Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés

Posté(e)

Tu n'as pas pu le dire avant? :) :)

C'est un rogue ce que tu as là (MS Removal Tool)

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et redémarrer la machine en "Mode sans échec avec prise en charge réseau" en tapotant continuellement la touche F8 (ou F5), choisir la ligne désirée (avec les touches Haut/Bas) et presser la touche "Entrée". Si plusieurs utilisateurs, se connecter en tant qu'administrateur et suivre les étapes suivantes. Si problème pour une étape, passer à la suivant et revenir dessus à la fin (en mode normal si nécessaire).

 

>>> Réinitialiser le fichier Hosts: Aller ICI. Cliquer sur le bouton Fix It (sous Aidez-moi) fixit.png et suivre les instructions pour réinitialiser le fichier Hosts à sa version par défaut.

 

 

>>> Réinitialiser les paramètres d'Internet Explorer Aller ICI. Cliquer sur le bouton Fix It (sous Aidez-moi) fixit.png et suivre les instructions pour réinitialiser les paramètres d'Internet Explorer.

 

 

>>> Restaurer les paramètres Proxy: C'EST IMPERATIF. Tu remettras les réglages pour ton école après

- Sous Internet Explorer (si vous l'avez): Lancer IE et cliquer sur Outils => Options Internet => Connexions => Paramètres réseau => Décocher TOUT.

 

- Sous Firefox (si vous l'avez): Lancer FF et cliquer sur Outils => Options... => Avancé.

Cliquer sur l'onglet Réseau => Connexion => "Paramètres".

Sélectionner l'option "Pas de proxy...".

 

Note: Si vous avez personnalisé le fichier "Hosts" et/ou le "Proxy" faites les manipulations indiquées et remettez vos paramètres personnels après la fin de la désinfection.

 

 

>>> Télécharger, sur le Bureau Rkill (par Grinler) depuis un de ces liens:

 

>>> Utiliser Rkill: Double-cliquer sur le fichier Rkill. Son seul rôle est de désactiver (jusqu'au nouveau démarrage du PC) certains processus de malware pour débloquer l'utilisation des programmes de désinfection.

- Si le 1er fichier télécharger ne fonctionne pas en essayer un autre.

- Si pour une raison quelconque le PC doit être redémarré avant la fin de ces étapes, accepter et relancer RKill de nouveau.

- Je n'ai pas besoin de voir le rapport qu'il produit.

 

 

>>> Utiliser Malwarebytes' Anti-Malware: Fermer tout et double-cliquer sur mbam-setup.exe (pour Vista/ Windows7, cliquer-droit dessus => "Exécuter en tant qu'Administrateur"). Suivre les indications en laissant tout par défaut. Cliquer sur Terminer sans rien changer.

- Lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom. Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

 

mb3.jpg

 

Patienter jusqu'à la fin (affichage du message ci-dessous)

 

mb4.jpg

 

Cliquer sur OK, pour fermer ce message.

 

- Cliquer sur "Afficher les résultats" puis s'assurer que tout est coché et cliquer sur "Supprimer la sélection".

 

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM.

 

>>> OTL: Fermer toutes les applications et fenêtres ouvertes et cliquer-droit sur OTL.exe => "Exécuter en tant qu'Administrateur".

Sans rien changer ni rien ajouter, cliquer sur le bouton bleu Analyse et laisser faire.

 

Copier/ Coller le contenu du rapport généré avec celui de MBAM.

Posté(e) (modifié)

Je n'ai pas pu le dire avant car ça venait d'apparaître.

 

Mais ça n'a pas réapparu après.

(Ici sont les scans que j'ai fait en mode sans échec, je n'ai pas pu reset mes options internet car elles étaient désactivées. Je peux le refaire après si tu veux).

___________________________________

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 6647

 

Windows 6.1.7601 Service Pack 1 (Safe Mode)

Internet Explorer 9.0.8112.16421

 

29/05/2011 11:59:37

mbam-log-2011-05-29 (11-59-37).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 181708

Temps écoulé: 3 minute(s), 15 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

_______________________________________________

OTL logfile created on: 29/05/2011 12:09:07 - Run 1

OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Sky\Desktop

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,99 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 82,09% Memory free

5,99 Gb Paging File | 5,49 Gb Available in Paging File | 91,69% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 226,48 Gb Total Space | 113,31 Gb Free Space | 50,03% Space Free | Partition Type: NTFS

Drive D: | 226,51 Gb Total Space | 158,47 Gb Free Space | 69,96% Space Free | Partition Type: NTFS

 

Computer Name: PC-DE-GEO | User Name: Sky | Logged in as Administrator.

Boot Mode: SafeMode | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/05/29 06:19:59 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/05/29 06:19:59 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

MOD - [2010/11/20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2011/05/17 00:57:05 | 003,275,864 | ---- | M] () [Auto | Stopped] -- c:\program files\common files\akamai\netsession_win_8832f4b.dll -- (Akamai)

SRV - [2011/05/11 23:01:01 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2011/04/12 10:11:26 | 000,311,744 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2010/11/22 22:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)

SRV - [2010/08/18 18:44:27 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)

SRV - [2010/06/22 03:01:07 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2009/11/06 14:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)

SRV - [2009/11/06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)

SRV - [2009/10/20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2009/10/01 16:45:34 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2009/06/16 12:11:40 | 000,122,880 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)

SRV - [2009/04/13 15:47:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Stopped] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)

SRV - [2009/01/13 16:38:32 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)

SRV - [2008/10/16 17:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

SRV - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

SRV - [2008/10/04 05:09:02 | 000,069,632 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/04/08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010/10/08 16:57:54 | 000,100,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)

DRV - [2010/07/22 21:15:22 | 000,281,760 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)

DRV - [2010/07/22 21:15:22 | 000,025,888 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)

DRV - [2009/12/27 16:44:12 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2009/12/08 22:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)

DRV - [2009/11/29 12:52:09 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)

DRV - [2009/11/03 17:33:40 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)

DRV - [2009/10/20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)

DRV - [2009/10/14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)

DRV - [2009/10/02 19:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)

DRV - [2009/09/16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)

DRV - [2009/09/15 14:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvoclock.sys -- (nvoclock)

DRV - [2009/09/13 17:02:23 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)

DRV - [2009/09/01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)

DRV - [2009/08/21 22:24:03 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2009/07/21 08:13:24 | 000,005,632 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidshim.sys -- (hidshim)

DRV - [2009/07/21 08:13:22 | 000,022,528 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuvotonhidgeneric.sys -- (nuvotonhidgeneric)

DRV - [2009/07/14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Pilote de carte de liaison WiFi sans fil Intel®

DRV - [2009/03/30 04:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)

DRV - [2009/03/25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)

DRV - [2009/03/25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)

DRV - [2009/03/25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)

DRV - [2009/03/25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)

DRV - [2009/03/25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)

DRV - [2009/03/25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)

DRV - [2009/03/25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)

DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)

DRV - [2008/10/01 11:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\int15.sys -- (int15)

DRV - [2007/02/16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)

DRV - [2006/11/29 02:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1208&m=aspire_8730

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1208&m=aspire_8730

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = exnet.3il.fr;<local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 172.16.105.254:8082

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"

FF - prefs.js..network.proxy.ftp: "172.16.105.254"

FF - prefs.js..network.proxy.ftp_port: 8082

FF - prefs.js..network.proxy.http: "172.16.105.254"

FF - prefs.js..network.proxy.http_port: 8082

FF - prefs.js..network.proxy.no_proxies_on: "exnet.3il.fr,localhost,127.0.0.1"

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "172.16.105.254"

FF - prefs.js..network.proxy.socks_port: 8082

FF - prefs.js..network.proxy.ssl: "172.16.105.254"

FF - prefs.js..network.proxy.ssl_port: 8082

FF - prefs.js..network.proxy.type: 0

 

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/10 21:20:43 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/23 01:43:27 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/25 23:56:26 | 000,000,000 | ---D | M]

 

[2011/05/23 01:44:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sky\AppData\Roaming\mozilla\Extensions

[2011/05/26 14:50:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sky\AppData\Roaming\mozilla\Firefox\Profiles\2encygoc.default\extensions

[2011/05/27 10:57:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2010/05/21 11:36:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/08/02 20:41:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/12/10 18:01:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/05/27 10:57:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

[2009/11/29 12:53:12 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru

File not found (No name found) --

() (No name found) -- C:\USERS\SKY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ENCYGOC.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

[2009/11/20 22:11:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2011/04/14 18:47:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2006/01/02 18:01:02 | 000,053,248 | ---- | M] (Giganology Inc.) -- C:\Program Files\mozilla firefox\components\GigagetComponent.dll

[2011/05/27 10:57:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2011/05/25 03:17:48 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)

O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Programme d'assistance de Microsoft Web Test Recorder 10.0) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - D:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)

O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)

O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\System32\grpconv.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warkeys Update.lnk = D:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/activex/MaConfig_3_5_3_0.cab ("Ma-Config.com control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O24 - Desktop WallPaper: C:\Users\Sky\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Sky\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/05/29 06:19:50 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

[2011/05/29 01:58:24 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{2370727F-8654-4320-BAA9-23C0D74592B1}

[2011/05/27 13:20:10 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{FF850E68-C69D-4265-9207-5D1D26F25930}

[2011/05/27 10:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2011/05/27 10:57:35 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011/05/27 10:57:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011/05/27 10:57:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011/05/26 12:10:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011/05/26 12:10:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2011/05/26 12:10:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll

[2011/05/26 12:10:10 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2011/05/26 12:10:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll

[2011/05/26 12:10:10 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2011/05/26 12:10:10 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe

[2011/05/26 12:10:10 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe

[2011/05/26 12:10:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011/05/26 12:10:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2011/05/26 12:10:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2011/05/26 12:10:10 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2011/05/26 12:10:09 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2011/05/26 12:10:09 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011/05/26 12:10:09 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011/05/26 12:10:09 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2011/05/26 12:10:09 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011/05/26 12:10:09 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011/05/26 12:10:09 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2011/05/26 12:10:09 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2011/05/26 12:10:09 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011/05/26 12:10:09 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll

[2011/05/26 12:10:09 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011/05/26 12:10:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011/05/26 12:10:09 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2011/05/26 12:10:09 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2011/05/26 12:10:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2011/05/26 12:10:09 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2011/05/26 12:10:09 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2011/05/26 12:10:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2011/05/26 12:10:09 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011/05/26 12:10:09 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2011/05/26 12:10:09 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2011/05/26 12:10:09 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2011/05/26 12:10:09 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2011/05/26 12:10:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2011/05/26 12:10:09 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2011/05/26 12:10:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2011/05/26 12:10:09 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2011/05/25 21:00:15 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys

[2011/05/25 20:52:42 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{9840A7D5-27B9-46ED-9ECE-622FE163B5E9}

[2011/05/25 03:37:39 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011/05/24 19:53:46 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{4C979CAE-49BD-40AE-8FD6-C8F34FE554BB}

[2011/05/23 19:58:17 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{C4D28F14-334D-49FA-AFE3-2D506EBCEAEB}

[2011/05/23 10:16:53 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Malwarebytes

[2011/05/23 10:16:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/05/23 10:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/05/23 10:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/05/23 10:16:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/05/23 10:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/05/22 22:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2011/05/22 22:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

[2011/05/22 14:38:59 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{F790CAEC-1530-4F77-A2F8-3EC78ADA981E}

[2011/05/22 13:17:03 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

[2011/05/22 13:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

[2011/05/22 13:16:50 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Notepad++

[2011/05/22 13:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++

[2011/05/21 20:07:53 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{C6819AE8-1386-4E1F-A7BA-51B5CF392F1B}

[2011/05/21 17:43:13 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{364F19E3-F6AA-4A0F-83A2-4BD6F0FE57B3}

[2011/05/21 17:28:55 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe

[2011/05/21 17:28:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe

[2011/05/20 18:15:23 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{3F966BFB-8992-4822-8DAB-1B00ACC42802}

[2011/05/19 12:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace

[2011/05/19 12:32:58 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll

[2011/05/19 12:32:56 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2011/05/19 12:32:56 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2011/05/19 12:32:55 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2011/05/18 18:04:14 | 000,000,000 | ---D | C] -- C:\Users\Sky\LOLReplay

[2011/05/18 17:58:36 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{C6382986-20A0-4DA5-A29C-F729DEAF85E6}

[2011/05/17 17:04:59 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{D062D4D1-AFCD-4286-BFDC-804A2302C636}

[2011/05/16 05:58:26 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Media Player Classic

[2011/05/15 14:44:09 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{5164E0EF-6181-4682-BCFE-9FAFA0141698}

[2011/05/15 14:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs

[2011/05/15 14:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit

[2011/05/14 01:57:32 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{9EB49D72-63C2-41E9-8EAB-8848E5C0F648}

[2011/05/12 19:16:47 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{9A9452BA-7FA0-48DE-B479-C14B4ED7FFA1}

[2011/05/11 22:31:49 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{2E02B9E8-54C2-4919-A235-947F31F11C14}

[2011/05/09 18:06:23 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{DA4799ED-96DE-4FBF-9869-948930E26AC9}

[2011/05/05 22:57:32 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{9E5385F5-8471-4F60-BB5D-5E13879CDD5A}

[2011/05/05 22:56:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared

[2011/05/05 21:55:29 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames

[2011/05/05 21:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai

[2011/05/01 12:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dofus

[2009/07/21 14:47:46 | 000,315,392 | ---- | C] ( ) -- C:\Windows\System32\sbcrreag.dll

[2008/12/17 02:08:05 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

 

========== Files - Modified Within 30 Days ==========

 

[2011/05/29 11:32:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/05/29 11:32:11 | 2411,888,640 | -HS- | M] () -- C:\hiberfil.sys

[2011/05/29 06:20:57 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat

[2011/05/29 06:19:59 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

[2011/05/29 06:18:17 | 001,007,108 | ---- | M] () -- C:\Users\Sky\Desktop\rkill.exe

[2011/05/29 06:17:35 | 000,659,968 | ---- | M] () -- C:\Users\Sky\Desktop\MicrosoftFixit50195.msi

[2011/05/29 06:17:17 | 000,648,704 | ---- | M] () -- C:\Users\Sky\Desktop\MicrosoftFixit50267.msi

[2011/05/28 15:11:45 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/05/28 15:11:45 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/05/27 11:47:33 | 000,001,427 | ---- | M] () -- C:\Users\Sky\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2011/05/27 10:57:05 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2011/05/27 10:57:05 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011/05/27 10:57:05 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011/05/27 10:57:05 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011/05/27 02:19:32 | 000,363,226 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/05/27 02:19:32 | 000,299,718 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/05/27 02:19:32 | 000,044,944 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/05/27 02:19:32 | 000,037,582 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/05/26 12:10:10 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011/05/26 12:10:10 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2011/05/26 12:10:10 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll

[2011/05/26 12:10:10 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2011/05/26 12:10:10 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll

[2011/05/26 12:10:10 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2011/05/26 12:10:10 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe

[2011/05/26 12:10:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe

[2011/05/26 12:10:10 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011/05/26 12:10:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2011/05/26 12:10:10 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2011/05/26 12:10:10 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2011/05/26 12:10:09 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2011/05/26 12:10:09 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011/05/26 12:10:09 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011/05/26 12:10:09 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2011/05/26 12:10:09 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2011/05/26 12:10:09 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011/05/26 12:10:09 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2011/05/26 12:10:09 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2011/05/26 12:10:09 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2011/05/26 12:10:09 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll

[2011/05/26 12:10:09 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2011/05/26 12:10:09 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011/05/26 12:10:09 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2011/05/26 12:10:09 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2011/05/26 12:10:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2011/05/26 12:10:09 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2011/05/26 12:10:09 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2011/05/26 12:10:09 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2011/05/26 12:10:09 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2011/05/26 12:10:09 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2011/05/26 12:10:09 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2011/05/26 12:10:09 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2011/05/26 12:10:09 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2011/05/26 12:10:09 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf

[2011/05/26 12:10:09 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2011/05/26 12:10:09 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2011/05/26 12:10:09 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2011/05/26 12:10:09 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2011/05/25 03:37:39 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011/05/25 03:17:48 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts

[2011/05/24 12:14:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/05/23 17:36:19 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat

[2011/05/23 10:16:40 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/05/22 22:12:55 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/22 22:03:23 | 000,001,362 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LManager.exe - Raccourci.lnk

[2011/05/22 13:17:09 | 000,001,005 | ---- | M] () -- C:\Users\Sky\Desktop\Notepad++.lnk

[2011/05/19 00:24:10 | 000,000,700 | ---- | M] () -- C:\Users\Public\Desktop\Team Fortress 2.lnk

[2011/05/18 18:04:44 | 000,000,826 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk

[2011/05/18 18:04:44 | 000,000,772 | ---- | M] () -- C:\Users\Sky\Desktop\LOL Recorder.lnk

[2011/05/17 13:44:40 | 002,290,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/05/07 20:01:07 | 000,046,742 | ---- | M] () -- C:\Users\Sky\AppData\Roaming\room.dat

 

========== Files Created - No Company Name ==========

 

[2011/05/29 06:18:05 | 001,007,108 | ---- | C] () -- C:\Users\Sky\Desktop\rkill.exe

[2011/05/29 06:17:34 | 000,659,968 | ---- | C] () -- C:\Users\Sky\Desktop\MicrosoftFixit50195.msi

[2011/05/29 06:17:15 | 000,648,704 | ---- | C] () -- C:\Users\Sky\Desktop\MicrosoftFixit50267.msi

[2011/05/26 12:10:09 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf

[2011/05/26 12:03:20 | 000,001,433 | ---- | C] () -- C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2011/05/26 12:03:20 | 000,001,427 | ---- | C] () -- C:\Users\Sky\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2011/05/24 12:14:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/05/23 10:16:40 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/05/23 01:43:41 | 000,001,112 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2011/05/22 22:12:55 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/22 22:03:23 | 000,001,362 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LManager.exe - Raccourci.lnk

[2011/05/22 13:17:09 | 000,001,005 | ---- | C] () -- C:\Users\Sky\Desktop\Notepad++.lnk

[2011/05/18 18:04:14 | 000,000,826 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk

[2011/05/18 18:04:14 | 000,000,772 | ---- | C] () -- C:\Users\Sky\Desktop\LOL Recorder.lnk

[2011/05/18 18:04:14 | 000,000,772 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk

[2011/05/07 04:47:43 | 000,000,700 | ---- | C] () -- C:\Users\Public\Desktop\Team Fortress 2.lnk

[2011/04/14 01:36:26 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat

[2011/04/10 00:47:47 | 000,046,742 | ---- | C] () -- C:\Users\Sky\AppData\Roaming\room.dat

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2011/03/26 19:54:23 | 000,000,175 | ---- | C] () -- C:\Windows\Wininit.ini

[2011/01/10 21:05:05 | 000,245,776 | ---- | C] () -- C:\Windows\hpoins19.dat

[2011/01/10 21:05:05 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat

[2011/01/10 20:27:52 | 000,019,696 | ---- | C] () -- C:\Windows\hpomdl05.dat

[2011/01/10 20:06:58 | 000,070,095 | ---- | C] () -- C:\Windows\hpoins05.dat.temp

[2011/01/10 20:06:58 | 000,019,696 | ---- | C] () -- C:\Windows\hpomdl05.dat.temp

[2010/09/26 00:27:05 | 000,007,604 | ---- | C] () -- C:\Users\Sky\AppData\Local\resmon.resmoncfg

[2010/08/05 14:21:30 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib

[2010/07/22 21:15:22 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys

[2010/06/05 12:36:18 | 000,000,197 | ---- | C] () -- C:\Windows\MORDOR.INI

[2010/06/05 12:36:06 | 000,090,702 | ---- | C] () -- C:\Windows\SETUP1.EXE

[2010/06/05 12:36:06 | 000,002,573 | ---- | C] () -- C:\Windows\WAVEMIX.INI

[2010/06/02 20:40:38 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys

[2010/04/09 21:08:26 | 000,094,208 | ---- | C] () -- C:\Windows\System32\zmbv.dll

[2010/01/03 19:15:38 | 000,053,488 | ---- | C] () -- C:\Windows\War3Unin.dat

[2010/01/01 12:24:25 | 000,008,192 | ---- | C] () -- C:\Users\Sky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/12/27 16:47:47 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll

[2009/11/29 12:53:00 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat

[2009/11/29 12:53:00 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat

[2009/11/29 12:20:31 | 000,023,432 | ---- | C] () -- C:\Users\Sky\AppData\Roaming\UserTile.png

[2009/11/20 22:41:46 | 000,123,780 | R--- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT

[2009/11/20 22:41:46 | 000,001,496 | R--- | C] () -- C:\Windows\System32\drivers\RtkAcerM.dat

[2009/11/20 22:41:46 | 000,000,728 | R--- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat

[2009/11/20 22:38:47 | 000,000,091 | ---- | C] () -- C:\Users\Sky\AppData\Local\fusioncache.dat

[2009/11/20 22:23:22 | 000,022,292 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat

[2009/10/20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[2009/10/19 16:47:23 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2009/10/19 16:47:22 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2009/10/19 16:47:15 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2009/10/19 16:47:15 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2009/10/19 16:47:15 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2009/10/19 16:47:13 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2009/10/16 21:54:03 | 000,040,960 | ---- | C] () -- C:\Windows\System32\MMAVILNG.exe

[2009/10/16 21:52:47 | 000,001,890 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys

[2009/10/16 21:52:47 | 000,000,056 | RHS- | C] () -- C:\Windows\System32\E43A1514AE.sys

[2009/09/19 22:23:37 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat

[2009/09/13 16:12:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/09/10 20:49:37 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE

[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat

[2009/09/07 22:53:11 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini

[2009/09/02 20:24:58 | 000,000,552 | ---- | C] () -- C:\Windows\maplev4.ini

[2009/09/02 08:02:45 | 000,000,000 | ---- | C] () -- C:\Windows\WB.ini

[2009/09/02 00:17:58 | 000,058,792 | ---- | C] () -- C:\Windows\System32\wbload.dll

[2009/08/31 19:49:40 | 000,022,328 | ---- | C] () -- C:\Users\Sky\AppData\Roaming\PnkBstrK.sys

[2009/08/25 22:28:19 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2009/07/14 10:39:49 | 000,363,226 | ---- | C] () -- C:\Windows\System32\perfh00C.dat

[2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat

[2009/07/14 10:39:49 | 000,044,944 | ---- | C] () -- C:\Windows\System32\perfc00C.dat

[2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat

[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 06:33:53 | 002,290,088 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009/07/14 04:05:48 | 000,299,718 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009/07/14 04:05:48 | 000,037,582 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2008/12/16 17:18:52 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe

[2008/12/16 17:18:52 | 000,105,984 | ---- | C] () -- C:\Windows\FixUVC.exe

[2008/12/16 17:18:52 | 000,000,057 | ---- | C] () -- C:\Windows\PidList.ini

[2008/12/16 17:17:49 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini

[2008/12/16 17:17:49 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat

[2008/12/16 17:17:49 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat

[2008/12/16 17:17:49 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat

[2008/12/16 17:17:49 | 000,000,008 | R--- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat

[2008/11/20 02:34:45 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll

[2008/11/20 02:34:45 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll

[2008/11/11 05:27:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

[2008/11/11 05:27:24 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll

[2008/11/11 05:27:24 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll

[2008/11/11 05:26:52 | 000,000,041 | ---- | C] () -- C:\Windows\Prelaunch.ini

[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2001/12/26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll

[2001/09/04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll

[2001/07/30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll

[2001/07/23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 16 bytes -> C:\Users\Sky\Downloads:Shareaza.GUID

 

< End of report >

_________________________________________________________________________________

OTL Extras logfile created on: 29/05/2011 12:09:07 - Run 1

OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Sky\Desktop

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,99 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 82,09% Memory free

5,99 Gb Paging File | 5,49 Gb Available in Paging File | 91,69% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 226,48 Gb Total Space | 113,31 Gb Free Space | 50,03% Space Free | Partition Type: NTFS

Drive D: | 226,51 Gb Total Space | 158,47 Gb Free Space | 69,96% Space Free | Partition Type: NTFS

 

Computer Name: PC-DE-GEO | User Name: Sky | Logged in as Administrator.

Boot Mode: SafeMode | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.bat [@ = batfile] -- Reg Error: Key error. File not found

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring" = 1

"" =

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4

"{0266CCBE-BBD8-416C-A48F-7FC47C6DB566}" = Microsoft SQL Server System CLR Types

"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)

"{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store

"{0E9C6F05-A8E5-482F-B7D5-78943BCC6073}" = Ragnarok

"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status

"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan

"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In

"{11C2292E-65CB-4533-ABFC-24E39C4211CD}" = Adobe Dreamweaver CS4

"{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16D919E6-F019-4E15-BFBE-4A85EF19DA57}" = Oblivion - Spell Tomes

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch

"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2

"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1

"{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}" = Upgrade Kit

"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F25F81F-AFC4-4A38-9CD0-7F321BFDEDBC}" = Microsoft SQL Server VSS Writer

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare

"{20C640F8-4703-4B78-9EC5-D43E42E92E90}" = XSplit

"{23D448C7-7DC7-4C15-B47D-C99364501F07}" = Microsoft SQL Server 2008 Database Engine Services

"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 25

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{2A7F0737-99DD-4D56-8866-C4FE96F44F2A}" = TES Construction Set

"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm

"{2F2E3D62-8B8C-448F-8900-451325E50948}" = Oblivion - Wizard's Tower

"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery

"{302E9B7B-2B6A-4C29-9A02-9F2110649779}" = Nuvoton EC Generic HID Driver

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{348CEF9D-95C7-4CA1-89ED-174900821CB4}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - FRA

"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Logiciel Intel® PROSet/Wireless WiFi

"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3ABEBD00-299D-4DCA-967F-B912163AB5EA}" = Oblivion - Horse Armor Pack

"{3BA7E387-9401-3371-9464-5E224D243FC5}" = Outils Microsoft Visual Studio 2010 ADO.NET Entity Framework

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy

"{3CAC9760-14F6-4539-A75F-F240EC55FEE9}" = Ma-Config.com

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{3FD4B9B7-9F73-4753-967C-B909929EAD60}" = Microsoft Sync Framework SDK v1.0 SP1 fr

"{3FF37A38-3781-493E-8EBF-BB143C843796}" = Microsoft Silverlight 3 SDK - Français

"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools

"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02]

"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition

"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit

"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg

"{4401409D-25F1-4E85-8A3C-6BA6FFCFBFED}" = Microsoft SQL Server 2008 Browser

"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax

"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files

"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport

"{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}" = OpenOffice.org 3.2

"{4EE72E74-53A6-4E82-905E-C2D19311287E}" = Microsoft ASP.NET MVC 2 - FRA

"{51DE0B73-7A33-41B8-9183-8321D40815E0}" = Microsoft SQL Server 2008 Common Files

"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair

"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs

"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4

"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter

"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes

"{5F907BE8-0033-31EA-B83F-18405837AA8F}" = Microsoft Visual Studio 2010 SharePoint Developer Tools

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2

"{6577657B-A10C-47A1-A50D-512C7748CB2C}" = Adobe Setup

"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update

"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content

"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{690DFF6B-82E9-41B0-9794-71BCEED98F09}" = Adobe Flash CS4 Extension - Flash Lite STI fr

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319

"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply

"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox

"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6F6D6F36-0B0A-4C88-AB1D-986046435A24}" = Dotfuscator Software Services - Community Edition - FRA

"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime

"{73E17122-EC84-45B4-943B-735257B5CBDC}" = Adobe Photoshop CS4 Support

"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network

"{76B91CF8-2A5C-3BFD-B95B-D718D52088C4}" = Module linguistique Microsoft Visual F# 2.0 Runtime - FRA

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver

"{7A78C597-9D23-3C25-AE57-132F62D62F02}" = Microsoft Visual Studio Macro Tools - FRA Language Pack

"{7AD4FE43-6F4E-4DD5-AE2E-02F367192BE0}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project

"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance

"{7CCA1688-6F09-49AE-887B-E29A552A187A}" = Morrowind

"{7F30941A-F236-4DD0-A245-A5B09991633B}" = Smart Mod Manager

"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{83E0F08C-C476-3987-B57E-7F45C177E1D7}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - FRA

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology

"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends

"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer

"{92975DF9-EA36-4F36-A9AC-D412BC1D709E}" = Nuvoton EC Generic HID Driver

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{93074803-3F61-4595-AC67-FFC20B3BE06A}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{93F07BB2-BAD8-4638-AFB6-0A1EE5624DAE}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) fr

"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96D33319-C14C-3070-A464-CE8416E46487}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support

"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab

"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A1FE2467-01B8-3666-BA44-91D44342BAD7}" = Microsoft Team Foundation Server 2010 Object Model - FRA

"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management

"{A6CB9620-444F-4B8B-B088-C2BD3FD0A587}_is1" = Counter-Strike 1.6 V42 No-Steam

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio

"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch

"{AC76BA86-1033-F400-7760-000000000004}_944" = Adobe Acrobat 9.4.4 - CPSID_83708

"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4

"{AD5CE491-1257-3FF3-9A00-BBEBD57932F4}" = Microsoft Visual Studio 2010 Performance Collection Tools - FRA

"{AF6919D0-5691-4F35-9D65-54F981013514}" = Microsoft SQL Server Compact 3.5 SP2 FRA

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B01A7AFC-0356-43AF-A333-C65912AEA8DC}" = Objets de gestion Microsoft SQL Server 2008 R2

"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{B466A9C8-CF42-49E6-A211-A80A3AA272FC}" = Infra. d'app. de la couche Données Microsoft SQL Server 2008 R2

"{B4B6D2ED-1D71-326E-8E61-AD6778046C47}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA

"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services

"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B

"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader

"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BC398BE9-C1DC-374B-90B1-460CB70C7CDD}" = Microsoft Help Viewer 1.0 Language Pack - FRA

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{C17F6CF7-6C7D-4A45-B75E-C3E33A24E773}" = Adobe Flash CS4

"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX

"{C5E05888-7559-3A01-A3A7-739AC400E1C1}" = Microsoft Visual Studio 2010 Ultimate - FRA

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program

"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CEA5BAEC-4E75-4803-9C43-4B0D14D6F4BC}" = IDM 6.05 Build 1 Final Precracked by thienthanty for win 32bit

"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack

"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.57.409

"{D0EE7809-8F5E-46EF-95DC-B30DCE22653F}" = Adobe Creative Suite 4 Master Collection

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.1

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D60023FA-3DF1-4537-93DD-13024CC4E366}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA

"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential

"{DB3A97C0-EEC1-43FE-AB56-E2EA972CF111}" = 1600

"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader

"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting

"{DD8E9F7D-0FD7-4984-9459-40C86F01EC2C}" = Fichiers de support d'installation de Microsoft SQL Server 2008

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E1951CF4-91CE-46F0-A1BD-3A4A67069097}" = Adobe Premiere Pro CS4 Third Party Content

"{E2E01E91-2314-42BC-B5E3-1715DAE84F98}" = Adobe Photoshop CS4

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

"{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}" = AdobeColorCommonSetCMYK

"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext

"{E989D16F-0B39-4E74-8BD5-149BEE1477FE}" = Microsoft SQL Server 2008 RsFx Driver

"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor

"{EA79DC46-98B0-4A26-A76F-448A032E5E4D}" = 1600Trb

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EC425CFC-EE78-4A91-AA25-3BFA65B75364}" = Oblivion - Orrery

"{EE393EE6-708F-43AC-B9B8-E1191DC353D9}" = Microsoft SQL Server 2008 Native Client

"{EF295F5C-7B57-47AA-8889-6B3E8E214E89}" = Oblivion - Mehrunes Razor

"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F0FD00FD-CE66-474F-A116-72B4880E8B47}" = Microsoft SQL Server 2008 Database Engine Shared

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist

"{F1DF9BCC-C974-4339-A628-7F6418931F2F}" = Adobe Flash CS4 STI-fr

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared

"{F37AADAE-7560-42BE-96E2-B968E6DAFC62}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86) fr

"{F870B987-18BC-45FC-9BE8-35C02DCDA10F}" = Broadcom Gigabit Integrated Controller

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs

"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner

"{FEA5A8ED-93A1-44EE-9A7D-43103DB3F78D}" = 1600_Help

"{FF63E956-55FC-42B6-80A3-1B1666AA82D8}" = Microsoft Sync Framework Services v1.0 SP1 (x86) fr

"{FFFFFD17-B460-41EB-93F1-C48ABAD63828}" = Oblivion - Thieves Den

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe_b2b1c7c62c4ae0a954789ed71d36a7a" = Adobe Creative Suite 4 Master Collection

"AIMP2" = AIMP2

"AIMP2at" = AIMP2: Audio Tools

"Akamai" = Akamai NetSession Interface

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)

"CCleaner" = CCleaner

"CloneCD" = CloneCD

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP

"DotAzilla" = DotAzilla

"FormatFactory" = FormatFactory 2.10

"Garena" = Garena

"GridVista" = Acer GridVista

"Guitar Pro 5_is1" = Guitar Pro 5.2

"HijackThis" = HijackThis 2.0.2

"HP Imaging Device Functions" = HP Imaging Device Functions 13.0

"HP Photosmart Essential" = HP Photosmart Essential 3.5

"HP Smart Web Printing" = HP Smart Web Printing 4.51

"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0

"HPExtendedCapabilities" = HP Customer Participation Program 13.0

"HPOCR" = OCR Software by I.R.I.S. 13.0

"InfraRecorder" = InfraRecorder

"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update

"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance

"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor

"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.2.0

"L4D2SP" = Left 4 Dead 2 Standalone Patch

"L4D2SPUC" = Left 4 Dead 2 Standalone Patch

"LastFM_is1" = Last.fm 1.5.4.27091

"Live 8.0.4" = Live 8.0.4

"LManager" = Launch Manager

"Magicka_is1" = Magicka

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Messenger Plus!" = Messenger Plus! 5

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA

"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0

"Microsoft Help Viewer 1.0 Language Pack - FRA" = Module linguistique de la visionneuse d'aide Microsoft 1.0 - FRA

"Microsoft SQL Server 10" = Microsoft SQL Server 2008

"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008

"Microsoft Team Foundation Server 2010 Object Model - FRA" = Modèle objet Microsoft Team Foundation Server 2010 - Français

"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)

"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA" = Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x86) - FRA

"Microsoft Visual Studio 2010 Ultimate - FRA" = Microsoft Visual Studio 2010 Ultimate - Français

"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools

"Microsoft Visual Studio Macro Tools - FRA Language Pack" = Microsoft Visual Studio Macro Tools - FRA Language Pack

"Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr)

"Mumble" = Mumble and Murmur

"Notepad++" = Notepad++

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"NVIDIA Drivers" = NVIDIA Drivers

"ProInst" = Intel PROSet Wireless

"Shockwave" = Shockwave

"Shop for HP Supplies" = Shop for HP Supplies

"Steam App 240" = Counter-Strike: Source

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"SystemRequirementsLab" = System Requirements Lab

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"Tunngle beta_is1" = Tunngle beta

"uTorrent" = µTorrent

"VLC media player" = VLC media player 1.0.1

"Warkeys" = Warkeys 1.18.1.0b

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"WinLiveSuite" = Windows Live

"WinPcapInst" = WinPcap 4.1.1

"ZHPDiag_is1" = ZHPDiag 1.27

"ZMBV" = Zip Motion Block Video codec (Remove Only)

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"FileZilla Client" = FileZilla Client 3.3.5.1

"Google Chrome" = Google Chrome

"I-Doser v4" = I-Doser v4

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 30/01/2011 07:45:55 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 30/01/2011 07:45:55 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 30/01/2011 07:45:55 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3011

Description = Le déchargement des chaînes de compteurs de performances pour le service

WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code

d’erreur.

 

Error - 31/01/2011 04:32:45 | Computer Name = PC-de-Geo | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante PLFSetI.exe, version : 1.0.1.0, horodatage

: 0x471d62d0 Nom du module défaillant : PLFSetI.exe, version : 1.0.1.0, horodatage

: 0x471d62d0 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00001afe ID du processus

défaillant : 0x90c Heure de début de l’application défaillante : 0x01cbc1216d6f4717

Chemin

d’accès de l’application défaillante : C:\Windows\PLFSetI.exe Chemin d’accès du

module défaillant: C:\Windows\PLFSetI.exe ID de rapport : ad02aa21-2d14-11e0-99d6-001d72ecffa0

 

Error - 31/01/2011 04:32:53 | Computer Name = PC-de-Geo | Source = WinMgmt | ID = 10

Description =

 

Error - 31/01/2011 04:36:53 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 31/01/2011 04:36:53 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 31/01/2011 04:36:53 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3011

Description = Le déchargement des chaînes de compteurs de performances pour le service

WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code

d’erreur.

 

Error - 31/01/2011 21:49:02 | Computer Name = PC-de-Geo | Source = VSS | ID = 13

Description =

 

Error - 31/01/2011 21:49:02 | Computer Name = PC-de-Geo | Source = VSS | ID = 8193

Description =

 

 

========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >

Modifié par Sky.Death
Posté(e)

...

(Ici sont les scans que j'ai fait en mode sans échec, je n'ai pas pu reset mes options internet car elles étaient désactivées. Je peux le refaire après si tu veux).

 

C'était plutôt tout à faire en même temps et en "Mode sans échec avec prise en charge réseau" qu'il fallait faire parce que dans les autres mode le rogue ne peut empêcher les utilitaires de le détecter. D'autre part en mode sans échec on n'a pas accès à internet.

 

Essaie de faire comme tu peux ce que tu n'as pas fait et dis-moi si tu as toujours ton problème au démarrage.

Posté(e)

Rien n'a changé, le rogue n'a même pas eu l'air d'avoir existé (ça ne m'a mis ce message qu'une seule fois) et il n'est pas détecté par tout les scans que j'ai fait (différents webscans, MalwareBytes, Kaspersky) et ce après avoir utilisé rkill et un programme exprès pour désinfecter ce rogue.

 

Donc démarrage très long, le theme Aero qui ne se lance plus... Et aussi les fenêtres de Windows dont je ne vois plus le contenu (exemple quand je fais Enregistrer Sous : je ne vois plus les noms de fichiers, juste les icones, et les "Parcourir" et consorts n'apparaissent plus (ça va avec le problème de theme je suppose).

Posté(e)

Alors là! Je ne sais plus quoi te proposer en matière d'infection.

Utilise ZHPDiag comme dans le post#4 pour générer un nouveau rapport et colle l'URL dans ta prochaine réponse. On verra s'il nous déniche quelque chose.

Posté(e)

Voila voila :

 

Rapport de ZHPScan v1.27 par Nicolas Coolman, Update du 31/05/2011

Run by Sky at 31/05/2011 23:00:45

Web site : ZHPDiag Outil de diagnostic

 

 

---\\ Clés de Registre trouvées (Registry Keys found)

[HKLM\Software\Messenger Plus!\OpenCandy] =>Adware.OpenCandy

[HKLM\Software\Classes\AppID\SoftwareUpdate.exe] =>PUP.Eorezo

[HKCU\Software\PopCap] =>Adware.PopCap

[HKLM\Software\PopCap] =>Adware.PopCap

 

---\\ Valeurs de clé de Registre trouvées (Registry Values found)

[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBar

 

---\\ Dossiers trouvés (Directories found)

C:\ProgramData\PopCap Games =>Adware.PopCap

C:\Users\Sky\AppData\Roaming\teamspeak2 =>Toolbar.Conduit

 

---\\ Fichiers Firefox trouvés (Files found)

*** None ***

 

---\\ Fichiers trouvés (Files found)

*** None ***

 

---\\ Bilan de la recherche (Scan Result)

Database Version : 8370 - (31/05/2011)

Clés trouvées (Keys found) : 4

Valeurs de clé trouvées (Values found) : 1

Dossiers trouvés (Folders found) : 2

Fichiers trouvés (Files found) : 0

 

End of the scan in 00mn 09s

_______________________________

 

Donc apparemment, a part quelques spywares y'a rien de bien méchant...

Peut-être que ça ne vient pas d'une infection mais d'un problème de Windows lui-même vu que j'ai eu ce problème après une mise à jour.

Posté(e)

Bonjour,

 

...

Donc apparemment, a part quelques spywares y'a rien de bien méchant...

Peut-être que ça ne vient pas d'une infection mais d'un problème de Windows lui-même vu que j'ai eu ce problème après une mise à jour.

Tout juste, mais des fois il suffit de presque rien!

 

>>> Utiliser ZHPFix:

 

  • Sélectionner et copier le texte suivant:
     
    [HKLM\Software\Messenger Plus!\OpenCandy]
    [HKLM\Software\Classes\AppID\SoftwareUpdate.exe]
    [HKCU\Software\PopCap]
    [HKLM\Software\PopCap]
    [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440}
    C:\ProgramData\PopCap Games
    C:\Users\Sky\AppData\Roaming\teamspeak2
  • Lancer ZHPFix et clique sur le bouton [H].
  • Vérifier que toutes les lignes copiées (et rien d'autre) apparaissent dans la fenêtre (et disposées exactement de la même façon) et clique sur le bouton [OK] puis sur sur le bouton [Tous].
  • Fermer toutes les applications et autres fenêtres en cours (y compris Internet) et désactiver tous les programmes de protection (antivirus, pare-feu et antispyware).
  • Enfin clique sur le bouton [Nettoyer] et laisser faire.
     
    Important: Redémarrer le PC pour finir le nettoyage si demandé.

Copie/colle le contenu du rapport qui s'ouvre dans la prochaine réponse. Ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt.

 

Un changement quelconque?

Posté(e)

Rien n'a changé après redémarrage, j'ai tenté de faire un rapport RSIT comme me l'a conseillé un pote, voila tout les logs :

 

Rapport de ZHPFix 1.12.3291 par Nicolas Coolman, Update du 31/05/2011

Fichier d'export Registre :

Run by Sky at 02/06/2011 00:25:59

Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)

Web site : ZHPFix Fix de rapport

 

========== Clé(s) du Registre ==========

SUPPRIME: HKLM\Software\Messenger Plus!\OpenCandy

SUPPRIME: HKLM\Software\Classes\AppID\SoftwareUpdate.exe

SUPPRIME: HKCU\Software\PopCap

SUPPRIME: HKLM\Software\PopCap

 

========== Valeur(s) du Registre ==========

SUPPRIME: [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440}

 

========== Dossier(s) ==========

SUPPRIME: c:\programdata\popcap games

SUPPRIME: c:\users\sky\appdata\roaming\teamspeak2

 

 

========== Récapitulatif ==========

4 : Clé(s) du Registre

1 : Valeur(s) du Registre

2 : Dossier(s)

 

 

End of the scan

___________________________________

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by Sky at 2011-06-02 02:13:10

Microsoft Windows 7 Édition Familiale Premium Service Pack 1

System drive C: has 113 GB (49%) free of 232 GB

Total RAM: 3067 MB (66% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 02:13:29, on 02/06/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Users\Sky\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe

C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

D:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Users\Sky\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Internet Download Manager\IEMonitor.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Internet Download Manager\IDMan.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Sky\Downloads\Programs\RSIT.exe

C:\Program Files\trend micro\Sky.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1208&m=aspire_8730

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1208&m=aspire_8730

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = exnet.3il.fr;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll

O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Programme d'assistance de Microsoft Web Test Recorder 10.0 - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - D:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe

O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Sky\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O4 - Startup: Warkeys Update.lnk = D:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: LManager.exe - Raccourci.lnk = C:\Program Files\Launch Manager\LManager.exe

O4 - Global Startup: LOLRecorder.lnk = D:\Program Files\LOLReplay\LOLRecorder.exe

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm

O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll

O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://www.ma-config.com/activex/MaConfig_3_5_3_0.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Akamai NetSession Interface (Akamai) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: MobilityService - Acer Incorporated - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 26375 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]

IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2011-04-15 210352]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]

HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]

IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll [2009-10-20 68112]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]

ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2009-04-13 312880]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-27 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]

Programme d'assistance de Microsoft Web Test Recorder 10.0 - D:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]

FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll [2009-10-20 268816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]

SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]

HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]

{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2009-04-13 142896]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-06 7600672]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-25 1049896]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]

"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2010-08-18 340520]

"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2009-04-13 526896]

"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2010-04-28 142120]

"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"=C:\Users\Sky\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-25 136176]

"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2011-04-25 3298712]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]

D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-09-22 640440]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]

C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]

C:\Program Files\Internet Download Manager\IDMan.exe [2011-04-25 3298712]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]

D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]

C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-02-20 3046808]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]

C:\Windows\PLFSetI.exe [2007-10-23 200704]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]

C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2009-12-08 774144]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

[]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

LManager.exe - Raccourci.lnk - C:\Program Files\Launch Manager\LManager.exe

LOLRecorder.lnk - D:\Program Files\LOLReplay\LOLRecorder.exe

 

C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Warkeys Update.lnk - D:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]

C:\Windows\system32\klogon.dll [2009-10-20 219664]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"legalnoticetext"=

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption"

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu"

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr"

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr"

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption"

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption"

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu"

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr"

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr"

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - "D:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"

 

======List of files/folders created in the last 1 months======

 

2011-06-02 02:13:11 ----D---- C:\Program Files\trend micro

2011-06-02 02:13:10 ----D---- C:\rsit

2011-06-02 00:25:59 ----A---- C:\ZHPExportRegistry-02-06-2011-00-25-59.txt

2011-05-29 23:49:00 ----D---- C:\Users\Sky\AppData\Roaming\QuickScan

2011-05-29 23:17:10 ----D---- C:\Windows\BDOSCAN8

2011-05-29 22:07:35 ----D---- C:\Users\Sky\AppData\Roaming\IDM

2011-05-29 22:07:08 ----D---- C:\Program Files\Internet Download Manager

2011-05-29 11:32:11 ----A---- C:\Windows\ntbtlog.txt

2011-05-27 10:58:24 ----D---- C:\Program Files\Common Files\Java

2011-05-27 10:57:35 ----A---- C:\Windows\system32\javaws.exe

2011-05-27 10:57:35 ----A---- C:\Windows\system32\javaw.exe

2011-05-27 10:57:35 ----A---- C:\Windows\system32\java.exe

2011-05-26 12:10:10 ----A---- C:\Windows\system32\wininet.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\urlmon.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\SetIEInstalledDate.exe

2011-05-26 12:10:10 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2011-05-26 12:10:10 ----A---- C:\Windows\system32\msrating.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\msls31.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\mshtmler.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\msfeedssync.exe

2011-05-26 12:10:10 ----A---- C:\Windows\system32\msfeedsbs.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\jsproxy.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\ieui.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\iesysprep.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\iertutil.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\ieframe.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\ieakeng.dll

2011-05-26 12:10:10 ----A---- C:\Windows\system32\IEAdvpack.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\wextract.exe

2011-05-26 12:10:09 ----A---- C:\Windows\system32\webcheck.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\vbscript.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\url.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\pngfilt.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\occache.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\mshtmled.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\mshtml.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\mshta.exe

2011-05-26 12:10:09 ----A---- C:\Windows\system32\msfeeds.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\licmgr10.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\jscript9.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\jscript.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\inseng.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\imgutil.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\iexpress.exe

2011-05-26 12:10:09 ----A---- C:\Windows\system32\ieUnatt.exe

2011-05-26 12:10:09 ----A---- C:\Windows\system32\iesetup.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\iernonce.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\iepeers.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\iedkcs32.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\ieapfltr.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\ieakui.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\ieaksie.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\ie4uinit.exe

2011-05-26 12:10:09 ----A---- C:\Windows\system32\icardie.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\dxtrans.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\dxtmsft.dll

2011-05-26 12:10:09 ----A---- C:\Windows\system32\admparse.dll

2011-05-25 21:00:15 ----A---- C:\Windows\system32\drivers\Diskdump.sys

2011-05-23 10:16:53 ----D---- C:\Users\Sky\AppData\Roaming\Malwarebytes

2011-05-23 10:16:39 ----D---- C:\ProgramData\Malwarebytes

2011-05-23 10:16:39 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys

2011-05-23 10:16:36 ----A---- C:\Windows\system32\drivers\mbam.sys

2011-05-23 10:16:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2011-05-22 22:08:36 ----D---- C:\Program Files\ZHPDiag

2011-05-22 13:16:50 ----D---- C:\Users\Sky\AppData\Roaming\Notepad++

2011-05-22 13:16:50 ----D---- C:\Program Files\Notepad++

2011-05-21 17:28:55 ----A---- C:\Windows\system32\prevhost.exe

2011-05-21 17:28:55 ----A---- C:\Windows\system32\poqexec.exe

2011-05-19 12:32:58 ----A---- C:\Windows\system32\XpsPrint.dll

2011-05-19 12:32:56 ----A---- C:\Windows\system32\ntoskrnl.exe

2011-05-19 12:32:56 ----A---- C:\Windows\system32\ntkrnlpa.exe

2011-05-19 12:32:55 ----A---- C:\Windows\explorer.exe

2011-05-16 05:58:26 ----D---- C:\Users\Sky\AppData\Roaming\Media Player Classic

2011-05-15 14:42:28 ----D---- C:\ProgramData\SplitMediaLabs

2011-05-05 22:56:21 ----D---- C:\Program Files\Common Files\INCA Shared

2011-05-05 21:44:26 ----D---- C:\Program Files\Common Files\Akamai

 

======List of files/folders modified in the last 1 months======

 

2011-06-02 02:13:21 ----D---- C:\Windows\Temp

2011-06-02 02:13:11 ----RD---- C:\Program Files

2011-06-02 02:09:47 ----D---- C:\Users\Sky\AppData\Roaming\uTorrent

2011-06-02 02:09:41 ----D---- C:\Users\Sky\AppData\Roaming\vlc

2011-06-02 01:40:21 ----D---- C:\Users\Sky\AppData\Roaming\Skype

2011-06-02 01:40:01 ----D---- C:\Users\Sky\AppData\Roaming\skypePM

2011-06-02 00:25:59 ----HD---- C:\ProgramData

2011-06-02 00:25:30 ----D---- C:\Windows\Prefetch

2011-06-02 00:25:13 ----D---- C:\Users\Sky\AppData\Roaming\DMCache

2011-06-02 00:22:59 ----D---- C:\ProgramData\PMB Files

2011-06-01 20:59:49 ----D---- C:\Users\Sky\AppData\Roaming\AIMP

2011-06-01 20:42:42 ----D---- C:\Users\Sky\AppData\Roaming\.minecraft

2011-06-01 20:28:20 ----D---- C:\Windows\system32\config

2011-05-31 22:52:13 ----SHD---- C:\System Volume Information

2011-05-31 13:11:34 ----D---- C:\ProgramData\Kaspersky Lab

2011-05-31 12:34:07 ----D---- C:\Windows\system32\drivers

2011-05-31 01:10:39 ----D---- C:\Users\Sky\AppData\Roaming\FileZilla

2011-05-29 23:22:03 ----AD---- C:\Windows

2011-05-29 23:17:15 ----D---- C:\Windows\Downloaded Program Files

2011-05-28 02:11:55 ----D---- C:\Windows\debug

2011-05-27 21:56:50 ----D---- C:\Users\Sky\AppData\Roaming\Mumble

2011-05-27 15:00:49 ----D---- C:\Windows\rescache

2011-05-27 11:47:28 ----D---- C:\Windows\winsxs

2011-05-27 11:03:14 ----D---- C:\Windows\system32\fr-FR

2011-05-27 11:03:13 ----D---- C:\Program Files\Internet Explorer

2011-05-27 11:03:12 ----D---- C:\Windows\system32\wbem

2011-05-27 11:03:12 ----D---- C:\Windows\system32\migration

2011-05-27 11:03:12 ----D---- C:\Windows\system32\en-US

2011-05-27 11:03:12 ----D---- C:\Windows\PolicyDefinitions

2011-05-27 11:03:11 ----D---- C:\Windows\System32

2011-05-27 10:58:28 ----SHD---- C:\Windows\Installer

2011-05-27 10:58:28 ----SHD---- C:\Config.Msi

2011-05-27 10:58:24 ----D---- C:\Program Files\Common Files

2011-05-27 10:57:05 ----A---- C:\Windows\system32\deployJava1.dll

2011-05-27 02:19:32 ----D---- C:\Windows\inf

2011-05-27 02:19:32 ----A---- C:\Windows\system32\PerfStringBackup.INI

2011-05-26 12:11:00 ----D---- C:\Windows\Logs

2011-05-26 12:10:48 ----D---- C:\Windows\system32\catroot2

2011-05-26 12:10:48 ----D---- C:\Windows\system32\catroot

2011-05-25 03:17:48 ----D---- C:\Windows\system32\drivers\etc

2011-05-25 03:17:16 ----D---- C:\Windows\Tasks

2011-05-23 01:44:01 ----D---- C:\Users\Sky\AppData\Roaming\Mozilla

2011-05-23 01:43:26 ----D---- C:\Program Files\Mozilla Firefox

2011-05-22 22:37:21 ----D---- C:\Windows\system32\wfp

2011-05-22 22:37:21 ----D---- C:\Windows\system32\NDF

2011-05-22 22:37:21 ----D---- C:\Windows\system32\DriverStore

2011-05-22 22:37:21 ----D---- C:\Windows\system32\CodeIntegrity

2011-05-22 22:37:21 ----D---- C:\Windows\servicing

2011-05-22 22:37:21 ----D---- C:\Windows\AppPatch

2011-05-22 22:37:21 ----D---- C:\Users\Sky\AppData\Roaming\Tunngle

2011-05-22 22:37:21 ----D---- C:\Program Files\Microsoft Silverlight

2011-05-22 22:32:53 ----D---- C:\Windows\AppCompat

2011-05-22 22:03:26 ----D---- C:\Program Files\Launch Manager

2011-05-21 17:47:41 ----D---- C:\Windows\registration

2011-05-20 23:17:47 ----D---- C:\ProgramData\Tunngle

2011-05-19 12:38:25 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE

2011-05-19 12:34:33 ----A---- C:\Windows\system32\MRT.exe

2011-05-19 00:24:14 ----D---- C:\Program Files\Common Files\Steam

2011-05-16 15:19:17 ----RSD---- C:\Windows\Fonts

2011-05-16 15:11:34 ----D---- C:\Users\Sky\AppData\Roaming\Adobe

2011-05-10 14:57:27 ----D---- C:\Users\Sky\AppData\Roaming\dvdcss

2011-05-07 20:00:57 ----D---- C:\Program Files\Garena

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 330264]

R0 klbg;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\drivers\klbg.sys [2009-10-14 36880]

R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2009-09-13 64160]

R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2009-04-13 18992]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-27 691696]

R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]

R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]

R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-11-29 311312]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-11-03 21520]

R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-07-22 281760]

R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2011-03-28 86792]

R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-10-01 12832]

R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-22 25888]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]

R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-10-20 50704]

R2 PSDNServ;PSDNServ; C:\Windows\system32\drivers\PSDNServ.sys [2009-04-13 16944]

R2 psdvdisk;PSDVdisk; C:\Windows\system32\drivers\psdvdisk.sys [2009-04-13 60464]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 hidshim;Service for HID-KMDF Shim layer; C:\Windows\system32\DRIVERS\hidshim.sys [2009-07-21 5632]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-06 2657120]

R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]

R3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel® 5000 Series pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]

R3 nuvotonhidgeneric;Nuvoton EC Generic HID; C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys [2009-07-21 22528]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-08-21 66592]

R3 nvoclock;NVIDIA Enthusiasts Platform KDM; C:\Windows\system32\DRIVERS\nvoclock.sys [2009-09-15 38248]

R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]

R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-09-19 61952]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]

R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]

S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]

S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]

S3 amdagp;Pilote de filtre du bus AMD AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]

S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2010-08-30 14336]

S3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]

S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\Sky\AppData\Local\Temp\WJV258C.tmp []

S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []

S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]

S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]

S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys []

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32.sys [2010-07-21 40848]

S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]

S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]

S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]

S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]

S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]

S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]

S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]

S3 sisagp;Filtre de bus AGP SIS; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-16 41472]

S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-10-08 100560]

S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []

S3 viaagp;Filtre de bus AGP VIA; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

S3 VSPerfDrv100;Performance Tools Driver 10.0; \??\D:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]

R2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2010-08-18 340520]

R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]

R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-10-04 69632]

R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2009-04-13 500784]

R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2009-01-13 24576]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]

R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]

R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2009-06-16 122880]

R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2010-09-17 42773336]

R2 nTuneService;Performance Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2009-11-06 191080]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]

R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-09-17 97624]

R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-11-22 718072]

R2 UpdateCenterService;Update Center Service; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [2009-11-06 195176]

R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 545576]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-01 655624]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2011-04-12 311744]

S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]

S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-05-11 403240]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1343400]

S4 MSSQLServerADHelper100;Service SQL Active Directory Helper; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-09-17 370008]

S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

 

-----------------EOF-----------------

____________________________________

 

Après je ne sais pas si tu sais analyser ça ^^.. Si tu ne sais pas j'essaierais tout seul avec des tutos (ça va me prendre longtemps mais j'essaie tout car je n'ai pas de CD pour restaurer le tout sans effacer, et comme je n'ai pas d'autres supports pour sauver mes données...)

Rejoindre la conversation

Vous publiez en tant qu’invité. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...