronization-{473F17EE-6575-468D-BDEE-A5607DEEAC72}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]

Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-07-31 698880]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]

HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-02-10 329312]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]

Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-06-28 202144]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaze.dll [2009-12-31 2349080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-08-02 278192]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-08-02 814648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]

IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2010-07-28 109568]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

SearchSettings Class - C:\Program Files\Search Settings\kb128\SearchSettings.dll [2009-07-29 1153024]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdc465a-cf20-4b82-9a26-47c9dc52fa32}]

Eazel-IT Toolbar - C:\Program Files\Eazel-IT\tbEaze.dll [2009-07-02 2215960]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{ecdc465a-cf20-4b82-9a26-47c9dc52fa32} - Eazel-IT Toolbar - C:\Program Files\Eazel-IT\tbEaze.dll [2009-07-02 2215960]

{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-07-31 698880]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaze.dll [2009-12-31 2349080]

{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-08-02 278192]

{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-06-28 1615256]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-10-19 1006264]

"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]

"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]

"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]

"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]

"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176]

"SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-09-25 54672]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

""= []

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2009-07-29 1024512]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-02-10 198160]

"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2010-02-17 177472]

"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-17 767312]

"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-05-19 136544]

"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-08-20 1164584]

"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-10-12 1232896]

"CollaborationHost"=C:\Windows\system32\p2phost.exe [2006-11-02 191488]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-07 68856]

"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]

"Steam"=c:\program files\steam\steam.exe [2010-08-24 1242448]

"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

"mediafix70700en02.exe"=C:\Users\sacha\AppData\Roaming\48373AF7BFE4CA8140BB8C682DF69209\mediafix70700en02.exe []

"COM+ Manager"=C:\Users\sacha\.COMMgr\complmgr.exe [2010-09-03 526848]

"dhseilav"=C:\Users\sacha\AppData\Local\tqdndfsvj\vvmxovpshdw.exe []

"xbktndmk"=C:\Users\sacha\AppData\Local\rswldiuyr\vuasihsshdw.exe []

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

 

C:\Users\sacha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\sacha\AppData\Roaming\Dropbox\bin\Dropbox.exe

LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe

OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

.reg - open - "regedit.exe" "%1"

 

======List of files/folders created in the last 1 months======

 

2010-09-10 17:18:10 ----D---- C:\rsit

2010-09-10 17:18:10 ----D---- C:\Program Files\trend micro

2010-09-10 15:33:08 ----D---- C:\Program Files\Microsoft Visual Studio

2010-09-10 15:31:55 ----D---- C:\Program Files\Common Files\DESIGNER

2010-09-10 15:31:50 ----D---- C:\Program Files\Microsoft Works

2010-09-10 15:31:47 ----D---- C:\Program Files\Microsoft.NET

2010-09-10 15:31:47 ----D---- C:\Program Files\Microsoft Visual Studio 8

2010-09-09 19:14:30 ----D---- C:\ProgramData\Office Genuine Advantage

2010-09-06 17:27:58 ----A---- C:\Windows\system32\jscript.dll

2010-09-06 17:26:54 ----A---- C:\Windows\system32\vbscript.dll

2010-09-06 17:26:37 ----A---- C:\Windows\system32\mshtml.dll

2010-09-06 17:26:36 ----A---- C:\Windows\system32\ieframe.dll

2010-09-06 17:26:32 ----A---- C:\Windows\system32\iertutil.dll

2010-09-06 17:26:31 ----A---- C:\Windows\system32\wininet.dll

2010-09-06 17:26:31 ----A---- C:\Windows\system32\urlmon.dll

2010-09-06 17:26:30 ----A---- C:\Windows\system32\occache.dll

2010-09-06 17:26:30 ----A---- C:\Windows\system32\msfeeds.dll

2010-09-06 17:26:30 ----A---- C:\Windows\system32\iedkcs32.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\msfeedssync.exe

2010-09-06 17:26:28 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\jsproxy.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\ieUnatt.exe

2010-09-06 17:26:28 ----A---- C:\Windows\system32\ieui.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iesysprep.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iesetup.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iernonce.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iepeers.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\ie4uinit.exe

2010-09-05 13:51:22 ----A---- C:\Windows\system32\drivers\ssmdrv.sys

2010-09-05 13:51:20 ----A---- C:\Windows\system32\drivers\avipbb.sys

2010-09-05 13:50:08 ----D---- C:\ProgramData\Avira

2010-09-05 13:50:08 ----D---- C:\Program Files\Avira

2010-09-05 13:33:57 ----A---- C:\Windows\system32\mshtmled.dll

2010-09-05 13:33:57 ----A---- C:\Windows\system32\icardie.dll

2010-09-05 13:33:56 ----A---- C:\Windows\system32\mshtmler.dll

2010-09-05 13:33:56 ----A---- C:\Windows\system32\admparse.dll

2010-09-05 13:33:55 ----A---- C:\Windows\system32\msls31.dll

2010-09-05 13:33:55 ----A---- C:\Windows\system32\corpol.dll

2010-09-05 13:33:53 ----A---- C:\Windows\system32\imgutil.dll

2010-09-05 13:33:53 ----A---- C:\Windows\system32\ieakeng.dll

2010-09-05 13:33:53 ----A---- C:\Windows\system32\dxtmsft.dll

2010-09-05 13:33:52 ----A---- C:\Windows\system32\dxtrans.dll

2010-09-05 13:33:51 ----A---- C:\Windows\system32\licmgr10.dll

2010-09-05 13:33:51 ----A---- C:\Windows\system32\inseng.dll

2010-09-05 13:33:51 ----A---- C:\Windows\system32\ieaksie.dll

2010-09-05 13:33:50 ----A---- C:\Windows\system32\webcheck.dll

2010-09-05 13:33:50 ----A---- C:\Windows\system32\msrating.dll

2010-09-05 13:33:49 ----A---- C:\Windows\system32\WinFXDocObj.exe

2010-09-05 13:33:49 ----A---- C:\Windows\system32\wextract.exe

2010-09-05 13:33:49 ----A---- C:\Windows\system32\mstime.dll

2010-09-05 13:33:49 ----A---- C:\Windows\system32\ieakui.dll

2010-09-05 13:33:47 ----A---- C:\Windows\system32\pngfilt.dll

2010-09-05 13:33:47 ----A---- C:\Windows\system32\advpack.dll

2010-09-05 13:33:45 ----A---- C:\Windows\system32\ieapfltr.dll

2010-09-05 13:33:40 ----A---- C:\Windows\system32\url.dll

2010-09-05 13:33:34 ----A---- C:\Windows\system32\mshta.exe

2010-09-05 13:33:34 ----A---- C:\Windows\system32\iexpress.exe

2010-09-05 13:33:32 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2010-09-05 13:33:32 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2010-09-05 13:33:32 ----A---- C:\Windows\system32\PDMSetup.exe

2010-09-04 22:02:18 ----ASH---- C:\hiberfil.sys

2010-09-03 22:00:37 ----A---- C:\Windows\ntbtlog.txt

2010-09-03 19:09:54 ----RSH---- C:\Users\sacha\AppData\Roaming\ohydy.exe

2010-09-03 19:09:44 ----D---- C:\Users\sacha\AppData\Roaming\48373AF7BFE4CA8140BB8C682DF69209

2010-09-03 16:12:43 ----A---- C:\Windows\{682E39A0-0576-4422-8328-3B7E56346653}_WiseFW.ini

2010-09-03 16:09:47 ----D---- C:\Windows\B4009EBB0818454FA6E8BBAAAEEF89E6.TMP

2010-09-02 19:22:50 ----D---- C:\Users\sacha\AppData\Roaming\TI-Nspire

2010-09-02 19:16:15 ----D---- C:\Users\sacha\AppData\Roaming\Texas Instruments

2010-09-02 19:14:29 ----D---- C:\ProgramData\SafeNet Sentinel

2010-09-02 19:13:11 ----D---- C:\Program Files\TI Education

2010-09-02 19:06:51 ----D---- C:\ProgramData\TI-Nspire CAS

2010-09-02 19:06:43 ----D---- C:\Program Files\Common Files\TI Shared

2010-09-02 19:05:23 ----A---- C:\Windows\{AC59B86B-4E39-47C8-B79A-3EC33B86FB47}_WiseFW.ini

2010-09-02 16:51:48 ----D---- C:\ProgramData\FLEXnet

2010-09-02 16:31:19 ----D---- C:\Program Files\Common Files\Macrovision Shared

2010-08-24 15:32:28 ----D---- C:\Users\sacha\AppData\Roaming\Dropbox

2010-08-24 15:17:53 ----A---- C:\Windows\system32\CNC640L.dll

2010-08-24 15:17:53 ----A---- C:\Windows\system32\CNC640I.dll

2010-08-24 15:17:52 ----A---- C:\Windows\system32\CNHMCA.dll

2010-08-24 15:17:52 ----A---- C:\Windows\system32\CNC640U.dll

2010-08-24 15:17:52 ----A---- C:\Windows\system32\CNC640C.dll

2010-08-24 15:15:35 ----D---- C:\Program Files\Common Files\CANON

2010-08-24 15:14:49 ----HD---- C:\ProgramData\CanonBJ

2010-08-24 15:13:40 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information

2010-08-24 15:11:21 ----A---- C:\Windows\system32\CNMLMA2.DLL

2010-08-24 15:11:15 ----A---- C:\Windows\system32\CNMIUA2.DLL

2010-08-24 15:11:09 ----HD---- C:\Program Files\CanonBJ

2010-08-24 15:11:03 ----D---- C:\Windows\system32\STRING

2010-08-24 15:11:03 ----D---- C:\Windows\system32\CHM

2010-08-24 15:11:03 ----A---- C:\Windows\system32\CNMNPUI.DLL

2010-08-24 15:11:03 ----A---- C:\Windows\system32\CNMNPPM.DLL

2010-08-24 15:10:29 ----D---- C:\Program Files\Canon

2010-08-19 01:56:09 ----D---- C:\Users\sacha\AppData\Roaming\inkscape

2010-08-19 01:40:10 ----D---- C:\Program Files\Inkscape

2010-08-18 20:06:31 ----D---- C:\Users\sacha\AppData\Roaming\gtk-2.0

 

======List of files/folders modified in the last 1 months======

 

2010-09-10 17:18:11 ----D---- C:\Windows\Prefetch

2010-09-10 17:18:10 ----RD---- C:\Program Files

2010-09-10 17:18:10 ----D---- C:\Windows\Temp

2010-09-10 15:56:37 ----SHD---- C:\System Volume Information

2010-09-10 15:42:05 ----SHD---- C:\Windows\Installer

2010-09-10 15:42:04 ----HD---- C:\Config.Msi

2010-09-10 15:42:04 ----D---- C:\ProgramData\Microsoft Help

2010-09-10 15:37:56 ----RSD---- C:\Windows\assembly

2010-09-10 15:37:24 ----D---- C:\Windows\ShellNew

2010-09-10 15:37:04 ----A---- C:\Windows\win.ini

2010-09-10 15:37:01 ----D---- C:\Program Files\Microsoft Office

2010-09-10 15:35:45 ----D---- C:\Windows\System32

2010-09-10 15:35:42 ----D---- C:\Program Files\Common Files\microsoft shared

2010-09-10 15:33:18 ----RSD---- C:\Windows\Fonts

2010-09-10 15:33:08 ----D---- C:\Program Files\MSBuild

2010-09-10 15:31:55 ----D---- C:\Program Files\Common Files

2010-09-10 15:31:47 ----SD---- C:\ProgramData\Microsoft

2010-09-10 15:28:45 ----D---- C:\Program Files\Steam

2010-09-10 15:28:12 ----D---- C:\Users\sacha\AppData\Roaming\LimeWire

2010-09-10 15:11:53 ----D---- C:\Program Files\Mozilla Firefox

2010-09-09 19:14:30 ----HD---- C:\ProgramData

2010-09-09 18:56:09 ----D---- C:\Windows\system32\zh-TW

2010-09-09 18:56:09 ----D---- C:\Windows\system32\zh-HK

2010-09-09 18:56:09 ----D---- C:\Windows\system32\tr-TR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\sv-SE

2010-09-09 18:56:09 ----D---- C:\Windows\system32\pt-BR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\nl-NL

2010-09-09 18:56:09 ----D---- C:\Windows\system32\nb-NO

2010-09-09 18:56:09 ----D---- C:\Windows\system32\ko-KR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\it-IT

2010-09-09 18:56:09 ----D---- C:\Windows\system32\he-IL

2010-09-09 18:56:09 ----D---- C:\Windows\system32\fr-FR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\fi-FI

2010-09-09 18:56:09 ----D---- C:\Windows\system32\es-ES

2010-09-09 18:56:09 ----D---- C:\Windows\system32\en-US

2010-09-09 18:56:09 ----D---- C:\Windows\system32\el-GR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\de-DE

2010-09-09 18:56:09 ----D---- C:\Windows\system32\da-DK

2010-09-09 18:56:09 ----D---- C:\Windows\system32\ar-SA

2010-09-09 18:52:05 ----D---- C:\Program Files\Microsoft

2010-09-08 18:39:45 ----D---- C:\Program Files\Common Files\Steam

2010-09-07 17:48:46 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-09-07 16:14:26 ----D---- C:\Windows\system32\migration

2010-09-07 16:14:25 ----D---- C:\Program Files\Internet Explorer

2010-09-06 22:02:02 ----D---- C:\Windows\winsxs

2010-09-06 17:25:44 ----D---- C:\Windows\system32\catroot2

2010-09-06 17:25:44 ----D---- C:\Windows\system32\catroot

2010-09-05 13:51:22 ----D---- C:\Windows\system32\drivers

2010-09-05 13:47:33 ----D---- C:\Windows\system32\Tasks

2010-09-05 13:47:32 ----D---- C:\Windows\Tasks

2010-09-05 13:43:57 ----D---- C:\Windows\PolicyDefinitions

2010-09-05 13:38:37 ----D---- C:\Windows

2010-09-05 11:42:17 ----SD---- C:\Users\sacha\AppData\Roaming\Microsoft

2010-09-03 19:38:12 ----D---- C:\Windows\system32\WDI

2010-09-03 16:10:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2010-09-03 15:17:26 ----D---- C:\Users\sacha\AppData\Roaming\Adobe

2010-09-02 19:37:19 ----D---- C:\Windows\inf

2010-09-02 16:50:45 ----D---- C:\Windows\system32\drivers\etc

2010-09-02 16:40:59 ----D---- C:\Program Files\Adobe

2010-09-02 16:40:45 ----D---- C:\ProgramData\Adobe

2010-09-02 16:39:27 ----D---- C:\Program Files\Common Files\Adobe

2010-08-28 11:56:40 ----D---- C:\ProgramData\DivX

2010-08-28 11:56:40 ----D---- C:\Program Files\DivX

2010-08-28 11:55:46 ----D---- C:\Program Files\Common Files\PX Storage Engine

2010-08-24 15:17:57 ----D---- C:\Windows\twain_32

2010-08-24 15:17:54 ----RSD---- C:\Windows\Media

2010-08-17 12:38:40 ----D---- C:\Program Files\Common Files\Roxio Shared

2010-08-17 12:14:16 ----D---- C:\Program Files\Roxio

2010-08-17 11:49:32 ----D---- C:\Program Files\VstPlugins

2010-08-17 11:47:41 ----D---- C:\Program Files\Dofus

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2007-10-26 110624]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-06-10 45648]

R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-11 691696]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-08-14 3076608]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]

R3 BCM43XX;Linksys Wireless-G PCI Network Adapter Driver; C:\Windows\system32\DRIVERS\WMP54GSx86.sys [2007-03-12 534016]

R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]

R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]

R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-11 1793880]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-03 1065384]

R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]

R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]

S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]

S3 aivmcnov;aivmcnov; C:\Windows\system32\drivers\aivmcnov.sys []

S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys []

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]

S3 USBTINSP;TI-Nspire Handheld or TI Network Bridge Device Driver; C:\Windows\system32\DRIVERS\tinspusb.sys [2010-07-07 122752]

S3 xnacc;Contrôleur XBOX 360 pour le service de pilote Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2006-11-02 514560]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-08-13 610304]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440]

R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]

R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-09-08 407336]

S2 astcc;AST Service; C:\Windows\SYSTEM32\astsrv.exe []

S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-22 135664]

S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-11 194032]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-02 655624]

S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

 

-----------------EOF-----------------

 

 

 

 

 

 

info.txt logfile of random's system information tool 1.08 2010-09-10 17:18:15

 

======Uninstall list======

 

-->MsiExec /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}

32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}

7-Zip 9.07 beta-->"C:\Program Files\7-Zip\Uninstall.exe"

ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}

Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}

Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}

Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}

Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}

Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}

Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}

Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}

Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}

Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}

Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}

Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}

Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}

Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}

Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}

Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin

Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}

Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}

Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}

Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}

Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}

Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1

Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}

Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}

Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}

Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}

Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}

Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}

Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}

Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}

Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}

AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}

AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}

Apple Application Support-->MsiExec.exe /I{B2D328BE-45AD-4D92-96F9-2151490A203E}

Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe

Assistant de connexion Windows Live ID-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}

Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}

Canon Easy-WebPrint EX-->"C:\Program Files\Canon\Easy-WebPrint EX\Maint.exe" /UninstallRemove C:\Program Files\Canon\Easy-WebPrint EX\uninst.ini

Canon IJ Network Scan Utility-->"C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSU.exe" /UninstallRemove C:\Program Files\Canon\Canon IJ Network Scan Utility\uninst.ini

Canon IJ Network Tool-->C:\Program Files\Canon\Canon IJ Network Tool\CNMNUU.exe

Canon MP640 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series

Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini uinstrsc.dll

ccc-Branding-->MsiExec.exe /I{4F027497-15AE-4DE5-B3BC-8E721C6127DE}

CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application

Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe

Configuration DivX-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com

Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}

Connectivity Library and TI-Nspire™ handheld drivers-->MsiExec.exe /I{AC59B86B-4E39-47C8-B79A-3EC33B86FB47}

Cool Edit Pro 2.0-->C:\Program Files\coolpro2\cep2unin.exe

Dealio Toolbar v4.0.1-->MsiExec.exe /X{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}

Eazel-FR Toolbar-->C:\PROGRA~1\Eazel-FR\UNWISE.EXE /U C:\PROGRA~1\Eazel-FR\INSTALL.LOG

Eazel-IT Toolbar-->C:\PROGRA~1\Eazel-IT\UNWISE.EXE /U C:\PROGRA~1\Eazel-IT\INSTALL.LOG

Enregistrement utilisateur de Canon MP640 series-->C:\Program Files\Canon\IJEREG\MP640 series\UNINST.EXE

Free Video Converter V 2.1-->"C:\Program Files\Free Video Converter\unins000.exe"

Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}

Google Toolbar for Firefox-->C:\ProgramData\Google\Toolbar for Firefox\Firefox_Toolbar_Uninstaller.exe

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}

HijackThis 2.0.2-->"C:\Users\sacha\Downloads\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

HP Active Support Library 32 bit components-->MsiExec.exe /I{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}

HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}\setup.exe -runfromtemp -l0x0409

HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly

HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}

HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{706BB40A-4102-4c89-8107-DC68C4EBD19B}\setup\hpzscr01.exe -datfile hposcr14.dat

HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly

HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat

HP OCR Software 9.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat

HP On-Screen Cap/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe

HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat

HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}

HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}

HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat

HP Total Care Advisor-->MsiExec.exe /X{0DDA7620-4F8B-43B3-8828-CA5EE292FA3B}

HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}

HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}

IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe

Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}

iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}

Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}

Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}

kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}

LimeWire 5.3.6-->"C:\Program Files\LimeWire\uninstall.exe"

Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe

Mega Manager-->"C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe" -runfromtemp -l0x0409 -removeonly

Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"

Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}

Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}

Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}

Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}

Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Search Enhancement Pack-->MsiExec.exe /X{06E6E30D-B498-442F-A943-07DE41D7F785}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}

Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

MobileMe Control Panel-->MsiExec.exe /I{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03}

Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe

Mozilla Firefox (3.5.12)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

muvee autoProducer 6.0-->C:\Program Files\InstallShield Installation Information\{14AF024E-2E3B-49D0-A175-D1C1A06B155A}\setup.exe -runfromtemp -l0x040c -removeonly

neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

Norton Security Scan-->C:\Program Files\Norton Security Scan\Engine\2.7.3.34\InstWrap.exe

NVIDIA PhysX-->MsiExec.exe /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}

OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}

OpenOffice.org 2.3-->MsiExec.exe /I{B087B0C3-F595-485A-B86B-73326BA8693A}

Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall

Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Outils de diagnostic du matériel-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe

PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}

PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"

Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}

PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe

Python 2.5-->MsiExec.exe /I{0A2C5854-557E-48C8-835A-3B9F074BDCAA}

QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}

RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly

RomStation-->C:\Users\sacha\Desktop\PS1\Romstation\Uninstal.exe

Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}

Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}

Search Settings 1.2.2-->MsiExec.exe /X{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}

Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}

Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}

Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}

Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}

Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}

Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}

Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}

Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}

Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}

Skype 3.1-->"C:\Program Files\Skype\Phone\unins000.exe"

Skype Plugin Manager-->MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}

Solution de clavier multimédia amélioré-->C:\HP\KBD\Install.exe /u

Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}

TI-Diagnostics Tool-->MsiExec.exe /X{B4009EBB-0818-454F-A6E8-BBAAAEEF89E6}

TI-Nspire CAS Student Software-->MsiExec.exe /I{682E39A0-0576-4422-8328-3B7E56346653}

Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe

TrackMania Nations Forever-->"C:\Program Files\Steam\steam.exe" steam://uninstall/11020

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}

VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}

VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}

Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}

Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}

Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}

Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}

Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}

Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}

Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}

 

======Hosts File======

 

127.0.0.1 activate.adobe.com

 

======Security center information======

 

AV: Avira AntiVir PersonalEdition Classic (outdated)

AS: AntiVir Desktop (outdated)

AS: Windows Defender

 

======System event log======

 

Computer Name: PC-DE-SACHA

Event Code: 1003

Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 001D7E064E09. Il s'est produit l'erreur suivante :

L'opération a été annulée par l'utilisateur.. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP).

Record Number: 161995

Source Name: Microsoft-Windows-Dhcp-Client

Time Written: 20100910132541.000000-000

Event Type: Avertissement

User:

 

Computer Name: PC-DE-SACHA

Event Code: 1003

Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 001D7E064E09. Il s'est produit l'erreur suivante :

L'opération a été annulée par l'utilisateur.. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP).

Record Number: 161996

Source Name: Microsoft-Windows-Dhcp-Client

Time Written: 20100910132546.000000-000

Event Type: Avertissement

User:

 

Computer Name: PC-DE-SACHA

Event Code: 1003

Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 001D7E064E09. Il s'est produit l'erreur suivante :

L'opération a été annulée par l'utilisateur.. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP).

Record Number: 161997

Source Name: Microsoft-Windows-Dhcp-Client

Time Written: 20100910132550.000000-000

Event Type: Avertissement

User:

 

Computer Name: PC-DE-SACHA

Event Code: 1003

Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 001D7E064E09. Il s'est produit l'erreur suivante :

L'opération a été annulée par l'utilisateur.. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP).

Record Number: 161998

Source Name: Microsoft-Windows-Dhcp-Client

Time Written: 20100910132555.000000-000

Event Type: Avertissement

User:

 

Computer Name: PC-DE-SACHA

Event Code: 1003

Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 001D7E064E09. Il s'est produit l'erreur suivante :

L'opération a été annulée par l'utilisateur.. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP).

Record Number: 161999

Source Name: Microsoft-Windows-Dhcp-Client

Time Written: 20100910132600.000000-000

Event Type: Avertissement

User:

 

=====Application event log=====

 

Computer Name: PC-de-sacha

Event Code: 11

Message: Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé.

.

Record Number: 35710

Source Name: Microsoft-Windows-CAPI2

Time Written: 20100910132714.000000-000

Event Type: Erreur

User:

 

Computer Name: PC-de-sacha

Event Code: 8194

Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur.

 

Opération :

Données du rédacteur en cours de collecte

 

Contexte :

ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220}

Nom du rédacteur: System Writer

ID d’instance du rédacteur: {64cb55d8-e95e-4059-9917-6cde8338faf4}

Record Number: 35717

Source Name: VSS

Time Written: 20100910132957.000000-000

Event Type: Erreur

User:

 

Computer Name: PC-de-sacha

Event Code: 11704

Message: Produit : Microsoft Office Shared MUI (French) 2007 -- Erreur 1704. L'installation de Microsoft Office Professional Plus 2007 est interrompue. Vous devez annuler les modifications apportées par cette installation pour continuer. Voulez-vous annuler les modifications ?

Record Number: 35719

Source Name: MsiInstaller

Time Written: 20100910133050.000000-000

Event Type: Erreur

User: PC-de-sacha\sacha

 

Computer Name: PC-de-sacha

Event Code: 63

Message: Le fournisseur OffProv12 a été inscrit dans l’espace de noms Windows Management Instrumentation Root\MSAPPS12, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur.

Record Number: 35759

Source Name: Microsoft-Windows-WMI

Time Written: 20100910134201.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

 

Computer Name: PC-de-sacha

Event Code: 63

Message: Le fournisseur OffProv12 a été inscrit dans l’espace de noms Windows Management Instrumentation Root\MSAPPS12, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur.

Record Number: 35760

Source Name: Microsoft-Windows-WMI

Time Written: 20100910134201.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

 

=====Security event log=====

 

Computer Name: PC-de-sacha

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

 

Code d’erreur : 2

Record Number: 25904

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100425112656.183753-000

Event Type: Échec de l'audit

User:

 

Computer Name: PC-de-sacha

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

 

Code d’erreur : 2

Record Number: 25905

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100425112656.183753-000

Event Type: Échec de l'audit

User:

 

Computer Name: PC-de-sacha

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

 

Code d’erreur : 2

Record Number: 25906

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100425112656.183753-000

Event Type: Échec de l'audit

User:

 

Computer Name: PC-de-sacha

Event Code: 4904

Message: Une tentative d’inscription de la source d’un événement de sécurité a été effectuée.

 

Sujet :

ID de sécurité : S-1-5-18

Nom du compte : PC-DE-SACHA$

Domaine du compte : WORKGROUP

ID d’ouverture de session : 0x3e7

 

Processus :

ID du processus : 0x6dc

Nom du processus : C:\Windows\System32\VSSVC.exe

 

Source de l’événement :

Nom de la source : VSSAudit

ID de la source de l’événement : 0x6b681f

Record Number: 25907

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100425115547.395753-000

Event Type: Succès de l'audit

User:

 

Computer Name: PC-de-sacha

Event Code: 4905

Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée.

 

Sujet :

ID de sécurité : S-1-5-18

Nom du compte : PC-DE-SACHA$

Domaine du compte : WORKGROUP

ID d’ouverture de session : 0x3e7

 

Processus :

ID du processus : 0x6dc

Nom du processus : C:\Windows\System32\VSSVC.exe

 

Source de l’événement :

Nom de la source : VSSAudit

ID de la source de l’événement : 0x6b681f

Record Number: 25908

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100425115547.395753-000

Event Type: Succès de l'audit

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;c:\Program Files\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD

"PROCESSOR_REVISION"=6b01

"NUMBER_OF_PROCESSORS"=2

"PLATFORM"=HPD

"PCBRAND"=Pavilion

"OnlineServices"=Services en ligne

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

 

-----------------EOF-----------------

 

 

je te laisse le temps qu'il te faudra pour analyser çà.

Merci

[Thanos]

Ok le pc est toujours infecté: procède ainsi stp =>

 

1°) Un petit scan supplémentaire avec un programme que tu vas pouvoir conserver: si tu le possède déjà, passe l'étape de l'installation et va directement à la mise à jour >>

 

Télécharge Malwarebytes' Anti-Malware (MBAM)

 

Branche tous les supports amovibles que tu possèdes avant de faire ce scan (clé usb/disque dur externe etc)

• Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  
• Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  
  
• Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  
• Sélectionne "Exécuter un examen complêt"
  
• Clique sur "Rechercher"
  
• L'analyse démarre, le scan est relativement long, c'est normal.
  
• A la fin de l'analyse, un message s'affiche :

  L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  
• Ferme tes navigateurs.
  
• Si des malwares ont été détectés, clique sur Afficher les résultats.
  Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  
• MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.
  

 

2°) Relance RSIT et poste le rapport qui sera généré.

[keyronn]

Voilà les rapports demandé :

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4591

 

Windows 6.0.6000

Internet Explorer 8.0.6001.18882

 

11.09.2010 13:49:52

mbam-log-2010-09-11 (13-49-52).txt

 

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|N:\|)

Elément(s) analysé(s): 276382

Temps écoulé: 1 heure(s), 11 minute(s), 31 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 25

Valeur(s) du Registre infectée(s): 8

Elément(s) de données du Registre infecté(s): 1

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 16

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\ROUA3O12PW (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\wnxmal (Rogue.SecuritySuite) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\com+ manager (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Worm.Palevo) -> Delete on reboot.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dhseilav (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xbktndmk (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mediafix70700en02.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Worm.Palevo) -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

C:\Program Files\Dealio Toolbar\WidgiHelper.exe (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

C:\Program Files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

C:\Users\sacha\AppData\Local\My Web Search Installer.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\sacha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5S0C9LS5\cgbvd[2].htm (Rogue.SecuritySuite) -> Quarantined and deleted successfully.

C:\Users\sacha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LAA421O7\cgbvd[1].htm (Rogue.SecuritySuite) -> Quarantined and deleted successfully.

C:\Users\sacha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TVP4SE6X\47[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\sacha\AppData\Local\Temp\mkcxhunr.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully.

C:\Users\sacha\AppData\Local\Temp\7636880.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\sacha\AppData\Local\Temp\26D4.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\Users\sacha\AppData\Local\VirtualStore\Windows\System32\typu.qgo (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\Users\sacha\AppData\LocalLow\MyWebSearch\bar\setups\My Web Search Installer.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\sacha\Desktop\cracked\photoshop\photoshop keygen + hosts\Keygen PS CS4.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.

C:\Users\sacha\Downloads\IWONSetup2.3.67.1.ZLfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\sacha\AppData\Roaming\ohydy.exe (Worm.Palevo) -> Delete on reboot.

C:\Users\sacha\.COMMgr\complmgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.

 

 

 

 

 

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by sacha at 2010-09-11 14:02:09

Microsoft® Windows Vista™ Édition Familiale Premium

System drive C: has 87 GB (29%) free of 298 GB

Total RAM: 2046 MB (49% free)

 

HijackThis download failed

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Google Software Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\Norton Security Scan for sacha.job

C:\Windows\tasks\User_Feed_Synchronization-{473F17EE-6575-468D-BDEE-A5607DEEAC72}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]

HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-02-10 329312]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]

Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-06-28 202144]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe}]

Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaze.dll [2009-12-31 2349080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-08-02 278192]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-08-02 814648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]

IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2010-07-28 109568]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

SearchSettings Class - C:\Program Files\Search Settings\kb128\SearchSettings.dll [2009-07-29 1153024]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdc465a-cf20-4b82-9a26-47c9dc52fa32}]

Eazel-IT Toolbar - C:\Program Files\Eazel-IT\tbEaze.dll [2009-07-02 2215960]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{ecdc465a-cf20-4b82-9a26-47c9dc52fa32} - Eazel-IT Toolbar - C:\Program Files\Eazel-IT\tbEaze.dll [2009-07-02 2215960]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{a8f9752d-e2b8-4e7a-86b5-499f4330e2fe} - Eazel-FR Toolbar - C:\Program Files\Eazel-FR\tbEaze.dll [2009-12-31 2349080]

{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-08-02 278192]

{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-06-28 1615256]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-10-19 1006264]

"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]

"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]

"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]

"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]

"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176]

"SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-09-25 54672]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

""= []

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2009-07-29 1024512]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-02-10 198160]

"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2010-02-17 177472]

"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-17 767312]

"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-05-19 136544]

"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-08-20 1164584]

"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-10-12 1232896]

"CollaborationHost"=C:\Windows\system32\p2phost.exe [2006-11-02 191488]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-07 68856]

"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]

"Steam"=c:\program files\steam\steam.exe [2010-08-24 1242448]

"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

 

C:\Users\sacha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\sacha\AppData\Roaming\Dropbox\bin\Dropbox.exe

LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe

OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2010-09-11 01:43:55 ----D---- C:\Users\sacha\AppData\Roaming\Malwarebytes

2010-09-11 01:43:43 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys

2010-09-11 01:43:41 ----D---- C:\ProgramData\Malwarebytes

2010-09-11 01:43:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-09-11 01:43:41 ----A---- C:\Windows\system32\drivers\mbam.sys

2010-09-10 21:53:18 ----D---- C:\Program Files\RomStation

2010-09-10 17:18:10 ----D---- C:\rsit

2010-09-10 17:18:10 ----D---- C:\Program Files\trend micro

2010-09-10 15:33:08 ----D---- C:\Program Files\Microsoft Visual Studio

2010-09-10 15:31:55 ----D---- C:\Program Files\Common Files\DESIGNER

2010-09-10 15:31:50 ----D---- C:\Program Files\Microsoft Works

2010-09-10 15:31:47 ----D---- C:\Program Files\Microsoft.NET

2010-09-10 15:31:47 ----D---- C:\Program Files\Microsoft Visual Studio 8

2010-09-09 19:14:30 ----D---- C:\ProgramData\Office Genuine Advantage

2010-09-06 17:27:58 ----A---- C:\Windows\system32\jscript.dll

2010-09-06 17:26:54 ----A---- C:\Windows\system32\vbscript.dll

2010-09-06 17:26:37 ----A---- C:\Windows\system32\mshtml.dll

2010-09-06 17:26:36 ----A---- C:\Windows\system32\ieframe.dll

2010-09-06 17:26:32 ----A---- C:\Windows\system32\iertutil.dll

2010-09-06 17:26:31 ----A---- C:\Windows\system32\wininet.dll

2010-09-06 17:26:31 ----A---- C:\Windows\system32\urlmon.dll

2010-09-06 17:26:30 ----A---- C:\Windows\system32\occache.dll

2010-09-06 17:26:30 ----A---- C:\Windows\system32\msfeeds.dll

2010-09-06 17:26:30 ----A---- C:\Windows\system32\iedkcs32.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\msfeedssync.exe

2010-09-06 17:26:28 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\jsproxy.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\ieUnatt.exe

2010-09-06 17:26:28 ----A---- C:\Windows\system32\ieui.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iesysprep.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iesetup.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iernonce.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iepeers.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\ie4uinit.exe

2010-09-05 13:51:22 ----A---- C:\Windows\system32\drivers\ssmdrv.sys

2010-09-05 13:51:20 ----A---- C:\Windows\system32\drivers\avipbb.sys

2010-09-05 13:50:08 ----D---- C:\ProgramData\Avira

2010-09-05 13:50:08 ----D---- C:\Program Files\Avira

2010-09-05 13:33:57 ----A---- C:\Windows\system32\mshtmled.dll

2010-09-05 13:33:57 ----A---- C:\Windows\system32\icardie.dll

2010-09-05 13:33:56 ----A---- C:\Windows\system32\mshtmler.dll

2010-09-05 13:33:56 ----A---- C:\Windows\system32\admparse.dll

2010-09-05 13:33:55 ----A---- C:\Windows\system32\msls31.dll

2010-09-05 13:33:55 ----A---- C:\Windows\system32\corpol.dll

2010-09-05 13:33:53 ----A---- C:\Windows\system32\imgutil.dll

2010-09-05 13:33:53 ----A---- C:\Windows\system32\ieakeng.dll

2010-09-05 13:33:53 ----A---- C:\Windows\system32\dxtmsft.dll

2010-09-05 13:33:52 ----A---- C:\Windows\system32\dxtrans.dll

2010-09-05 13:33:51 ----A---- C:\Windows\system32\licmgr10.dll

2010-09-05 13:33:51 ----A---- C:\Windows\system32\inseng.dll

2010-09-05 13:33:51 ----A---- C:\Windows\system32\ieaksie.dll

2010-09-05 13:33:50 ----A---- C:\Windows\system32\webcheck.dll

2010-09-05 13:33:50 ----A---- C:\Windows\system32\msrating.dll

2010-09-05 13:33:49 ----A---- C:\Windows\system32\WinFXDocObj.exe

2010-09-05 13:33:49 ----A---- C:\Windows\system32\wextract.exe

2010-09-05 13:33:49 ----A---- C:\Windows\system32\mstime.dll

2010-09-05 13:33:49 ----A---- C:\Windows\system32\ieakui.dll

2010-09-05 13:33:47 ----A---- C:\Windows\system32\pngfilt.dll

2010-09-05 13:33:47 ----A---- C:\Windows\system32\advpack.dll

2010-09-05 13:33:45 ----A---- C:\Windows\system32\ieapfltr.dll

2010-09-05 13:33:40 ----A---- C:\Windows\system32\url.dll

2010-09-05 13:33:34 ----A---- C:\Windows\system32\mshta.exe

2010-09-05 13:33:34 ----A---- C:\Windows\system32\iexpress.exe

2010-09-05 13:33:32 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2010-09-05 13:33:32 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2010-09-05 13:33:32 ----A---- C:\Windows\system32\PDMSetup.exe

2010-09-04 22:02:18 ----ASH---- C:\hiberfil.sys

2010-09-03 22:00:37 ----A---- C:\Windows\ntbtlog.txt

2010-09-03 19:09:44 ----D---- C:\Users\sacha\AppData\Roaming\48373AF7BFE4CA8140BB8C682DF69209

2010-09-03 16:12:43 ----A---- C:\Windows\{682E39A0-0576-4422-8328-3B7E56346653}_WiseFW.ini

2010-09-03 16:09:47 ----D---- C:\Windows\B4009EBB0818454FA6E8BBAAAEEF89E6.TMP

2010-09-02 19:22:50 ----D---- C:\Users\sacha\AppData\Roaming\TI-Nspire

2010-09-02 19:16:15 ----D---- C:\Users\sacha\AppData\Roaming\Texas Instruments

2010-09-02 19:14:29 ----D---- C:\ProgramData\SafeNet Sentinel

2010-09-02 19:13:11 ----D---- C:\Program Files\TI Education

2010-09-02 19:06:51 ----D---- C:\ProgramData\TI-Nspire CAS

2010-09-02 19:06:43 ----D---- C:\Program Files\Common Files\TI Shared

2010-09-02 19:05:23 ----A---- C:\Windows\{AC59B86B-4E39-47C8-B79A-3EC33B86FB47}_WiseFW.ini

2010-09-02 16:51:48 ----D---- C:\ProgramData\FLEXnet

2010-09-02 16:31:19 ----D---- C:\Program Files\Common Files\Macrovision Shared

2010-08-24 15:32:28 ----D---- C:\Users\sacha\AppData\Roaming\Dropbox

2010-08-24 15:17:53 ----A---- C:\Windows\system32\CNC640L.dll

2010-08-24 15:17:53 ----A---- C:\Windows\system32\CNC640I.dll

2010-08-24 15:17:52 ----A---- C:\Windows\system32\CNHMCA.dll

2010-08-24 15:17:52 ----A---- C:\Windows\system32\CNC640U.dll

2010-08-24 15:17:52 ----A---- C:\Windows\system32\CNC640C.dll

2010-08-24 15:15:35 ----D---- C:\Program Files\Common Files\CANON

2010-08-24 15:14:49 ----HD---- C:\ProgramData\CanonBJ

2010-08-24 15:13:40 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information

2010-08-24 15:11:21 ----A---- C:\Windows\system32\CNMLMA2.DLL

2010-08-24 15:11:15 ----A---- C:\Windows\system32\CNMIUA2.DLL

2010-08-24 15:11:09 ----HD---- C:\Program Files\CanonBJ

2010-08-24 15:11:03 ----D---- C:\Windows\system32\STRING

2010-08-24 15:11:03 ----D---- C:\Windows\system32\CHM

2010-08-24 15:11:03 ----A---- C:\Windows\system32\CNMNPUI.DLL

2010-08-24 15:11:03 ----A---- C:\Windows\system32\CNMNPPM.DLL

2010-08-24 15:10:29 ----D---- C:\Program Files\Canon

2010-08-19 01:56:09 ----D---- C:\Users\sacha\AppData\Roaming\inkscape

2010-08-19 01:40:10 ----D---- C:\Program Files\Inkscape

2010-08-18 20:06:31 ----D---- C:\Users\sacha\AppData\Roaming\gtk-2.0

 

======List of files/folders modified in the last 1 months======

 

2010-09-11 14:02:11 ----D---- C:\Windows\Prefetch

2010-09-11 14:02:05 ----D---- C:\Windows\Temp

2010-09-11 13:57:56 ----D---- C:\Program Files\Steam

2010-09-11 13:57:19 ----D---- C:\Users\sacha\AppData\Roaming\LimeWire

2010-09-11 13:55:43 ----D---- C:\Windows\system32\drivers

2010-09-11 13:55:43 ----D---- C:\Windows\ehome

2010-09-11 13:49:52 ----D---- C:\Program Files\Dealio Toolbar

2010-09-11 12:35:12 ----D---- C:\Program Files\Microsoft Silverlight

2010-09-11 11:28:47 ----SHD---- C:\Windows\Installer

2010-09-11 11:28:46 ----HD---- C:\Config.Msi

2010-09-11 11:27:29 ----SHD---- C:\System Volume Information

2010-09-11 01:43:41 ----RD---- C:\Program Files

2010-09-11 01:43:41 ----HD---- C:\ProgramData

2010-09-11 01:43:02 ----D---- C:\Windows\System32

2010-09-11 01:43:02 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-09-10 15:42:04 ----D---- C:\ProgramData\Microsoft Help

2010-09-10 15:37:56 ----RSD---- C:\Windows\assembly

2010-09-10 15:37:24 ----D---- C:\Windows\ShellNew

2010-09-10 15:37:04 ----A---- C:\Windows\win.ini

2010-09-10 15:37:01 ----D---- C:\Program Files\Microsoft Office

2010-09-10 15:35:42 ----D---- C:\Program Files\Common Files\microsoft shared

2010-09-10 15:33:18 ----RSD---- C:\Windows\Fonts

2010-09-10 15:33:08 ----D---- C:\Program Files\MSBuild

2010-09-10 15:31:55 ----D---- C:\Program Files\Common Files

2010-09-10 15:31:47 ----SD---- C:\ProgramData\Microsoft

2010-09-10 15:11:53 ----D---- C:\Program Files\Mozilla Firefox

2010-09-09 18:56:09 ----D---- C:\Windows\system32\zh-TW

2010-09-09 18:56:09 ----D---- C:\Windows\system32\zh-HK

2010-09-09 18:56:09 ----D---- C:\Windows\system32\tr-TR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\sv-SE

2010-09-09 18:56:09 ----D---- C:\Windows\system32\pt-BR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\nl-NL

2010-09-09 18:56:09 ----D---- C:\Windows\system32\nb-NO

2010-09-09 18:56:09 ----D---- C:\Windows\system32\ko-KR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\it-IT

2010-09-09 18:56:09 ----D---- C:\Windows\system32\he-IL

2010-09-09 18:56:09 ----D---- C:\Windows\system32\fr-FR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\fi-FI

2010-09-09 18:56:09 ----D---- C:\Windows\system32\es-ES

2010-09-09 18:56:09 ----D---- C:\Windows\system32\en-US

2010-09-09 18:56:09 ----D---- C:\Windows\system32\el-GR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\de-DE

2010-09-09 18:56:09 ----D---- C:\Windows\system32\da-DK

2010-09-09 18:56:09 ----D---- C:\Windows\system32\ar-SA

2010-09-09 18:52:05 ----D---- C:\Program Files\Microsoft

2010-09-08 18:39:45 ----D---- C:\Program Files\Common Files\Steam

2010-09-07 16:14:26 ----D---- C:\Windows\system32\migration

2010-09-07 16:14:25 ----D---- C:\Program Files\Internet Explorer

2010-09-06 22:02:02 ----D---- C:\Windows\winsxs

2010-09-06 17:25:44 ----D---- C:\Windows\system32\catroot2

2010-09-06 17:25:44 ----D---- C:\Windows\system32\catroot

2010-09-05 13:47:33 ----D---- C:\Windows\system32\Tasks

2010-09-05 13:47:32 ----D---- C:\Windows\Tasks

2010-09-05 13:43:57 ----D---- C:\Windows\PolicyDefinitions

2010-09-05 13:38:37 ----D---- C:\Windows

2010-09-05 11:42:17 ----SD---- C:\Users\sacha\AppData\Roaming\Microsoft

2010-09-03 19:38:12 ----D---- C:\Windows\system32\WDI

2010-09-03 16:10:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2010-09-03 15:17:26 ----D---- C:\Users\sacha\AppData\Roaming\Adobe

2010-09-02 19:37:19 ----D---- C:\Windows\inf

2010-09-02 16:50:45 ----D---- C:\Windows\system32\drivers\etc

2010-09-02 16:40:59 ----D---- C:\Program Files\Adobe

2010-09-02 16:40:45 ----D---- C:\ProgramData\Adobe

2010-09-02 16:39:27 ----D---- C:\Program Files\Common Files\Adobe

2010-08-28 11:56:40 ----D---- C:\ProgramData\DivX

2010-08-28 11:56:40 ----D---- C:\Program Files\DivX

2010-08-28 11:55:46 ----D---- C:\Program Files\Common Files\PX Storage Engine

2010-08-24 15:17:57 ----D---- C:\Windows\twain_32

2010-08-24 15:17:54 ----RSD---- C:\Windows\Media

2010-08-17 12:38:40 ----D---- C:\Program Files\Common Files\Roxio Shared

2010-08-17 12:14:16 ----D---- C:\Program Files\Roxio

2010-08-17 11:49:32 ----D---- C:\Program Files\VstPlugins

2010-08-17 11:47:41 ----D---- C:\Program Files\Dofus

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2007-10-26 110624]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-06-10 45648]

R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-11 691696]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-08-14 3076608]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]

R3 BCM43XX;Linksys Wireless-G PCI Network Adapter Driver; C:\Windows\system32\DRIVERS\WMP54GSx86.sys [2007-03-12 534016]

R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]

R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]

R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-11 1793880]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-03 1065384]

R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]

R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]

S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]

S3 aqpsyjoz;aqpsyjoz; C:\Windows\system32\drivers\aqpsyjoz.sys []

S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys []

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]

S3 USBTINSP;TI-Nspire Handheld or TI Network Bridge Device Driver; C:\Windows\system32\DRIVERS\tinspusb.sys [2010-07-07 122752]

S3 xnacc;Contrôleur XBOX 360 pour le service de pilote Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2006-11-02 514560]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-08-13 610304]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440]

R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]

R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-09-08 407336]

S2 astcc;AST Service; C:\Windows\SYSTEM32\astsrv.exe []

S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-22 135664]

S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-11 194032]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-02 655624]

S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

 

-----------------EOF-----------------

[Thanos]

salut

 

Ok c'est beaucoup mieux!

 

Désinstalle les programmes suivants =>

Dealio Toolbar v4.0.1

Eazel-FR Toolbar

Eazel-IT Toolbar

.

 

1°) Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

• 
  
• Lance l'installation du programme en exécutant le fichier téléchargé.
  
• Fais un clic droit sur le raccourci de Toolbar-S&D puis choisis Exécuter en tant qu'administrateur.
  
• Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
  
• Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
  
• Poste le rapport généré. (C:\TB.txt)
  
• >>Aide en images<<

2°) Nettoyage >>

• 
  
• Fais un clic droit sur le raccourci de Toolbar-S&D puis choisis Exécuter en tant qu'administrateur.
  
• Tape sur "2" puis valide en appuyant sur "Entrée".
  
• ! Ne ferme pas la fenêtre lors de la suppression !
  
• Un rapport sera généré, poste son contenu ici.
  
• NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
  Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
  Tape explorer puis valide.

[keyronn]

Voila j'ai fait l'étape 1 je me demande juste si c'est normal que l'ordinateur me dit que le programme s'est peut etre mal installé donc j'ai pas encore fait l'etape 2, et quand j'ai rouvert il me demande de remettre la langue alors je sais pas.

 

Voila le rapport généré:

 

-----------\\ ToolBar S&D 1.2.9 XP/Vista

 

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )

X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4000+ )

BIOS : Phoenix - AwardBIOS v6.00PG

USER : sacha ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)

C:\ (Local Disk) - NTFS - Total:290 Go (Free:83 Go)

D:\ (Local Disk) - NTFS - Total:7 Go (Free:1 Go)

E:\ (CD or DVD)

F:\ (USB)

G:\ (USB)

H:\ (USB)

I:\ (USB)

J:\ (CD or DVD)

K:\ (CD or DVD)

L:\ (CD or DVD)

M:\ (CD or DVD)

 

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [1] ( 12.09.2010|15:06 )

 

[ UAC => 1 ]

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

C:\Users\sacha\AppData\Local\Temp\NERO14688\Toolbar.exe

C:\Program Files\DAEMON Tools Toolbar

C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml

C:\Program Files\Mozilla Firefox\extensions\[email protected]

C:\Program Files\Mozilla Firefox\extensions\[email protected]\CHROME\CONTENT\searchsettingsplugin.js

C:\Program Files\Mozilla Firefox\extensions\[email protected]\CHROME\CONTENT\searchsettingsplugin.xul

C:\Program Files\Mozilla Firefox\extensions\[email protected]\CHROME\LOCALE\EN-US\searchsettingsplugin.dtd

C:\Program Files\Mozilla Firefox\extensions\[email protected]\CHROME\LOCALE\EN-US\searchsettingsplugin.properties

C:\Program Files\Mozilla Firefox\extensions\[email protected]\COMPONENTS\SearchSettingsFF.dll

C:\Program Files\Search Settings

C:\Program Files\Search Settings\kb128

C:\Program Files\Search Settings\SearchSettings.exe

C:\Program Files\Search Settings\kb128\res

C:\Program Files\Search Settings\kb128\SearchSettings.dll

C:\Program Files\Search Settings\kb128\SearchSettingsRes409.dll

C:\Program Files\Search Settings\kb128\temp

C:\Users\sacha\AppData\Local\Temp\nsl827B.tmp

C:\Users\sacha\AppData\Local\Temp\nsuD6F0.tmp

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://eu.ask.com?o=16170&l=dis"

"Local Page"="C:\\Windows\\system32\\blank.htm"

"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_CH&c=74&bd=Pavilion&pf=desktop"'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_CH&c=74&bd=Pavilion&pf=desktop"

"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_CH&c=74&bd=Pavilion&pf=desktop"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Local Page"="C:\\Windows\\System32\\blank.htm"

 

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\Users\sacha\AppData\Roaming\Microsoft\Windows\Recent\photoshop keygen + hosts (2).lnk

C:\Users\sacha\AppData\Roaming\Microsoft\Windows\Recent\photoshop keygen + hosts.lnk

C:\Users\sacha\Desktop\Donjon de Naheulbeuk\Crack and Keygen

C:\Users\sacha\Desktop\Donjon de Naheulbeuk\Crack and Keygen\MassEffect2.exe

C:\Users\sacha\Downloads\%5BFTL3%5D+Mass+Effect+2+Crack.torrent

C:\Users\sacha\Downloads\Dragon Age Origins NO-DVD crack x32-x64-x86.rar.torrent

C:\Users\sacha\Downloads\Dragon Age Origins v1 01 Patch + Crack(Working).torrent

C:\Users\sacha\Downloads\Mass+Effect+2+-+Crack+and+Keygen.torrent

 

 

[ UAC => 1 ]

 

 

1 - "C:\ToolBar SD\TB_1.txt" - 12.09.2010|14:58 - Option : [1]

2 - "C:\ToolBar SD\TB_2.txt" - 12.09.2010|15:06 - Option : [1]

 

-----------\\ Fin du rapport a 15:06:28.89

[Thanos]

l'ordinateur me dit que le programme s'est peut etre mal installé

De quel programme s'agit-il ? ToolBar SD ? ne tiens pas compte du message et lance l'option 2 puis poste le rapport stp

Note très importante:

 

- Dans le rapport MBAM =>

C:\Users\sacha\Desktop\cracked\photoshop\photoshop keygen + hosts\Keygen PS CS4.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.

 

- Dans le rapport ToolBar SD =>

C:\Users\sacha\AppData\Roaming\Microsoft\Windows\Recent\photoshop keygen + hosts (2).lnk

C:\Users\sacha\AppData\Roaming\Microsoft\Windows\Recent\photoshop keygen + hosts.lnk

C:\Users\sacha\Desktop\Donjon de Naheulbeuk\Crack and Keygen

C:\Users\sacha\Desktop\Donjon de Naheulbeuk\Crack and Keygen\MassEffect2.exe

C:\Users\sacha\Downloads\%5BFTL3%5D+Mass+Effect+2+Crack.torrent

C:\Users\sacha\Downloads\Dragon Age Origins NO-DVD crack x32-x64-x86.rar.torrent

C:\Users\sacha\Downloads\Dragon Age Origins v1 01 Patch + Crack(Working).torrent

C:\Users\sacha\Downloads\Mass+Effect+2+-+Crack+and+Keygen.torrent

Je te conseille vivement de t'en débarrasser...

Ce qui suit n'est pas pour faire la morale, mais vise plutôt à te faire prendre conscience des risques liés à l'utilisation des cracks/Keygen/serials et des logiciels P2P!! Pour t'en convaincre, lis ces topics très clairs:

 

*Article de Malekal concernant les cracks => Malekal's forum • Le danger des cracks ! : Sécurité : Prévention, virus & arnaques et dangers d'Internet

*Article de Ogu sur les fausses idées concernant le peer to peer => (clique sur l'image).

 

Les infections véhiculées pas le peer to peer sont une menace réelle!! par exemple le vers Worm.Win32_Sumom-A qui est un ver de messagerie instantanée et de réseaux peer-to-peer,se met dans le dossier incoming/Shared afin d'être expédié à toutes les personnes qui partagent tes téléchargements...=> VirusTraQ - Informations Virus - Worm.Win32_Sumom-A

Maintenant que tu sais, c'est à toi de voir... est ce que ca vaut le coup de risquer une grosse infection(et mettre tes données en peril)? La plupart des logiciels payants ont un équivalent en freeware.

 

A des fins d'analyse de virus/malwares, nous téléchargeons de nombreux cracks: il se trouve que ce sont quasiment tous des malwares. Aussi fais attention car rien n'est vraiment gratuit sur la toile!

 

*******

 

Après avoir utilisé l'option 2 du programme (suppression), je te demanderais de relancer RSIT et de poster le nouveau rapport pour voir si tout est bon.

[keyronn]

Je pense que je vais un peu changer mes habitudes alors.

 

voila les 2 rapports.

 

-----------\\ ToolBar S&D 1.2.9 XP/Vista

 

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )

X86-based PC ( Multiprocessor Free : AMD Athlon 64 X2 Dual Core Processor 4000+ )

BIOS : Phoenix - AwardBIOS v6.00PG

USER : sacha ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)

C:\ (Local Disk) - NTFS - Total:290 Go (Free:82 Go)

D:\ (Local Disk) - NTFS - Total:7 Go (Free:1 Go)

E:\ (CD or DVD)

F:\ (USB)

G:\ (USB)

H:\ (USB)

I:\ (USB)

J:\ (CD or DVD)

K:\ (CD or DVD)

L:\ (CD or DVD)

M:\ (CD or DVD)

 

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [2] ( 12.09.2010|21:40 )

 

[ UAC => 1 ]

 

-----------\\ SUPPRESSION

 

Supprime! - C:\Users\sacha\AppData\Local\Temp\NERO14688\Toolbar.exe

Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml

Supprime! - C:\Program Files\Mozilla Firefox\extensions\[email protected]

Supprime! - C:\Program Files\Search Settings\kb128

Supprime! - C:\Program Files\Search Settings\SearchSettings.exe

Supprime! - C:\Users\sacha\AppData\Local\Temp\nsl827B.tmp

Supprime! - C:\Users\sacha\AppData\Local\Temp\nsuD6F0.tmp

Supprime! - C:\Program Files\DAEMON Tools Toolbar

Supprime! - C:\Program Files\Search Settings

 

-----------\\ Recherche de Fichiers / Dossiers ...

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://eu.ask.com?o=16170&l=dis"

"Local Page"="C:\\Windows\\system32\\blank.htm"

"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_CH&c=74&bd=Pavilion&pf=desktop"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Local Page"="C:\\Windows\\System32\\blank.htm"

 

 

--------------------\\ Recherche d'autres infections

 

--------------------\\ Cracks & Keygens ..

 

C:\Users\sacha\AppData\Roaming\Microsoft\Windows\Recent\photoshop keygen + hosts (2).lnk

C:\Users\sacha\AppData\Roaming\Microsoft\Windows\Recent\photoshop keygen + hosts.lnk

C:\Users\sacha\Downloads\%5BFTL3%5D+Mass+Effect+2+Crack.torrent

C:\Users\sacha\Downloads\Dragon Age Origins NO-DVD crack x32-x64-x86.rar.torrent

C:\Users\sacha\Downloads\Dragon Age Origins v1 01 Patch + Crack(Working).torrent

C:\Users\sacha\Downloads\Mass+Effect+2+-+Crack+and+Keygen.torrent

 

 

[ UAC => 1 ]

 

 

1 - "C:\ToolBar SD\TB_1.txt" - 12.09.2010|14:58 - Option : [1]

2 - "C:\ToolBar SD\TB_2.txt" - 12.09.2010|15:06 - Option : [1]

3 - "C:\ToolBar SD\TB_3.txt" - 12.09.2010|21:42 - Option : [2]

 

-----------\\ Fin du rapport a 21:42:59.89

 

 

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by sacha at 2010-09-12 21:44:28

Microsoft® Windows Vista™ Édition Familiale Premium

System drive C: has 85 GB (29%) free of 298 GB

Total RAM: 2046 MB (52% free)

 

HijackThis download failed

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Google Software Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\Norton Security Scan for sacha.job

C:\Windows\tasks\User_Feed_Synchronization-{473F17EE-6575-468D-BDEE-A5607DEEAC72}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]

HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-02-10 329312]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]

Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-06-28 202144]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-08-02 278192]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-08-02 814648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]

IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2010-07-28 109568]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll []

{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-06-28 1615256]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-10-19 1006264]

"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]

"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]

"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]

"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]

"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176]

"SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-09-25 54672]

"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

""= []

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-02-10 198160]

"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2010-02-17 177472]

"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-17 767312]

"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2009-05-19 136544]

"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-08-20 1164584]

"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-10-12 1232896]

"CollaborationHost"=C:\Windows\system32\p2phost.exe [2006-11-02 191488]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-07 68856]

"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]

"Steam"=c:\program files\steam\steam.exe [2010-08-24 1242448]

"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

 

C:\Users\sacha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\sacha\AppData\Roaming\Dropbox\bin\Dropbox.exe

OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2010-09-12 14:55:59 ----A---- C:\TB.txt

2010-09-12 14:54:51 ----D---- C:\ToolBar SD

2010-09-11 01:43:55 ----D---- C:\Users\sacha\AppData\Roaming\Malwarebytes

2010-09-11 01:43:43 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys

2010-09-11 01:43:41 ----D---- C:\ProgramData\Malwarebytes

2010-09-11 01:43:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-09-11 01:43:41 ----A---- C:\Windows\system32\drivers\mbam.sys

2010-09-10 21:53:18 ----D---- C:\Program Files\RomStation

2010-09-10 17:18:10 ----D---- C:\rsit

2010-09-10 17:18:10 ----D---- C:\Program Files\trend micro

2010-09-10 15:33:08 ----D---- C:\Program Files\Microsoft Visual Studio

2010-09-10 15:31:55 ----D---- C:\Program Files\Common Files\DESIGNER

2010-09-10 15:31:50 ----D---- C:\Program Files\Microsoft Works

2010-09-10 15:31:47 ----D---- C:\Program Files\Microsoft.NET

2010-09-10 15:31:47 ----D---- C:\Program Files\Microsoft Visual Studio 8

2010-09-09 19:14:30 ----D---- C:\ProgramData\Office Genuine Advantage

2010-09-06 17:27:58 ----A---- C:\Windows\system32\jscript.dll

2010-09-06 17:26:54 ----A---- C:\Windows\system32\vbscript.dll

2010-09-06 17:26:37 ----A---- C:\Windows\system32\mshtml.dll

2010-09-06 17:26:36 ----A---- C:\Windows\system32\ieframe.dll

2010-09-06 17:26:32 ----A---- C:\Windows\system32\iertutil.dll

2010-09-06 17:26:31 ----A---- C:\Windows\system32\wininet.dll

2010-09-06 17:26:31 ----A---- C:\Windows\system32\urlmon.dll

2010-09-06 17:26:30 ----A---- C:\Windows\system32\occache.dll

2010-09-06 17:26:30 ----A---- C:\Windows\system32\msfeeds.dll

2010-09-06 17:26:30 ----A---- C:\Windows\system32\iedkcs32.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\msfeedssync.exe

2010-09-06 17:26:28 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\jsproxy.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\ieUnatt.exe

2010-09-06 17:26:28 ----A---- C:\Windows\system32\ieui.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iesysprep.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iesetup.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iernonce.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\iepeers.dll

2010-09-06 17:26:28 ----A---- C:\Windows\system32\ie4uinit.exe

2010-09-05 13:51:22 ----A---- C:\Windows\system32\drivers\ssmdrv.sys

2010-09-05 13:51:20 ----A---- C:\Windows\system32\drivers\avipbb.sys

2010-09-05 13:50:08 ----D---- C:\ProgramData\Avira

2010-09-05 13:50:08 ----D---- C:\Program Files\Avira

2010-09-05 13:33:57 ----A---- C:\Windows\system32\mshtmled.dll

2010-09-05 13:33:57 ----A---- C:\Windows\system32\icardie.dll

2010-09-05 13:33:56 ----A---- C:\Windows\system32\mshtmler.dll

2010-09-05 13:33:56 ----A---- C:\Windows\system32\admparse.dll

2010-09-05 13:33:55 ----A---- C:\Windows\system32\msls31.dll

2010-09-05 13:33:55 ----A---- C:\Windows\system32\corpol.dll

2010-09-05 13:33:53 ----A---- C:\Windows\system32\imgutil.dll

2010-09-05 13:33:53 ----A---- C:\Windows\system32\ieakeng.dll

2010-09-05 13:33:53 ----A---- C:\Windows\system32\dxtmsft.dll

2010-09-05 13:33:52 ----A---- C:\Windows\system32\dxtrans.dll

2010-09-05 13:33:51 ----A---- C:\Windows\system32\licmgr10.dll

2010-09-05 13:33:51 ----A---- C:\Windows\system32\inseng.dll

2010-09-05 13:33:51 ----A---- C:\Windows\system32\ieaksie.dll

2010-09-05 13:33:50 ----A---- C:\Windows\system32\webcheck.dll

2010-09-05 13:33:50 ----A---- C:\Windows\system32\msrating.dll

2010-09-05 13:33:49 ----A---- C:\Windows\system32\WinFXDocObj.exe

2010-09-05 13:33:49 ----A---- C:\Windows\system32\wextract.exe

2010-09-05 13:33:49 ----A---- C:\Windows\system32\mstime.dll

2010-09-05 13:33:49 ----A---- C:\Windows\system32\ieakui.dll

2010-09-05 13:33:47 ----A---- C:\Windows\system32\pngfilt.dll

2010-09-05 13:33:47 ----A---- C:\Windows\system32\advpack.dll

2010-09-05 13:33:45 ----A---- C:\Windows\system32\ieapfltr.dll

2010-09-05 13:33:40 ----A---- C:\Windows\system32\url.dll

2010-09-05 13:33:34 ----A---- C:\Windows\system32\mshta.exe

2010-09-05 13:33:34 ----A---- C:\Windows\system32\iexpress.exe

2010-09-05 13:33:32 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2010-09-05 13:33:32 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2010-09-05 13:33:32 ----A---- C:\Windows\system32\PDMSetup.exe

2010-09-04 22:02:18 ----ASH---- C:\hiberfil.sys

2010-09-03 22:00:37 ----A---- C:\Windows\ntbtlog.txt

2010-09-03 19:09:44 ----D---- C:\Users\sacha\AppData\Roaming\48373AF7BFE4CA8140BB8C682DF69209

2010-09-03 16:12:43 ----A---- C:\Windows\{682E39A0-0576-4422-8328-3B7E56346653}_WiseFW.ini

2010-09-03 16:09:47 ----D---- C:\Windows\B4009EBB0818454FA6E8BBAAAEEF89E6.TMP

2010-09-02 19:22:50 ----D---- C:\Users\sacha\AppData\Roaming\TI-Nspire

2010-09-02 19:16:15 ----D---- C:\Users\sacha\AppData\Roaming\Texas Instruments

2010-09-02 19:14:29 ----D---- C:\ProgramData\SafeNet Sentinel

2010-09-02 19:13:11 ----D---- C:\Program Files\TI Education

2010-09-02 19:06:51 ----D---- C:\ProgramData\TI-Nspire CAS

2010-09-02 19:06:43 ----D---- C:\Program Files\Common Files\TI Shared

2010-09-02 19:05:23 ----A---- C:\Windows\{AC59B86B-4E39-47C8-B79A-3EC33B86FB47}_WiseFW.ini

2010-09-02 16:51:48 ----D---- C:\ProgramData\FLEXnet

2010-09-02 16:31:19 ----D---- C:\Program Files\Common Files\Macrovision Shared

2010-08-24 15:32:28 ----D---- C:\Users\sacha\AppData\Roaming\Dropbox

2010-08-24 15:17:53 ----A---- C:\Windows\system32\CNC640L.dll

2010-08-24 15:17:53 ----A---- C:\Windows\system32\CNC640I.dll

2010-08-24 15:17:52 ----A---- C:\Windows\system32\CNHMCA.dll

2010-08-24 15:17:52 ----A---- C:\Windows\system32\CNC640U.dll

2010-08-24 15:17:52 ----A---- C:\Windows\system32\CNC640C.dll

2010-08-24 15:15:35 ----D---- C:\Program Files\Common Files\CANON

2010-08-24 15:14:49 ----HD---- C:\ProgramData\CanonBJ

2010-08-24 15:13:40 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information

2010-08-24 15:11:21 ----A---- C:\Windows\system32\CNMLMA2.DLL

2010-08-24 15:11:15 ----A---- C:\Windows\system32\CNMIUA2.DLL

2010-08-24 15:11:09 ----HD---- C:\Program Files\CanonBJ

2010-08-24 15:11:03 ----D---- C:\Windows\system32\STRING

2010-08-24 15:11:03 ----D---- C:\Windows\system32\CHM

2010-08-24 15:11:03 ----A---- C:\Windows\system32\CNMNPUI.DLL

2010-08-24 15:11:03 ----A---- C:\Windows\system32\CNMNPPM.DLL

2010-08-24 15:10:29 ----D---- C:\Program Files\Canon

2010-08-19 01:56:09 ----D---- C:\Users\sacha\AppData\Roaming\inkscape

2010-08-19 01:40:10 ----D---- C:\Program Files\Inkscape

2010-08-18 20:06:31 ----D---- C:\Users\sacha\AppData\Roaming\gtk-2.0

 

======List of files/folders modified in the last 1 months======

 

2010-09-12 21:44:28 ----D---- C:\Windows\Temp

2010-09-12 21:41:52 ----RD---- C:\Program Files

2010-09-12 21:41:02 ----D---- C:\Windows\Prefetch

2010-09-12 14:50:47 ----D---- C:\Program Files\Steam

2010-09-12 14:45:54 ----D---- C:\Program Files\Mozilla Firefox

2010-09-12 14:45:53 ----SHD---- C:\Windows\Installer

2010-09-12 14:45:46 ----HD---- C:\Config.Msi

2010-09-12 14:45:45 ----D---- C:\Windows\winsxs

2010-09-12 14:45:22 ----SHD---- C:\System Volume Information

2010-09-12 13:28:17 ----D---- C:\Windows\Minidump

2010-09-12 13:28:07 ----D---- C:\Windows

2010-09-11 15:16:42 ----D---- C:\ProgramData\Microsoft Help

2010-09-11 15:14:29 ----A---- C:\Windows\win.ini

2010-09-11 15:11:37 ----D---- C:\Users\sacha\AppData\Roaming\LimeWire

2010-09-11 14:22:47 ----D---- C:\Program Files\LimeWire

2010-09-11 13:55:43 ----D---- C:\Windows\system32\drivers

2010-09-11 13:55:43 ----D---- C:\Windows\ehome

2010-09-11 12:35:12 ----D---- C:\Program Files\Microsoft Silverlight

2010-09-11 01:43:41 ----HD---- C:\ProgramData

2010-09-11 01:43:02 ----D---- C:\Windows\System32

2010-09-11 01:43:02 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-09-10 15:37:56 ----RSD---- C:\Windows\assembly

2010-09-10 15:37:24 ----D---- C:\Windows\ShellNew

2010-09-10 15:37:01 ----D---- C:\Program Files\Microsoft Office

2010-09-10 15:35:42 ----D---- C:\Program Files\Common Files\microsoft shared

2010-09-10 15:33:18 ----RSD---- C:\Windows\Fonts

2010-09-10 15:33:08 ----D---- C:\Program Files\MSBuild

2010-09-10 15:31:55 ----D---- C:\Program Files\Common Files

2010-09-10 15:31:47 ----SD---- C:\ProgramData\Microsoft

2010-09-09 18:56:09 ----D---- C:\Windows\system32\zh-TW

2010-09-09 18:56:09 ----D---- C:\Windows\system32\zh-HK

2010-09-09 18:56:09 ----D---- C:\Windows\system32\tr-TR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\sv-SE

2010-09-09 18:56:09 ----D---- C:\Windows\system32\pt-BR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\nl-NL

2010-09-09 18:56:09 ----D---- C:\Windows\system32\nb-NO

2010-09-09 18:56:09 ----D---- C:\Windows\system32\ko-KR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\it-IT

2010-09-09 18:56:09 ----D---- C:\Windows\system32\he-IL

2010-09-09 18:56:09 ----D---- C:\Windows\system32\fr-FR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\fi-FI

2010-09-09 18:56:09 ----D---- C:\Windows\system32\es-ES

2010-09-09 18:56:09 ----D---- C:\Windows\system32\en-US

2010-09-09 18:56:09 ----D---- C:\Windows\system32\el-GR

2010-09-09 18:56:09 ----D---- C:\Windows\system32\de-DE

2010-09-09 18:56:09 ----D---- C:\Windows\system32\da-DK

2010-09-09 18:56:09 ----D---- C:\Windows\system32\ar-SA

2010-09-09 18:52:05 ----D---- C:\Program Files\Microsoft

2010-09-08 18:39:45 ----D---- C:\Program Files\Common Files\Steam

2010-09-07 16:14:26 ----D---- C:\Windows\system32\migration

2010-09-07 16:14:25 ----D---- C:\Program Files\Internet Explorer

2010-09-06 17:25:44 ----D---- C:\Windows\system32\catroot2

2010-09-06 17:25:44 ----D---- C:\Windows\system32\catroot

2010-09-05 13:47:33 ----D---- C:\Windows\system32\Tasks

2010-09-05 13:47:32 ----D---- C:\Windows\Tasks

2010-09-05 13:43:57 ----D---- C:\Windows\PolicyDefinitions

2010-09-05 11:42:17 ----SD---- C:\Users\sacha\AppData\Roaming\Microsoft

2010-09-03 19:38:12 ----D---- C:\Windows\system32\WDI

2010-09-03 16:10:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2010-09-03 15:17:26 ----D---- C:\Users\sacha\AppData\Roaming\Adobe

2010-09-02 19:37:19 ----D---- C:\Windows\inf

2010-09-02 16:50:45 ----D---- C:\Windows\system32\drivers\etc

2010-09-02 16:40:59 ----D---- C:\Program Files\Adobe

2010-09-02 16:40:45 ----D---- C:\ProgramData\Adobe

2010-09-02 16:39:27 ----D---- C:\Program Files\Common Files\Adobe

2010-08-28 11:56:40 ----D---- C:\ProgramData\DivX

2010-08-28 11:56:40 ----D---- C:\Program Files\DivX

2010-08-28 11:55:46 ----D---- C:\Program Files\Common Files\PX Storage Engine

2010-08-24 15:17:57 ----D---- C:\Windows\twain_32

2010-08-24 15:17:54 ----RSD---- C:\Windows\Media

2010-08-17 12:38:40 ----D---- C:\Program Files\Common Files\Roxio Shared

2010-08-17 12:14:16 ----D---- C:\Program Files\Roxio

2010-08-17 11:49:32 ----D---- C:\Program Files\VstPlugins

2010-08-17 11:47:41 ----D---- C:\Program Files\Dofus

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2007-10-26 110624]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-06-10 45648]

R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-11 691696]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-08-14 3076608]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]

R3 BCM43XX;Linksys Wireless-G PCI Network Adapter Driver; C:\Windows\system32\DRIVERS\WMP54GSx86.sys [2007-03-12 534016]

R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]

R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]

R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-11 1793880]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-03 1065384]

R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]

R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]

S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]

S3 ar9xlwfd;ar9xlwfd; C:\Windows\system32\drivers\ar9xlwfd.sys []

S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys []

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]

S3 USBTINSP;TI-Nspire Handheld or TI Network Bridge Device Driver; C:\Windows\system32\DRIVERS\tinspusb.sys [2010-07-07 122752]

S3 xnacc;Contrôleur XBOX 360 pour le service de pilote Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2006-11-02 514560]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;Planificateur Avira AntiVir Personal - Free Antivirus; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-08-13 610304]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440]

R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]

R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-09-08 407336]

S2 astcc;AST Service; C:\Windows\SYSTEM32\astsrv.exe []

S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-22 135664]

S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-11 194032]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-02 655624]

S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

 

-----------------EOF-----------------