Zwinki Search

[gagamissjtd]

Bonjour

 

Alors voila j'ai téléchargée RSIT et voila mon rapport

 

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by Gaetane at 2010-11-01 15:17:43

Microsoft Windows 7 Édition Familiale Premium

System drive C: has 68 GB (57%) free of 119 GB

Total RAM: 4061 MB (46% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:17:58, on 01/11/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16671)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Users\Gaetane\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\Winamp\winampa.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Users\Gaetane\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gaetane\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gaetane\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gaetane\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gaetane\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gaetane\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gaetane\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gaetane\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Users\Gaetane\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe

C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\mswinext.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe

C:\Users\Gaetane\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Gaetane\Downloads\RSIT.exe

C:\Program Files (x86)\trend micro\Gaetane.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Interest recogniser for Freecompressor (powered by Spointer) - {a83c3565-302c-4bf8-b000-6b6f1811d892} - C:\Program Files (x86)\FreeCompressor\spointer\extensions\freecompressor_air_ie.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: Interest recogniser for Crazyloader (powered by Spointer) - {C5F65718-341D-4e7d-9842-FCB9CC89527E} - C:\Program Files (x86)\CrazyLoader\spointer\extensions\crazyloader_air_ie.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll

O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Mp3Rocket Toolbar - {4C350B19-6CA1-4569-B14C-296D8D65300B} - "C:\Program Files (x86)\MP3 Rocket Toolbar\mp3rockettb.DLL" (file missing)

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O4 - Startup: Notification de cadeaux MSN.lnk = Gaetane\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: FancyStart daemon.lnk = ?

O4 - Global Startup: SRS Premium Sound.lnk = ?

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Mp3Rocket Toolbar Helper - Unknown owner - C:\Program Files (x86)\MP3 Rocket Toolbar\Mp3RocketSvc.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ZwankySearch Service - Unknown owner - C:\ProgramData\ZwankySearch\zwankysearch149.exe

 

--

End of file - 27182 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]

Softonic_France Toolbar - C:\Program Files (x86)\Softonic_France\tbSoft.dll [2010-06-13 2734688]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a83c3565-302c-4bf8-b000-6b6f1811d892}]

Interest recogniser for Freecompressor (powered by Spointer) - C:\Program Files (x86)\FreeCompressor\spointer\extensions\freecompressor_air_ie.dll [2010-07-12 135840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-10 256112]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-06-10 761840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5F65718-341D-4e7d-9842-FCB9CC89527E}]

Interest recogniser for Crazyloader (powered by Spointer) - C:\Program Files (x86)\CrazyLoader\spointer\extensions\crazyloader_air_ie.dll [2010-08-19 135840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-06-10 458736]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]

OfferBox - C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll [2010-07-21 135000]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-10 256112]

{4daac69c-cba7-45e2-9bc8-1044483d3352} - Softonic_France Toolbar - C:\Program Files (x86)\Softonic_France\tbSoft.dll [2010-06-13 2734688]

{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{4C350B19-6CA1-4569-B14C-296D8D65300B} - Mp3Rocket Toolbar - C:\Program Files (x86)\MP3 Rocket Toolbar\mp3rockettb.DLL [2010-06-23 1052328]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

"Boingo Wi-Fi"=C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-06-10 2429]

"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]

"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]

"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]

"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]

"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2010-07-12 74752]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2010-09-24 421160]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

"Sony Ericsson PC Suite"=C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-09-24 434176]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe

SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

 

C:\Users\Gaetane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Notification de cadeaux MSN.lnk - C:\Users\Gaetane\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2010-11-01 15:17:44 ----D---- C:\Program Files (x86)\trend micro

2010-11-01 15:17:43 ----D---- C:\rsit

2010-11-01 12:14:46 ----D---- C:\Program Files (x86)\Microsoft.NET

2010-11-01 00:41:43 ----D---- C:\ProgramData\ZwankySearch

2010-11-01 00:41:36 ----D---- C:\Users\Gaetane\AppData\Roaming\MP3Rocket

2010-11-01 00:41:32 ----D---- C:\Program Files (x86)\MP3 Rocket

2010-11-01 00:41:16 ----D---- C:\Program Files (x86)\MP3 Rocket Toolbar

2010-10-29 16:53:16 ----D---- C:\Program Files (x86)\Microsoft Sync Framework

2010-10-29 16:52:53 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2010-10-29 16:34:34 ----D---- C:\Program Files (x86)\Windows Live SkyDrive

2010-10-29 15:11:31 ----D---- C:\Program Files (x86)\MSN Toolbar

2010-10-29 15:11:09 ----D---- C:\Program Files (x86)\Bing Bar Installer

2010-10-29 15:10:53 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll

2010-10-29 15:10:53 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll

2010-10-29 15:10:52 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll

2010-10-29 15:09:21 ----A---- C:\Windows\SysWOW64\UIRibbonRes.dll

2010-10-29 15:09:20 ----A---- C:\Windows\SysWOW64\UIRibbon.dll

2010-10-29 15:07:30 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL

2010-10-29 15:07:30 ----A---- C:\Windows\SysWOW64\mfreadwrite.dll

2010-10-29 15:07:26 ----A---- C:\Windows\SysWOW64\mf.dll

2010-10-29 14:41:26 ----D---- C:\Program Files (x86)\iTunes

2010-10-29 14:37:17 ----D---- C:\Program Files (x86)\Bonjour

2010-10-29 14:19:22 ----A---- C:\Windows\SysWOW64\CPFilters.dll

2010-10-29 13:46:44 ----D---- C:\Program Files (x86)\Mozilla Firefox

2010-10-26 20:01:12 ----D---- C:\ProgramData\Pinnacle VideoSpin

2010-10-26 20:01:12 ----D---- C:\Program Files (x86)\Pinnacle

2010-10-26 20:01:12 ----D---- C:\Program Files (x86)\Common Files\Yahoo!

2010-10-26 19:59:59 ----D---- C:\ProgramData\Pinnacle

2010-10-26 18:54:37 ----D---- C:\Users\Gaetane\AppData\Roaming\VDownloader

2010-10-26 18:54:26 ----D---- C:\Program Files (x86)\VDownloader

2010-10-26 18:39:31 ----D---- C:\Users\Gaetane\AppData\Roaming\Uniblue

2010-10-26 18:39:28 ----D---- C:\Program Files (x86)\Uniblue

2010-10-19 16:37:43 ----D---- C:\ProgramData\VirtualizedApplications

2010-10-18 20:18:22 ----D---- C:\Users\Gaetane\AppData\Roaming\SoftGrid Client

2010-10-18 20:17:42 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI

2010-10-18 20:17:34 ----D---- C:\Program Files (x86)\Common Files\DESIGNER

2010-10-18 20:17:33 ----D---- C:\Program Files (x86)\Microsoft Application Virtualization Client

2010-10-18 20:17:22 ----D---- C:\Users\Gaetane\AppData\Roaming\TP

2010-10-17 20:01:28 ----A---- C:\Windows\SysWOW64\pncrt.dll

2010-10-17 20:01:05 ----D---- C:\Program Files (x86)\FreeTime

2010-10-17 19:50:35 ----D---- C:\Program Files (x86)\Movie Maker 2.6

2010-10-17 09:44:08 ----D---- C:\Users\Gaetane\AppData\Roaming\Apowersoft

2010-10-17 09:44:02 ----D---- C:\Program Files (x86)\Apowersoft

2010-10-14 17:50:50 ----A---- C:\Windows\SysWOW64\t2embed.dll

2010-10-14 17:50:47 ----A---- C:\Windows\SysWOW64\ole32.dll

2010-10-14 17:50:25 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll

2010-10-14 17:50:22 ----A---- C:\Windows\SysWOW64\schannel.dll

2010-10-14 17:50:18 ----A---- C:\Windows\SysWOW64\comctl32.dll

2010-10-14 17:50:16 ----A---- C:\Windows\SysWOW64\wmpmde.dll

2010-10-14 17:50:14 ----A---- C:\Windows\SysWOW64\mfc40u.dll

2010-10-14 17:50:14 ----A---- C:\Windows\SysWOW64\mfc40.dll

2010-10-14 17:49:17 ----A---- C:\Windows\SysWOW64\mshtml.dll

2010-10-14 17:49:17 ----A---- C:\Windows\SysWOW64\iertutil.dll

2010-10-14 17:49:16 ----A---- C:\Windows\SysWOW64\ieframe.dll

2010-10-14 17:49:15 ----A---- C:\Windows\SysWOW64\urlmon.dll

2010-10-14 17:49:15 ----A---- C:\Windows\SysWOW64\msfeeds.dll

2010-10-14 17:49:14 ----A---- C:\Windows\SysWOW64\wininet.dll

2010-10-14 17:49:14 ----A---- C:\Windows\SysWOW64\mstime.dll

2010-10-14 17:49:14 ----A---- C:\Windows\SysWOW64\mshtmled.dll

2010-10-14 17:49:14 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll

2010-10-14 17:49:14 ----A---- C:\Windows\SysWOW64\licmgr10.dll

2010-10-14 17:49:14 ----A---- C:\Windows\SysWOW64\ieui.dll

2010-10-14 17:49:14 ----A---- C:\Windows\SysWOW64\iepeers.dll

2010-10-14 17:49:14 ----A---- C:\Windows\SysWOW64\iedkcs32.dll

2010-10-14 17:49:13 ----A---- C:\Windows\SysWOW64\msfeedssync.exe

2010-10-14 17:49:13 ----A---- C:\Windows\SysWOW64\jsproxy.dll

2010-10-14 17:48:43 ----A---- C:\Windows\SysWOW64\wmp.dll

2010-10-14 17:48:41 ----A---- C:\Windows\SysWOW64\wmploc.DLL

2010-10-14 17:48:19 ----A---- C:\Windows\SysWOW64\sscore.dll

 

======List of files/folders modified in the last 1 months======

 

2010-11-01 15:17:46 ----D---- C:\Windows\Temp

2010-11-01 15:17:44 ----RD---- C:\Program Files (x86)

2010-11-01 13:12:25 ----D---- C:\Windows\Microsoft.NET

2010-11-01 13:03:46 ----RSD---- C:\Windows\assembly

2010-11-01 12:27:12 ----SHD---- C:\Windows\Installer

2010-11-01 12:26:41 ----SHD---- C:\System Volume Information

2010-11-01 12:26:37 ----D---- C:\Windows\SysWOW64\fr-FR

2010-11-01 12:26:17 ----D---- C:\Windows\System32

2010-11-01 12:26:17 ----D---- C:\Windows\inf

2010-11-01 12:14:55 ----D---- C:\Windows\SysWOW64

2010-11-01 12:14:48 ----D---- C:\Windows\SysWOW64\en-US

2010-11-01 12:14:40 ----D---- C:\Windows\Prefetch

2010-11-01 00:41:43 ----HD---- C:\ProgramData

2010-10-30 17:01:29 ----RSD---- C:\Windows\Fonts

2010-10-30 15:32:08 ----D---- C:\Users\Gaetane\AppData\Roaming\OfferBox

2010-10-30 10:16:59 ----D---- C:\Windows\winsxs

2010-10-30 10:16:56 ----D---- C:\Windows\ehome

2010-10-30 10:16:46 ----D---- C:\Windows\AppPatch

2010-10-29 16:53:48 ----RD---- C:\Program Files

2010-10-29 16:53:48 ----D---- C:\Program Files (x86)\Windows Live

2010-10-29 16:47:18 ----D---- C:\Windows

2010-10-29 16:34:39 ----D---- C:\Program Files (x86)\Common Files\microsoft shared

2010-10-29 16:27:30 ----SD---- C:\Users\Gaetane\AppData\Roaming\Microsoft

2010-10-29 16:09:53 ----SD---- C:\ProgramData\Microsoft

2010-10-29 14:52:10 ----D---- C:\Windows\Tasks

2010-10-29 14:52:10 ----D---- C:\Program Files (x86)\Google

2010-10-29 14:41:26 ----D---- C:\Program Files (x86)\Common Files\Apple

2010-10-29 14:38:30 ----D---- C:\Program Files (x86)\QuickTime

2010-10-29 14:07:44 ----D---- C:\ProgramData\P4G

2010-10-29 14:07:42 ----D---- C:\Windows\servicing

2010-10-29 14:07:39 ----D---- C:\Users\Gaetane\AppData\Roaming\Winamp

2010-10-29 14:07:39 ----D---- C:\Users\Gaetane\AppData\Roaming\vlc

2010-10-29 14:07:39 ----D---- C:\Users\Gaetane\AppData\Roaming\PhotoFiltre

2010-10-29 14:06:56 ----D---- C:\Windows\registration

2010-10-29 14:06:22 ----RD---- C:\Users

2010-10-29 14:05:41 ----SHD---- C:\$Recycle.Bin

2010-10-29 13:52:01 ----D---- C:\ProgramData\Google

2010-10-29 13:46:50 ----D---- C:\Users\Gaetane\AppData\Roaming\Mozilla

2010-10-18 20:17:34 ----D---- C:\Program Files (x86)\Microsoft Office

2010-10-18 20:17:34 ----D---- C:\Program Files (x86)\Common Files

2010-10-15 21:34:15 ----D---- C:\Windows\SysWOW64\migration

2010-10-15 21:34:15 ----D---- C:\Program Files (x86)\Windows Media Player

2010-10-15 21:34:15 ----D---- C:\Program Files (x86)\Internet Explorer

2010-10-03 12:28:03 ----D---- C:\Windows\rescache

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 AsDsm;AsDsm; C:\Windows\SysWOW64\drivers\AsDsm.sys []

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []

R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys []

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []

R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []

R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []

R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []

R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys []

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []

R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]

R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []

R2 tmpreflt;tmpreflt; C:\Windows\system32\DRIVERS\tmpreflt.sys []

R2 tmxpflt;tmxpflt; C:\Windows\system32\DRIVERS\tmxpflt.sys []

R2 vsapint;vsapint; C:\Windows\system32\DRIVERS\vsapint.sys []

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []

R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []

R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys []

R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys []

R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys []

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys []

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys []

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys []

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys []

R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys []

S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []

S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys []

S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys []

S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys []

S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys []

S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys []

S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys []

S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys []

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe []

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]

R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]

R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-07-27 345376]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]

R2 Mp3Rocket Toolbar Helper;Mp3Rocket Toolbar Helper; C:\Program Files (x86)\MP3 Rocket Toolbar\Mp3RocketSvc.exe [2010-06-23 275112]

R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]

R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]

R2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2010-09-06 859712]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]

R2 ZwankySearch Service;ZwankySearch Service; C:\ProgramData\ZwankySearch\zwankysearch149.exe [2010-10-30 61720]

R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 932640]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]

S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-10 182768]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2010-02-23 570632]

S3 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2010-02-23 917768]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

 

-----------------EOF-----------------

 

 

 

 

Et l'autre

 

 

 

 

info.txt logfile of random's system information tool 1.08 2010-11-01 15:18:03

 

======Uninstall list======

 

Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}

Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}

Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe -maintain activex

Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 9.1 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001}

Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}\Setup.exe -runfromtemp -l0x0409

Alice Greenfingers-->"C:\Program Files (x86)\Asus\Game Park\Alice Greenfingers\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Alice Greenfingers\install.log"

Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}

Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}

Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

ASUS AI Recovery-->MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}

ASUS AP Bank-->"C:\Program Files (x86)\ASUS\ASUS AP Bank\unins000.exe"

ASUS CopyProtect-->MsiExec.exe /I{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}

ASUS Data Security Manager-->MsiExec.exe /X{FA2092C5-7979-412D-A962-6485274AE1EE}

ASUS FancyStart-->MsiExec.exe /I{2B81872B-A054-48DA-BE3B-FA5C164C303A}

ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}

ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9

ASUS MultiFrame-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9

ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}

ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}

ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}

ASUS WebStorage-->C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe

ASUS_Screensaver-->C:\Windows\system32\ASUS_Screensaver.scr /u

ATK Generic Function Service-->C:\Program Files (x86)\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly

ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}

ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}

ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B}

Avanquest update-->"C:\Program Files (x86)\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x040c -removeonly

avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup

Barre d'outils Bing-->C:\Program Files (x86)\Bing Bar Installer\InstallManager.exe /UNINSTALL

Bing Bar Platform-->MsiExec.exe /I{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}

Boingo Wi-Fi-->MsiExec.exe /X{B653A2EC-D816-4498-A4FD-651047AB9DC9}

CamStudio 2.0 Fr-->"C:\Program Files (x86)\CamStudio\unins000.exe"

CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"

Chicken Invaders 2-->"C:\Program Files (x86)\Asus\Game Park\Chicken Invaders 2\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Chicken Invaders 2\install.log"

ControlDeck-->MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}

Contrôle ActiveX Windows Live Mesh pour connexions à distance-->MsiExec.exe /I{55D003F4-9599-44BF-BA9E-95D060730DD3}

CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall

CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall

CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

Dream Day Wedding Married in Manhattan-->"C:\Program Files (x86)\Asus\Game Park\Dream Day Wedding Married in Manhattan\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Dream Day Wedding Married in Manhattan\install.log"

Fissa-->C:\Users\Gaetane\AppData\Roaming\FissaSearch\FissaUninstaller.exe /quiet

FormatFactory 2.50-->C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe

FreeCompressor-->MsiExec.exe /X{1EF93620-4B15-4DB4-B0EA-889E2F187081}

Game Park Console-->"C:\Program Files (x86)\Asus\Game Park\GameConsole\unins000.exe"

Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Installation Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}

Intel® Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm

Intel® Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel® Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall

Java 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}

Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Office « Démarrer en un clic » 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall

Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}

Microsoft Office Starter 2010 - Français-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-040C-0000-0000000FF1CE}

Microsoft Search Enhancement Pack-->MsiExec.exe /X{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}

Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Mozilla Firefox (3.5.15)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

MP3 Rocket Toolbar-->C:\Program Files (x86)\MP3 Rocket Toolbar\uninstall.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}

OfferBox-->MsiExec.exe /X{2C8574B5-6935-4FCE-860E-F4E8602378FF}

OpenOffice.org 3.2-->MsiExec.exe /I{266517E6-D866-439D-919C-B8B1A52E6080}

Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Piggly FREE-->"C:\Program Files (x86)\Asus\Game Park\Piggly FREE\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Piggly FREE\install.log"

QuickTime-->MsiExec.exe /I{E7004147-2CCA-431C-AA05-2AB166B9785D}

Revo Uninstaller 1.89-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe

Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}

Smileyville FREE-->"C:\Program Files (x86)\Asus\Game Park\Smileyville FREE\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Smileyville FREE\install.log"

Softonic_France Toolbar-->C:\PROGRA~2\SOFTON~1\UNWISE.EXE /U C:\PROGRA~2\SOFTON~1\INSTALL.LOG

Sony Ericsson PC Suite 6.009.00-->"C:\Program Files (x86)\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe" -runfromtemp -l0x040c -removeonly

Total Immersion D'Fusion @Home Web Plug-In-->"C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\uninstall.exe"

VIA Platform Device Manager-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}

VLC media player 1.1.2-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe

Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"

Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

Windows Live FolderShare-->MsiExec.exe /X{76810709-A7D3-468D-9167-A1780C1E766C}

Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}

Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}

Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}

Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}

Windows Movie Maker 2.6-->MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}

WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}

Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}

YouTube Downloader Suite V2.4.2-->"C:\Program Files (x86)\Apowersoft\YouTube Downloader Suite\unins000.exe"

 

======System event log======

 

Computer Name: Gaetane-PC

Event Code: 134

Message: NtpClient n'a pas pu définir d'homologue manuel utilisable comme source de temps en raison d'une erreur de résolution DNS sur "". NtpClient réessaiera dans 3473457 minutes, puis doublera l'intervalle d'attente pour les tentatives suivantes. L'erreur était : Le nom demandé est valide, mais aucune donnée du type requise n’a été trouvée. (0x80072AFC)

Record Number: 2229

Source Name: Microsoft-Windows-Time-Service

Time Written: 20100810104303.376721-000

Event Type: Avertissement

User: AUTORITE NT\SERVICE LOCAL

 

Computer Name: Gaetane-PC

Event Code: 7023

Message: Le service Windows Update s’est arrêté avec l’erreur :

%%-2147467243

Record Number: 2227

Source Name: Service Control Manager

Time Written: 20100810104302.846320-000

Event Type: Erreur

User:

 

Computer Name: Gaetane-PC

Event Code: 4001

Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

 

Record Number: 2224

Source Name: Microsoft-Windows-WLAN-AutoConfig

Time Written: 20100810104302.596720-000

Event Type: Avertissement

User: AUTORITE NT\Système

 

Computer Name: Gaetane-PC

Event Code: 7022

Message: Le service Windows Search est en attente de démarrage.

Record Number: 2156

Source Name: Service Control Manager

Time Written: 20100810104216.873040-000

Event Type: Erreur

User:

 

Computer Name: Gaetane-PC

Event Code: 4001

Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

 

Record Number: 2072

Source Name: Microsoft-Windows-WLAN-AutoConfig

Time Written: 20100609172129.536449-000

Event Type: Avertissement

User: AUTORITE NT\Système

 

=====Application event log=====

 

Computer Name: Gaetane-PC

Event Code: 10006

Message: Impossible de fermer l’application ou le service « avast! Antivirus ».

Record Number: 947

Source Name: Microsoft-Windows-RestartManager

Time Written: 20100810134006.664915-000

Event Type: Erreur

User: Gaetane-PC\Gaetane

 

Computer Name: Gaetane-PC

Event Code: 10006

Message: Impossible de fermer l’application ou le service « avast! Antivirus ».

Record Number: 946

Source Name: Microsoft-Windows-RestartManager

Time Written: 20100810134006.664915-000

Event Type: Erreur

User: Gaetane-PC\Gaetane

 

Computer Name: Gaetane-PC

Event Code: 1008

Message: Le service Windows Search démarre et tente de supprimer l’ancien index de recherche {Raison : Réinitialisation totale de l’index}.

 

Record Number: 760

Source Name: Microsoft-Windows-Search

Time Written: 20100810104517.000000-000

Event Type: Avertissement

User:

 

Computer Name: Gaetane-PC

Event Code: 11

Message: Fuite de mémoire possible. L’application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID : 276) a transmis un pointeur non NULL à RPC pour un paramètre [out] marqué [allocate(all_nodes)]. Les paramètres [allocate(all_nodes)] sont toujours réaffectés ; si le pointeur initial contenait une adresse mémoire valide, cela entraînerait une fuite de cette mémoire. L’appel provenait de l’interface avec l’UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Numéro de méthode (20). Action utilisateur : contactez le fournisseur de l’application pour obtenir une version mise à jour.

Record Number: 737

Source Name: Microsoft-Windows-RPC-Events

Time Written: 20100810104241.833084-000

Event Type: Avertissement

User: AUTORITE NT\SERVICE LOCAL

 

Computer Name: Gaetane-PC

Event Code: 1008

Message: Le service Windows Search démarre et tente de supprimer l’ancien index de recherche {Raison : Réinitialisation totale de l’index}.

 

Record Number: 733

Source Name: Microsoft-Windows-Search

Time Written: 20100811014147.000000-000

Event Type: Avertissement

User:

 

=====Security event log=====

 

Computer Name: WIN-UKV7LRJP980

Event Code: 4672

Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

 

Sujet :

ID de sécurité : S-1-5-18

Nom du compte : SYSTEM

Domaine du compte : NT AUTHORITY

ID d’ouverture de session : 0x3e7

 

Privilèges : SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 454

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100609172123.592838-000

Event Type: Succès de l’audit

User:

 

Computer Name: WIN-UKV7LRJP980

Event Code: 4624

Message: L’ouverture de session d’un compte s’est correctement déroulée.

 

Sujet :

ID de sécurité : S-1-5-18

Nom du compte : WIN-UKV7LRJP980$

Domaine du compte : WORKGROUP

ID d’ouverture de session : 0x3e7

 

Type d’ouverture de session : 5

 

Nouvelle ouverture de session :

ID de sécurité : S-1-5-18

Nom du compte : SYSTEM

Domaine du compte : NT AUTHORITY

ID d’ouverture de session : 0x3e7

GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

 

Informations sur le processus :

ID du processus : 0x1fc

Nom du processus : C:\Windows\System32\services.exe

 

Informations sur le réseau :

Nom de la station de travail :

Adresse du réseau source : -

Port source : -

 

Informations détaillées sur l’authentification :

Processus d’ouverture de session : Advapi

Package d’authentification : Negotiate

Services en transit : -

Nom du package (NTLM uniquement) : -

Longueur de la clé : 0

 

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

 

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

 

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

 

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

 

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

 

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.

- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .

- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.

- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.

- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.

Record Number: 453

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100609172123.592838-000

Event Type: Succès de l’audit

User:

 

Computer Name: WIN-UKV7LRJP980

Event Code: 4738

Message: Un compte d’utilisateur a été modifié.

 

Sujet :

ID de sécurité : S-1-5-21-3425452323-379920803-3362439344-500

Nom du compte : Administrator

Domaine du compte : WIN-UKV7LRJP980

ID d’ouverture de session : 0x265fd

 

Compte cible :

ID de sécurité : S-1-5-21-3425452323-379920803-3362439344-500

Nom du compte : Administrator

Domaine du compte : WIN-UKV7LRJP980

 

Attributs modifiés :

Nom du compte SAM : -

Nom complet : -

Nom principal de l’utilisateur : -

Répertoire de base : -

Lecteur de base : -

Chemin d’accès au script : -

Chemin d’accès au profil : -

Stations de travail utilisateurs : -

Dernière modification du mot de passe le : -

Le compte expire le : -

ID de groupe principal : -

Délégué autorisé : -

Ancienne valeur UAC : 0x210

Nouvelle valeur UAC : 0x211

Contrôle du compte d’utilisateur :

Compte désactivé

Paramètres utilisateur : -

Historique SID : -

Horaire d’accès : -

 

Informations supplémentaires :

Privilèges: -

Record Number: 452

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100609172121.783235-000

Event Type: Succès de l’audit

User:

 

Computer Name: WIN-UKV7LRJP980

Event Code: 4725

Message: Un compte d’utilisateur a été désactivé.

 

Sujet :

ID de sécurité : S-1-5-21-3425452323-379920803-3362439344-500

Nom du compte : Administrator

Domaine du compte : WIN-UKV7LRJP980

ID d’ouverture de session : 0x265fd

 

Compte cible :

ID de sécurité : S-1-5-21-3425452323-379920803-3362439344-500

Nom du compte : Administrator

Domaine du compte : WIN-UKV7LRJP980

Record Number: 451

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100609172121.783235-000

Event Type: Succès de l’audit

User:

 

Computer Name: WIN-UKV7LRJP980

Event Code: 1102

Message: Le journal d’audit a été effacé.

Objet :

ID de sécurité : S-1-5-21-3425452323-379920803-3362439344-500

Nom de compte : Administrator

Nom de domaine : WIN-UKV7LRJP980

ID de connexion : 0x265fd

Record Number: 450

Source Name: Microsoft-Windows-Eventlog

Time Written: 20100609172112.984820-000

Event Type: Succès de l’audit

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=AMD64

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

"NUMBER_OF_PROCESSORS"=2

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

"PROCESSOR_REVISION"=170a

"configsetroot"=%SystemRoot%\ConfigSetRoot

"asl.log"=Destination=file;OnFirstLog=command,environment,parent

"MOZ_PLUGIN_PATH"=C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn

"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

 

-----------------EOF-----------------

 

 

 

Mais je ne comprend pas ce qu'il faut que je fasse après

Pouvez vous m'aider svp

[Florinator]

Bonjour,

 

On va effectivement supprimer cette saloperie:

 

• 
   
  
• Va sur "Démarrer"/"Tous les programmes"/"Accessoires"/
  
• Clique droit sur "Invite de commande" puis "Exécuter en administrateur"
  
• Une fenêtre sur fond noir s'ouvre, tape exactement en respectant les espaces:
  

 

sc stop "ZwankySearch Service"

 

=>Valide avec [Entrée]

 

sc delete "ZwankySearch Service"

 

=>Valide avec [Entrée]

 

Dis moi si le service se supprime alors correctement, ensuite fais ceci:

 

 

Télécharge MBAM

 

• Installe le
  
• Lance l'outil
  
• Coche "Executer un examen complet"
  
• Si tu es en présence d'une infection à la fin de l'examen clique sur "ok"
  
• Clique sur Supprimer la sélection
  
• Pour poster le rapport clique sur l'onglet Rapports/Log et
  
• Sélectionne celui t'intéresse et clique sur Ouvrir
  
• Fait copier coller et poste le rapport stp
  

 

A++

[gagamissjtd]

Alors j'ai fait le truc du cadre noir et ça ma mis Accès refusé au deux fois c'est normal ?

Mais je comprend pas parce que cet après midi c'était parti et la il est revenu

Comment je fait ?

[Florinator]

Si tu es sûr de l'avoir fait en "Exécuter en administrateur", passe directement au scan de Mbam, on verra si il le sort ou pas.

Sinon on le sortira différemment.

 

A++

Modifié le 2 novembre 2010 par Florinator

[gagamissjtd]

Euh ben la en fait ça y est cela remarche --" et j'ai fait le truc du MBAM

[Florinator]

Ok, tu peux me poster le rapport de Mbam stp, regarde dans l'onglet "Rapport/Log".

 

A++