Se connecter avec
S'enregistrer | Connectez-vous
Votre question

Babylon Search

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
Partagez
8 Avril 2011 09:26:13

Résolu :bounce:  Bonjour à tous
Dans Mozilla Firefox l'ouverture d'une nouvelle page se dirige automatiquement vers <Babylon Search>
J'ai passé: Regedit
Malwarebytes
CCleaner
Analyse complète Kaspersky

sans succès

Je ne sais plus quoi faire

Merci de m'aider

:hello: 

Autres pages sur : babylon search

11 Avril 2011 22:48:41

Bonsoir,

*Télécharge RSIT (merci random/random) sur le Bureau : Ici
Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.
-Si HijackThis est non détecté sur ton Pc, il le téléchargera (autorise l' accès via ton pare-feu si demandé et accepte la licence).
Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi qu' info.txt qui est dans la Barre des Tâches

NB : Ces rapports sont enregistrés dans le dossier C:\rsit

A+
12 Avril 2011 08:41:49

Bonjour Frederix http://img.infos-du-net.com/forum/icones/smile.gif
Milles merci de m'aider.
voici les fichiers
Logfile of random's system information tool 1.08 (written by random/random)
Run by Claudius at 2011-04-12 08:23:01
Microsoft Windows 7 Édition Familiale Premium Service Pack 1
System drive C: has 346 GB (73%) free of 474 GB
Total RAM: 4086 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:23:20, on 12/04/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Claudius\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Claudius.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {067f6fb8-19ba-4ab6-b7bb-2d6270691a20} - (no file)
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [gSyncit] C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PC Clone EX.LNK = C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0....
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files (x86)\ma-config.com\maconfservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 26535 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-13 3913000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
Softonic_France Toolbar - C:\Program Files (x86)\Softonic_France\tbSoft.dll [2010-11-13 3913000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-07-01 68280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-13 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-07-01 191160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4daac69c-cba7-45e2-9bc8-1044483d3352} - Softonic_France Toolbar - C:\Program Files (x86)\Softonic_France\tbSoft.dll [2010-11-13 3913000]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-13 3913000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-12-01 352976]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-04 336384]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-01-26 15026056]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"gSyncit"=C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [2011-03-26 31456]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
PC Clone EX.LNK - C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Protector Suite\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=60

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-04-12 08:23:02 ----D---- C:\Program Files (x86)\trend micro
2011-04-12 08:23:01 ----D---- C:\rsit
2011-04-03 19:22:06 ----D---- C:\Program Files (x86)\K!TV
2011-04-02 20:25:32 ----A---- C:\Windows\SysWOW64\srvany.exe
2011-04-02 20:25:32 ----A---- C:\Windows\KMService.exe
2011-04-02 19:19:00 ----D---- C:\New Folder
2011-04-02 16:18:47 ----D---- C:\Program Files (x86)\Fieldston Software
2011-04-02 09:31:44 ----D---- C:\Users\Claudius\AppData\Roaming\gSyncit
2011-04-02 09:27:27 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2011-04-02 09:27:27 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2011-04-02 09:27:15 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2011-04-02 09:25:56 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-04-02 09:24:55 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2011-04-02 09:24:17 ----D---- C:\Program Files (x86)\Microsoft Office
2011-04-02 09:24:00 ----RHD---- C:\MSOCache
2011-04-01 09:38:53 ----D---- C:\Program Files (x86)\gSyncit
2011-03-26 21:41:10 ----A---- C:\Windows\SysWOW64\msvcr100.dll
2011-03-26 21:41:10 ----A---- C:\Windows\SysWOW64\msvcp100.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\TTIC32.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\TTI32.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\MXRestore.exe
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\msxml4a.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\mgxcdr.txt
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\DLLTPO32.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\DLLRD32.dll
2011-03-21 10:43:09 ----D---- C:\ProgramData\MAGIX
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLPTL32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLPRJ32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLMSC32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLIX.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLISO32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLIMG32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLDIR32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLCDF32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLCDA32.dll
2011-03-21 10:42:51 ----D---- C:\Users\Claudius\AppData\Roaming\MAGIX
2011-03-21 10:42:44 ----A---- C:\Windows\SysWOW64\DLLDEV32i.dll
2011-03-21 10:42:16 ----D---- C:\Program Files (x86)\Common Files\MAGIX Services
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\wininet.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\urlmon.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\msrating.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\msls31.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\mshtmler.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\jscript9.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\jscript.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\iertutil.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\iepeers.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\ieakeng.dll
2011-03-15 10:38:35 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\wextract.exe
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\webcheck.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\vbscript.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\url.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\pngfilt.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\occache.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\mshtml.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\mshta.exe
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\inseng.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\imgutil.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\iexpress.exe
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\ieui.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\iesetup.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\iernonce.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\ieframe.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\ieakui.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\ieaksie.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\icardie.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2011-03-15 10:38:34 ----A---- C:\Windows\SysWOW64\admparse.dll

======List of files/folders modified in the last 1 months======

2011-04-12 08:23:05 ----D---- C:\Windows\Temp
2011-04-12 08:23:02 ----D---- C:\Program Files (x86)
2011-04-12 08:21:55 ----D---- C:\Users\Claudius\AppData\Roaming\Skype
2011-04-12 07:54:56 ----D---- C:\Windows\System32
2011-04-12 07:54:56 ----D---- C:\Windows\inf
2011-04-12 07:52:34 ----D---- C:\ProgramData\Kaspersky Lab
2011-04-12 07:49:59 ----D---- C:\Windows\SysWOW64\logishrd
2011-04-12 07:49:59 ----D---- C:\ProgramData\NVIDIA
2011-04-12 07:49:47 ----D---- C:\Windows
2011-04-11 17:03:10 ----D---- C:\Users\Claudius\AppData\Roaming\FileZilla
2011-04-11 17:01:56 ----D---- C:\Program Files (x86)\FileZilla FTP Client
2011-04-11 16:53:34 ----D---- C:\Windows\Prefetch
2011-04-11 16:37:29 ----D---- C:\Comptes
2011-04-11 16:36:23 ----D---- C:\Tmp
2011-04-06 10:16:35 ----RD---- C:\Program Files
2011-04-05 21:41:52 ----D---- C:\ProgramData
2011-04-04 09:45:55 ----D---- C:\Program Files (x86)\Google
2011-04-04 09:42:12 ----D---- C:\Users\Claudius\AppData\Roaming\Media Player Classic
2011-04-03 19:33:46 ----D---- C:\Users\Claudius\AppData\Roaming\vlc
2011-04-03 04:38:39 ----SHD---- C:\Windows\Installer
2011-04-03 04:38:39 ----HD---- C:\Config.Msi
2011-04-03 04:38:34 ----D---- C:\ProgramData\Microsoft Help
2011-04-02 20:25:32 ----D---- C:\Windows\SysWOW64
2011-04-02 16:09:53 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-04-02 13:42:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-04-02 13:42:46 ----D---- C:\Program Files (x86)\Common Files
2011-04-02 10:12:35 ----RSD---- C:\Windows\assembly
2011-04-02 10:12:35 ----D---- C:\Windows\Microsoft.NET
2011-04-02 09:27:59 ----RSD---- C:\Windows\Fonts
2011-04-02 09:27:57 ----D---- C:\Windows\ShellNew
2011-04-02 09:27:57 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2011-04-02 09:27:46 ----D---- C:\Program Files (x86)\MSBuild
2011-04-02 09:27:15 ----D---- C:\ProgramData\Microsoft
2011-04-02 09:27:15 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-04-02 09:27:15 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-04-02 09:26:46 ----D---- C:\Windows\winsxs
2011-04-02 09:25:25 ----A---- C:\Windows\win.ini
2011-03-24 14:33:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-03-22 17:52:40 ----D---- C:\Program Files (x86)\TuneUp Utilities 2011
2011-03-21 11:38:57 ----SHD---- C:\$Recycle.Bin
2011-03-21 11:38:03 ----D---- C:\Program Files (x86)\eRightSoft
2011-03-18 07:15:26 ----D---- C:\Program Files (x86)\Undisker
2011-03-17 15:40:05 ----D---- C:\Windows\rescache
2011-03-16 12:05:14 ----D---- C:\Program Files (x86)\Safari
2011-03-15 11:12:20 ----D---- C:\Windows\Logs
2011-03-15 11:11:04 ----D---- C:\Windows\SysWOW64\wbem
2011-03-15 11:11:04 ----D---- C:\Windows\SysWOW64\fr-FR
2011-03-15 11:11:04 ----D---- C:\Windows\PolicyDefinitions
2011-03-15 10:40:13 ----D---- C:\Program Files (x86)\Internet Explorer
2011-03-15 10:40:12 ----D---- C:\Windows\servicing
2011-03-15 10:38:58 ----D---- C:\Windows\SysWOW64\migration
2011-03-15 10:38:58 ----D---- C:\Windows\SysWOW64\en-US
2011-03-15 04:58:00 ----D---- C:\Program Files (x86)\adslTV

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys []
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys []
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys []
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys []
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys []
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys []
R3 GEARAspiWDM;GearAspiWDM; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys []
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys []
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys []
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys []
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys []
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\drivers\BthEnum.sys []
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfoX64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys []
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
S3 driverhardwarev2x64;driverhardwarev2x64; \??\C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2010-07-15 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2010-07-15 8456]
S3 fbxusb;Carte réseau virtuelle FreeBox USB (AMD 64 bits); C:\Windows\system32\DRIVERS\fbxusb64.sys []
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-02-04 17152]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys []
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw64e.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 StillCam;Pilote d’appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys []
S3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 AVP;Kaspersky Anti-Virus Service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-12-01 352976]
R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe []
R2 KMService;KMService; C:\Windows\system32\srvany.exe [2003-04-18 8192]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-08-16 73728]
R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe []
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-27 378472]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-03-09 2026304]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-04 136176]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2011-03-07 934176]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-04-07 1753048]
S3 maconfservice;Ma-Config Service; C:\Program Files (x86)\ma-config.com\maconfservice.exe [2011-01-24 310640]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.08 2011-04-12 08:23:21

======Uninstall list======

-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
-->MsiExec /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
-->MsiExec.exe /I{27735B09-9EFE-419F-A377-10AA8111C30A}
Ad-Aware-->"C:\ProgramData\{437292BE-95BD-4B12-B699-6D217A03ACAF}\Ad-AwareInstall.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{437292BE-95BD-4B12-B699-6D217A03ACAF}\Ad-AwareInstall.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_Plugin.exe -maintain plugin
Adobe Reader X (10.0.1) - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AA0000000001}
adsl TV-->"C:\Program Files (x86)\adslTV\Uninstall.exe" "C:\Program Files (x86)\adslTV\Uninstall.log" -u
Apple Application Support-->MsiExec.exe /I{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
ATI Catalyst Registration-->MsiExec.exe /X{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
AviSynth 2.5-->"C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe"
CameraHelperMsi-->MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3}
Catalyst Control Center - Branding-->MsiExec.exe /I{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}
Comptes Bancaires 6.7-->"C:\Comptes\unins000.exe"
Conduit Engine-->C:\PROGRA~2\CONDUI~1\ConduitEngineUninstall.exe
Contrôle ActiveX Windows Live Mesh pour connexions à distance-->MsiExec.exe /I{55D003F4-9599-44BF-BA9E-95D060730DD3}
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{2CF1930D-7485-42D3-BED1-B3E2EBB1FD7F}" "1036" "0"
eMule-->"C:\Program Files (x86)\eMule\Uninstall.exe"
erLT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{6DB7AD00-F781-11DF-9EEF-001279CD8240}
gSyncit-->MsiExec.exe /I{80CFC24B-1587-4FF2-8965-B4BBA688585A}
gSyncit-->MsiExec.exe /I{A91912E9-B58E-428C-9061-83D6D4B70FC1}
High-Definition Video Playback-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
HPDiagnosticAlert-->MsiExec.exe /I{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
IZArc 3.81-->"C:\Program Files (x86)\IZArc\unins000.exe"
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
Kaspersky Internet Security 2011-->MsiExec.exe /I{66F1F013-008F-4875-B283-5A814B820347}
Kaspersky Internet Security 2011-->MsiExec.exe /I{66F1F013-008F-4875-B283-5A814B820347}
K-Lite Codec Pack 6.8.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
KwiClick-->MsiExec.exe /I{3515DF4C-3529-407E-A1E1-E2C0EDB36FF0}
LightScribe System Software-->MsiExec.exe /X{705B639E-FAAF-40D7-AD58-C445321C7C3F}
Logitech Webcam Software-->"C:\Program Files (x86)\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=FRA /guid="{D40EB009-0499-459c-A8AF-C9C110766215}"
LWS Facebook-->MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
LWS Gallery-->MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
LWS Help_main-->MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9}
LWS Launcher-->MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
LWS Motion Detection-->MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA}
LWS Pictures And Video-->MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967}
LWS Twitter-->MsiExec.exe /I{174A3B31-4C43-43DD-866F-73C9DB887B48}
LWS Video Mask Maker-->MsiExec.exe /I{EED027B7-0DB6-404B-8F45-6DFEE34A0441}
LWS Webcam Software-->MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189}
LWS WLM Plugin-->MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D}
LWS YouTube Plugin-->MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
Ma-Config.com-->MsiExec.exe /X{81E95872-8357-4363-A764-8F98B28340C5}
MAGIX Video easy HD Version à télécharger-->MsiExec.exe /I{0172E48C-2208-46E8-8514-FF5C5BFB27C6}
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Office Access MUI (French) 2010-->MsiExec.exe /X{90140000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2010-->MsiExec.exe /X{90140000-0016-040C-0000-0000000FF1CE}
Microsoft Office Groove MUI (French) 2010-->MsiExec.exe /X{90140000-00BA-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2010-->MsiExec.exe /X{90140000-0044-040C-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2010-->MsiExec.exe /X{90140000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2010-->MsiExec.exe /X{90140000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2010-->MsiExec.exe /X{90140000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Professionnel Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Proof (Arabic) 2010-->MsiExec.exe /X{90140000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2010-->MsiExec.exe /X{90140000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2010-->MsiExec.exe /X{90140000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2010-->MsiExec.exe /X{90140000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2010-->MsiExec.exe /X{90140000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2010-->MsiExec.exe /X{90140000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft WorldWide Telescope-->MsiExec.exe /I{35A81F0A-A1CA-458D-8FCD-7D838E3D95FF}
Mise à jour pour Microsoft Outlook Social Connector (KB2289116)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-040C-0000-0000000FF1CE}" "{05F22669-0926-4C2B-B2F8-0E8FEFED7AD5}" "1036" "0"
Mozilla Firefox 4.0 (x86 fr)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
Nero MediaHub 10-->MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}
Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}
NeroBurningROM-->MsiExec.exe /X{D025A639-B9C9-417D-8531-208859000AF8}
NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA PhysX-->MsiExec.exe /X{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
PcCloneEX-->C:\Program Files (x86)\PcCloneEX\Uninstall.exe
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
Pretty Good Solitaire - Traditional Card Set 1.0-->"C:\Program Files (x86)\goodsol\unins001.exe"
Pretty Good Solitaire version 9.1.0-->"C:\Program Files (x86)\goodsol\unins000.exe"
QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Renesas Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x040c -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996}
Safari-->MsiExec.exe /I{C73F2967-062E-48F2-A462-D335B8950183}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft Office 2010 (KB2289078)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" "1036" "0"
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1036" "0"
Security Update for Microsoft Publisher 2010 (KB2409055)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" "1036" "0"
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1036" "0"
Skype Toolbars-->MsiExec.exe /I{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Softonic_France Toolbar-->C:\PROGRA~2\SOFTON~1\UNWISE.EXE /U C:\PROGRA~2\SOFTON~1\INSTALL.LOG
Sudoku Time-->MsiExec.exe /X{A5597CC2-610F-11DC-A858-005056C00008}
System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
TeamViewer 6-->C:\Program Files (x86)\TeamViewer\Version6\uninstall.exe
The Lord of the Rings FREE Trial -->MsiExec.exe /X{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
TuneUp Utilities 2011-->C:\Program Files (x86)\TuneUp Utilities 2011\TUInstallHelper.exe --Trigger-Uninstall
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1036" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{556146F7-74AE-4E0A-B64F-5B8B93469F61}" "1036" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90
Contenus similaires
12 Avril 2011 09:58:02

Bonjour,

ton Pc est surinfecté.

¤ Télécharge Ad-Remover (merci C_XX) sur ton Bureau : Ici
- Double-clique dessus pour le démarrer (Vista/7, clic-droit>Exécuter en tant qu' Administrateur)
- Lance la recherche et poste le rapport généré

A+
12 Avril 2011 11:05:54

frederix a dit :
Bonjour,

ton Pc est surinfecté.

¤ Télécharge Ad-Remover (merci C_XX) sur ton Bureau : Ici
- Double-clique dessus pour le démarrer (Vista/7, clic-droit>Exécuter en tant qu' Administrateur)
- Lance la recherche et poste le rapport généré

A+


Voici le rapport

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 11:00:48 le 12/04/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
Claudius@CLAUDIUS-PC ( )

============== RECHERCHE ==============


Dossier trouvé: C:\Program Files (x86)\Mozilla FireFox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}
Dossier trouvé: C:\Users\Claudius\AppData\Roaming\Mozilla\FireFox\Profiles\161qbj25.default\conduit
Dossier trouvé: C:\Users\Claudius\AppData\Roaming\Mozilla\FireFox\Profiles\161qbj25.default\ConduitEngine
Dossier trouvé: C:\Users\Claudius\AppData\Roaming\Mozilla\FireFox\Profiles\161qbj25.default\extensions\engine@conduit.com
Dossier trouvé: C:\Users\Claudius\AppData\LocalLow\Conduit
Dossier trouvé: C:\Program Files (x86)\Conduit
Dossier trouvé: C:\Users\Claudius\AppData\LocalLow\ConduitEngine
Dossier trouvé: C:\Program Files (x86)\ConduitEngine
Dossier trouvé: C:\Users\Claudius\AppData\LocalLow\PriceGong

-- Fichier ouvert: C:\Users\Claudius\AppData\Roaming\Mozilla\FireFox\Profiles\161qbj25.default\Prefs.js --
Ligne trouvée: user_pref("CT2542115.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT254...
Ligne trouvée: user_pref("CT2740822.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/935078/930862/FR", "\"0\"")...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2542115", ...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2740822", ...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2542115/CT2542115...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2740822/CT2740822...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Crystal/minimize.g...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Crystal/play.gif",...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Crystal/stop.gif",...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Crystal/stopped.GI...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Crystal/vol.gif", ...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr-fr", "\"...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/111954362.xml", "\"c24f5a55c1cb9bc267...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19058681.xml", "\"1f0869899859900828b...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19554706.xml", "\"ce08db244ff3bdaadcc...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21324258.xml", "\"36c8d1751bb3a2dea49...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2883841.xml", "\"1dd862641c4a4c1542d4...
Ligne trouvée: user_pref("CommunityToolbar.EngineHiddenByUser", true);
Ligne trouvée: user_pref("CommunityToolbar.EngineOwner", "CT2542115");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerGuid", "{4daac69c-cba7-45e2-9bc8-1044483d3352}");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic_france");
Ligne trouvée: user_pref("CommunityToolbar.IsEngineShown", false);
Ligne trouvée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2542115");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{4daac69c-cba7-45e2-9bc8-1044483d3352}");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic_france");
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2542115");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2542115");
Ligne trouvée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Mar 20 2011 20:20:32 GMT+01...
Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Apr 11 2011 18:36:24 GMT+0200");
Ligne trouvée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Ligne trouvée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Apr 11 2011 16:35:28 GMT+0200");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
Ligne trouvée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne trouvée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne trouvée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne trouvée: user_pref("CommunityToolbar.alert.userId", "d1faa217-3db3-4bf6-aa6b-f7ec09e89757");
Ligne trouvée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Mar 11 2011 09:21:19 GMT+0100");
Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Ligne trouvée: user_pref("CommunityToolbar.twitter.user_111954362.LastCheckTime", "Fri Mar 11 2011 09:21:22 GMT+010...
Ligne trouvée: user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Fri Mar 11 2011 09:21:22 GMT+0100...
Ligne trouvée: user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Fri Mar 11 2011 09:21:22 GMT+0100...
Ligne trouvée: user_pref("CommunityToolbar.twitter.user_21324258.LastCheckTime", "Fri Mar 11 2011 09:21:22 GMT+0100...
Ligne trouvée: user_pref("CommunityToolbar.twitter.user_2883841.LastCheckTime", "Fri Mar 11 2011 09:21:22 GMT+0100"...
Ligne trouvée: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Mar 31 2011 18:47:42 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Mar 30 2011 19:52:24 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.FirstServerDate", "03/20/2011 21");
Ligne trouvée: user_pref("ConduitEngine.FirstTime", true);
Ligne trouvée: user_pref("ConduitEngine.FirstTimeFF3", true);
Ligne trouvée: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Ligne trouvée: user_pref("ConduitEngine.Initialize", true);
Ligne trouvée: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Ligne trouvée: user_pref("ConduitEngine.InstalledDate", "Sat Jan 29 2011 13:38:08 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.IsMulticommunity", false);
Ligne trouvée: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Ligne trouvée: user_pref("ConduitEngine.IsOpenUninstallPage", true);
Ligne trouvée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Fri Apr 01 2011 20:44:28 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.LastLogin_3.3.2.1", "Thu Mar 24 2011 13:16:08 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Apr 02 2011 13:29:24 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.PublisherContainerWidth", 0);
Ligne trouvée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Ligne trouvée: user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Apr 02 2011 13:29:24 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.UserID", "UN78218769973597415");
Ligne trouvée: user_pref("ConduitEngine.engineLocale", "fr");
Ligne trouvée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Fri Apr 01 2011 20:44:28 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Apr 02 2011 13:33:03 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.initDone", true);
Ligne trouvée: user_pref("ConduitEngine.isAppTrackingManagerOn", true);
-- Fichier Fermé --


Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Classes\CLSID\{39A959D6-0592-4629-9E9C-340A9D3CEB19}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{39A959D6-0592-4629-9E9C-340A9D3CEB19}
Clé trouvée: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2542115
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong
Clé trouvée: HKLM\Software\eRightSoft\OpenCandy
Clé trouvée: HKLM\Software\Wow6432Node\eRightSoft\OpenCandy
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD1B5012-AD03-4449-BABE-38F6B34C9B65}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Valeur trouvée: HKCU\Software\Mozilla\Firefox\Extensions|firefox@bandoo.com
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [4.0 (fr)] ****

HKLM_MozillaPlugins\@nvidia.com/3DVision (x)
HKLM_MozillaPlugins\@nvidia.com/3DVisionStreaming (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension )
Extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64} (ScanQuery)
HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
HKCU_Extensions|vinceturk@gmail.com - C:\Program Files (x86)\KwiClick LLC\KwiClick\
HKCU_Extensions|firefox@bandoo.com - C:\Users\Claudius\AppData\Roaming\Mozilla\Firefox\Profiles/161qbj25.default\extensions\firefox@bandoo.com (x)
HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

-- C:\Users\Claudius\AppData\Roaming\Mozilla\FireFox\Profiles\161qbj25.default --
Extensions\engine@conduit.com (Conduit Engine )
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\treestyletab@piro.sakura.ne.jp (Tree Style Tab)
Extensions\{067f6fb8-19ba-4ab6-b7bb-2d6270691a20} (MediaStar2 Community Toolbar)
Extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352} (Softonic_France Community Toolbar)
Extensions\{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} (Elf 1.15 Community Toolbar)
Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} (FoxLingo)
Prefs.js - browser.download.lastDir, C:\\Users\\Claudius\\Documents\\1 FACTURES et DOCUMENTS\\EDF VEOLIA
Prefs.js - browser.search.defaultenginename, Web Search
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.buildID, 20110318052756
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=eb6361f00000000000007071bc76c4bb&tlver=1.4.19.19&instlRef=ss...

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://google.fr/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{067f6fb8-19ba-4ab6-b7bb-2d6270691a20} (x)
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "?" (?)
HKCU_Toolbar\WebBrowser|{067F6FB8-19BA-4AB6-B7BB-2D6270691A20} (x)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKCU_Toolbar\WebBrowser|{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
HKLM_Toolbar|{4daac69c-cba7-45e2-9bc8-1044483d3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
HKLM_ElevationPolicy\bc9e6f41-4d63-4295-bc0a-f3a5bcd28859 - C:\Program Files (x86)\MediaStar2\MediaStar2ToolbarHelper.exe (x)
HKLM_ElevationPolicy\f8a566fc-35b1-489b-8146-856e9995476a - C:\Program Files (x86)\MediaStar2\MediaStar2ToolbarHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{BD1B5012-AD03-4449-BABE-38F6B34C9B65} - C:\Program Files (x86)\ConduitEngine\ConduitEngineHelper.exe (?)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
BHO\{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 12/04/2011 11:01:04 (17384 Octet(s))

Fin à: 11:01:42, 12/04/2011

============== E.O.F ==============

encore Merci

A+
12 Avril 2011 11:35:12

Re,

- Double-clique sur Ad-Remover pour l' exécuter
- Lance le nettoyage et poste le rapport
12 Avril 2011 12:22:33

frederix a dit :
Re,

- Double-clique sur Ad-Remover pour l' exécuter
- Lance le nettoyage et poste le rapport


Re,

Nettoyage effectué. puis 1 reboot.

voici le rapport:

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 11:00:48 le 12/04/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
Claudius@CLAUDIUS-PC ( )

============== RECHERCHE ==============


Dossier trouvé: C:\Program Files (x86)\Mozilla FireFox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}
Dossier trouvé: C:\Users\Claudius\AppData\Roaming\Mozilla\FireFox\Profiles\161qbj25.default\conduit
Dossier trouvé: C:\Users\Claudius\AppData\Roaming\Mozilla\FireFox\Profiles\161qbj25.default\ConduitEngine
Dossier trouvé: C:\Users\Claudius\AppData\Roaming\Mozilla\FireFox\Profiles\161qbj25.default\extensions\engine@conduit.com
Dossier trouvé: C:\Users\Claudius\AppData\LocalLow\Conduit
Dossier trouvé: C:\Program Files (x86)\Conduit
Dossier trouvé: C:\Users\Claudius\AppData\LocalLow\ConduitEngine
Dossier trouvé: C:\Program Files (x86)\ConduitEngine
Dossier trouvé: C:\Users\Claudius\AppData\LocalLow\PriceGong

-- Fichier ouvert: C:\Users\Claudius\AppData\Roaming\Mozilla\FireFox\Profiles\161qbj25.default\Prefs.js --
Ligne trouvée: user_pref("CT2542115.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT254...
Ligne trouvée: user_pref("CT2740822.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/935078/930862/FR", "\"0\"")...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2542115", ...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2740822", ...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2542115/CT2542115...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2740822/CT2740822...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Crystal/minimize.g...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Crystal/play.gif",...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Crystal/stop.gif",...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Crystal/stopped.GI...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Crystal/vol.gif", ...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr-fr", "\"...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/111954362.xml", "\"c24f5a55c1cb9bc267...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19058681.xml", "\"1f0869899859900828b...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19554706.xml", "\"ce08db244ff3bdaadcc...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/21324258.xml", "\"36c8d1751bb3a2dea49...
Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2883841.xml", "\"1dd862641c4a4c1542d4...
Ligne trouvée: user_pref("CommunityToolbar.EngineHiddenByUser", true);
Ligne trouvée: user_pref("CommunityToolbar.EngineOwner", "CT2542115");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerGuid", "{4daac69c-cba7-45e2-9bc8-1044483d3352}");
Ligne trouvée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic_france");
Ligne trouvée: user_pref("CommunityToolbar.IsEngineShown", false);
Ligne trouvée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2542115");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{4daac69c-cba7-45e2-9bc8-1044483d3352}");
Ligne trouvée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic_france");
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2542115");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2542115");
Ligne trouvée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Mar 20 2011 20:20:32 GMT+01...
Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Ligne trouvée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Apr 11 2011 18:36:24 GMT+0200");
Ligne trouvée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Ligne trouvée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Apr 11 2011 16:35:28 GMT+0200");
Ligne trouvée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
Ligne trouvée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne trouvée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne trouvée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne trouvée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne trouvée: user_pref("CommunityToolbar.alert.userId", "d1faa217-3db3-4bf6-aa6b-f7ec09e89757");
Ligne trouvée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Mar 11 2011 09:21:19 GMT+0100");
Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Ligne trouvée: user_pref("CommunityToolbar.twitter.user_111954362.LastCheckTime", "Fri Mar 11 2011 09:21:22 GMT+010...
Ligne trouvée: user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Fri Mar 11 2011 09:21:22 GMT+0100...
Ligne trouvée: user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Fri Mar 11 2011 09:21:22 GMT+0100...
Ligne trouvée: user_pref("CommunityToolbar.twitter.user_21324258.LastCheckTime", "Fri Mar 11 2011 09:21:22 GMT+0100...
Ligne trouvée: user_pref("CommunityToolbar.twitter.user_2883841.LastCheckTime", "Fri Mar 11 2011 09:21:22 GMT+0100"...
Ligne trouvée: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Thu Mar 31 2011 18:47:42 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Mar 30 2011 19:52:24 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.FirstServerDate", "03/20/2011 21");
Ligne trouvée: user_pref("ConduitEngine.FirstTime", true);
Ligne trouvée: user_pref("ConduitEngine.FirstTimeFF3", true);
Ligne trouvée: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Ligne trouvée: user_pref("ConduitEngine.Initialize", true);
Ligne trouvée: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Ligne trouvée: user_pref("ConduitEngine.InstalledDate", "Sat Jan 29 2011 13:38:08 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.IsMulticommunity", false);
Ligne trouvée: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Ligne trouvée: user_pref("ConduitEngine.IsOpenUninstallPage", true);
Ligne trouvée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Fri Apr 01 2011 20:44:28 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.LastLogin_3.3.2.1", "Thu Mar 24 2011 13:16:08 GMT+0100");
Ligne trouvée: user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Apr 02 2011 13:29:24 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.PublisherContainerWidth", 0);
Ligne trouvée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Ligne trouvée: user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Apr 02 2011 13:29:24 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.UserID", "UN78218769973597415");
Ligne trouvée: user_pref("ConduitEngine.engineLocale", "fr");
Ligne trouvée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Fri Apr 01 2011 20:44:28 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Apr 02 2011 13:33:03 GMT+0200");
Ligne trouvée: user_pref("ConduitEngine.initDone", true);
Ligne trouvée: user_pref("ConduitEngine.isAppTrackingManagerOn", true);
-- Fichier Fermé --


Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Classes\CLSID\{39A959D6-0592-4629-9E9C-340A9D3CEB19}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{39A959D6-0592-4629-9E9C-340A9D3CEB19}
Clé trouvée: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2542115
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong
Clé trouvée: HKLM\Software\eRightSoft\OpenCandy
Clé trouvée: HKLM\Software\Wow6432Node\eRightSoft\OpenCandy
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD1B5012-AD03-4449-BABE-38F6B34C9B65}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Valeur trouvée: HKCU\Software\Mozilla\Firefox\Extensions|firefox@bandoo.com
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [4.0 (fr)] ****

HKLM_MozillaPlugins\@nvidia.com/3DVision (x)
HKLM_MozillaPlugins\@nvidia.com/3DVisionStreaming (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension )
Extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64} (ScanQuery)
HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
HKCU_Extensions|vinceturk@gmail.com - C:\Program Files (x86)\KwiClick LLC\KwiClick\
HKCU_Extensions|firefox@bandoo.com - C:\Users\Claudius\AppData\Roaming\Mozilla\Firefox\Profiles/161qbj25.default\extensions\firefox@bandoo.com (x)
HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

-- C:\Users\Claudius\AppData\Roaming\Mozilla\FireFox\Profiles\161qbj25.default --
Extensions\engine@conduit.com (Conduit Engine )
Extensions\ffxtlbr@babylon.com (Babylon)
Extensions\treestyletab@piro.sakura.ne.jp (Tree Style Tab)
Extensions\{067f6fb8-19ba-4ab6-b7bb-2d6270691a20} (MediaStar2 Community Toolbar)
Extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352} (Softonic_France Community Toolbar)
Extensions\{b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} (Elf 1.15 Community Toolbar)
Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} (FoxLingo)
Prefs.js - browser.download.lastDir, C:\\Users\\Claudius\\Documents\\1 FACTURES et DOCUMENTS\\EDF VEOLIA
Prefs.js - browser.search.defaultenginename, Web Search
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.buildID, 20110318052756
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=eb6361f00000000000007071bc76c4bb&tlver=1.4.19.19&instlRef=ss...

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://google.fr/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{067f6fb8-19ba-4ab6-b7bb-2d6270691a20} (x)
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "?" (?)
HKCU_Toolbar\WebBrowser|{067F6FB8-19BA-4AB6-B7BB-2D6270691A20} (x)
HKCU_Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17} (x)
HKCU_Toolbar\WebBrowser|{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
HKLM_Toolbar|{4daac69c-cba7-45e2-9bc8-1044483d3352} (C:\Program Files (x86)\Softonic_France\tbSoft.dll)
HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
HKLM_ElevationPolicy\bc9e6f41-4d63-4295-bc0a-f3a5bcd28859 - C:\Program Files (x86)\MediaStar2\MediaStar2ToolbarHelper.exe (x)
HKLM_ElevationPolicy\f8a566fc-35b1-489b-8146-856e9995476a - C:\Program Files (x86)\MediaStar2\MediaStar2ToolbarHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{BD1B5012-AD03-4449-BABE-38F6B34C9B65} - C:\Program Files (x86)\ConduitEngine\ConduitEngineHelper.exe (?)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll)
BHO\{4daac69c-cba7-45e2-9bc8-1044483d3352} - "Softonic_France Toolbar" (C:\Program Files (x86)\Softonic_France\tbSoft.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 12/04/2011 11:01:04 (17384 Octet(s))

Fin à: 11:01:42, 12/04/2011

============== E.O.F ==============

12 Avril 2011 13:06:57

Télécharge UsbFix (merci El Desaparecido) : Ici

# Connecte tous tes périphériques externes (clé Usb, disque dur...), sans les ouvrir
# Double-clique sur le raccourci présent sur le Bureau
# Choisis l' option 1 (Recherche) et laisse-le travailler
# Poste le rapport (également sauvegardé à la racine de C)

process.exe est détecté par certains antivirus (AntiVir, Dr. Web, Kaspersky Anti-Virus...) comme étant un RiskTool. Il ne s' agit pas d' un virus, mais d' un utilitaire destiné à mettre fin des processus. Mis entre de mauvaises mains il pourrait arrêter des logiciels de sécurité (antivirus, firewall...), d' où l' alerte émise.

12 Avril 2011 13:28:52

frederix a dit :
Télécharge UsbFix (merci El Desaparecido) : Ici

# Connecte tous tes périphériques externes (clé Usb, disque dur...), sans les ouvrir
# Double-clique sur le raccourci présent sur le Bureau
# Choisis l' option 1 (Recherche) et laisse-le travailler
# Poste le rapport (également sauvegardé à la racine de C)

process.exe est détecté par certains antivirus (AntiVir, Dr. Web, Kaspersky Anti-Virus...) comme étant un RiskTool. Il ne s' agit pas d' un virus, mais d' un utilitaire destiné à mettre fin des processus. Mis entre de mauvaises mains il pourrait arrêter des logiciels de sécurité (antivirus, firewall...), d' où l' alerte émise.


Re salut

Voici le rapport:

############################## | UsbFix 7.043 | [Recherche]

Utilisateur: Claudius (Administrateur) # CLAUDIUS-PC [ ]
Mis à jour le 06/04/2011 par TeamXscript
Lancé à 13:25:46 | 12/04/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Core(TM) i7 CPU K 875 @ 2.93GHz
CPU 2: Intel(R) Core(TM) i7 CPU K 875 @ 2.93GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
Internet Explorer 9.0.8112.16421

Pare-feu Windows: Désactivé /!\
RAM -> 4086 Mo
C:\ (%systemdrive%) -> Disque fixe # 463 Go (338 Go libre(s) - 73%) [Ghost 500 Go] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque fixe # 134 Mo (48 Mo libre(s) - 36%) [] # NTFS
G:\ -> Disque fixe # 63 Mo (4 Mo libre(s) - 6%) [] # NTFS
H:\ -> Disque fixe # 119 Go (19 Go libre(s) - 16%) [SSD SATA II 120] # NTFS
I:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [USB 4 GO] # FAT32

################## | Éléments infectieux |


Présent! C:\Users\Claudius\SETUP_AFTERBURNER.EXE
Présent! C:\tmp

################## | Registre |

Présent! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsettings.exe
Présent! HKLM\software\microsoft\windows nt\currentversion\winlogon|Taskman

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{4c424565-41f4-11e0-91ae-806e6f6e6963}
Shell\AutoRun\Command = D:\setup.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{ac9eb80b-fcd6-11df-8105-806e6f6e6963}
Shell\AutoRun\Command = D:\DVDSetup.exe


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |

12 Avril 2011 19:19:34

# Connecte tous tes périphériques externes, sans les ouvrir
# Double-clique sur le raccourci d' UsbFix
# Choisis l' option 2 (Suppression)
# Ton bureau va disparaître et le Pc redémarrer
# Laisse-le travailler
# Poste le rapport

;) 
12 Avril 2011 21:43:58

frederix a dit :
# Connecte tous tes périphériques externes, sans les ouvrir
# Double-clique sur le raccourci d' UsbFix
# Choisis l' option 2 (Suppression)
# Ton bureau va disparaître et le Pc redémarrer
# Laisse-le travailler
# Poste le rapport

;) 


voici le rapport

############################## | UsbFix 7.043 | [Suppression]

Utilisateur: Claudius (Administrateur) # CLAUDIUS-PC [ ]
Mis à jour le 06/04/2011 par TeamXscript
Lancé à 21:38:26 | 12/04/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Core(TM) i7 CPU K 875 @ 2.93GHz
CPU 2: Intel(R) Core(TM) i7 CPU K 875 @ 2.93GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
Internet Explorer 9.0.8112.16421

Pare-feu Windows: Désactivé /!\
RAM -> 4086 Mo
C:\ (%systemdrive%) -> Disque fixe # 463 Go (338 Go libre(s) - 73%) [Ghost 500 Go] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque fixe # 134 Mo (48 Mo libre(s) - 36%) [] # NTFS
G:\ -> Disque fixe # 63 Mo (4 Mo libre(s) - 6%) [] # NTFS
H:\ -> Disque fixe # 119 Go (19 Go libre(s) - 16%) [SSD SATA II 120] # NTFS
I:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [USB 4 GO] # FAT32

################## | Éléments infectieux |


Supprimé! C:\Users\Claudius\SETUP_AFTERBURNER.EXE
Supprimé! C:\$RECYCLE.BIN\S-1-5-18
Supprimé! C:\$RECYCLE.BIN\S-1-5-20
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-24353398-3523330611-3705775822-1000
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-600660826-151988778-2339251519-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-18
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-120990559-3893320881-2727373560-1001
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-138622584-504867754-139781216-1001
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-1674589441-978892042-2702472662-1001
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-1964862292-542020929-3212477623-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-2092911348-4170696519-1752416763-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-24353398-3523330611-3705775822-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-2567267429-1536089898-4271563160-1001
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-25748638-3070766335-1282049688-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-297691607-908861125-93221091-1001
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-297695787-1185760838-1750816100-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-3197828234-1387385628-2405653893-1001
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-3567897765-165549847-3575655681-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-3567897765-165549847-3575655681-501
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-387377877-2054901817-3134484023-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-3917030195-1593322665-2111647267-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-552475084-2921124732-1286918191-1001
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-600660826-151988778-2339251519-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-699254025-2182631571-4271554098-1001
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-709322647-3465517466-2884970409-1001
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-910526678-822734058-1797524235-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-918361919-788174780-463260045-1001
Supprimé! G:\$RECYCLE.BIN\S-1-5-21-24353398-3523330611-3705775822-1000
Supprimé! H:\$RECYCLE.BIN\S-1-5-21-24353398-3523330611-3705775822-1000
Supprimé! C:\tmp

################## | Registre |

Supprimé! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsettings.exe
Supprimé! HKLM\software\microsoft\windows nt\currentversion\winlogon|Taskman

################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{4c424565-41f4-11e0-91ae-806e6f6e6963}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ac9eb80b-fcd6-11df-8105-806e6f6e6963}

################## | Listing |

[12/04/2011 - 21:39:29 | SHD ] C:\$Recycle.Bin
[12/04/2011 - 12:18:08 | N | 91211] C:\aaw7boot.log
[12/04/2011 - 12:15:40 | N | 17066] C:\Ad-Report-CLEAN[1].txt
[12/04/2011 - 11:01:42 | N | 17523] C:\Ad-Report-SCAN[1].txt
[29/01/2011 - 23:09:22 | D ] C:\ATI
[20/01/2011 - 18:58:01 | N | 635867] C:\BESR2010PatchLog.txt
[11/04/2011 - 16:37:29 | D ] C:\Comptes
[03/04/2011 - 04:38:39 | D ] C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[24/01/2011 - 11:55:59 | D ] C:\found.000
[30/01/2011 - 00:22:16 | D ] C:\Intel
[13/11/2010 - 09:50:30 | N | 528] C:\MediaID.bin
[02/04/2011 - 09:24:00 | RHD ] C:\MSOCache
[02/04/2011 - 19:45:41 | D ] C:\New Folder
[19/02/2011 - 11:25:36 | D ] C:\NVIDIA
[12/04/2011 - 12:18:08 | ASH | 4284243968] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[06/04/2011 - 10:16:35 | D ] C:\Program Files
[12/04/2011 - 12:15:25 | D ] C:\Program Files (x86)
[05/04/2011 - 21:41:52 | D ] C:\ProgramData
[01/12/2010 - 01:18:54 | SHD ] C:\Recovery
[12/04/2011 - 08:23:21 | D ] C:\rsit
[21/01/2011 - 19:36:07 | SHD ] C:\System Volume Information
[05/12/2010 - 20:37:37 | D ] C:\TEMP
[12/04/2011 - 21:39:30 | D ] C:\UsbFix
[12/04/2011 - 21:38:41 | A | 4727] C:\UsbFix.txt
[01/12/2010 - 01:19:04 | D ] C:\Users
[20/01/2011 - 20:10:51 | D ] C:\VProRecovery
[12/04/2011 - 07:49:47 | D ] C:\Windows
[12/04/2011 - 21:39:30 | SHD ] F:\$RECYCLE.BIN
[27/02/2011 - 10:44:21 | D ] F:\Boot
[20/11/2010 - 14:40:07 | RASH | 383786] F:\bootmgr
[01/12/2010 - 01:07:17 | N | 8192] F:\BOOTSECT.BAK
[09/12/2009 - 16:47:54 | N | 203836] F:\grldr
[30/11/2010 - 17:26:51 | D ] F:\Search
[09/01/2011 - 11:04:47 | SHD ] F:\System Volume Information
[09/12/2009 - 16:47:55 | N | 0] F:\winx.ld
[12/04/2011 - 21:39:30 | SHD ] G:\$RECYCLE.BIN
[10/04/2011 - 20:08:47 | D ] G:\FNET
[06/02/2011 - 06:46:39 | SHD ] G:\System Volume Information
[12/04/2011 - 21:39:30 | SHD ] H:\$RECYCLE.BIN
[13/03/2011 - 12:39:49 | D ] H:\FNET
[27/03/2011 - 23:30:46 | SHD ] H:\System Volume Information
[09/12/2009 - 16:47:02 | D ] I:\Windows 7 Activator
[19/04/2010 - 23:58:22 | N | 1070901] I:\office 2010 mini-KMS_Activator_v1.052.exe
[10/06/2010 - 22:19:06 | N | 1669] I:\INFO - A LIRE POUR ACTIVER OFFICE 2010.txt
[28/04/2010 - 04:12:20 | N | 3176] I:\INFO - A LIRE POUR ACTIVER OFFICE 2010 PAR PARISIEN99 SMS.txt
[21/03/2011 - 11:20:02 | ASH | 145920] Z:\Thumbs.db

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
F:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
G:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
H:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
I:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
Z:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_CLAUDIUS-PC.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.

################## | E.O.F |

:wahoo: 
13 Avril 2011 15:30:40

Bonjour,

Malwarebytes a trouvé trois éléments infectés qu'ils a fallu que je supprime pour avoir le rapport que voici :

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6350

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

13/04/2011 15:27:15
mbam-log-2011-04-13 (15-27-15).txt

Type d'examen: Examen complet (C:\|F:\|Z:\|)
Elément(s) analysé(s): 322843
Temps écoulé: 46 minute(s), 3 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> 2160 -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Windows\kmservice.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\Users\Claudius\downloads\office 2010 extrait\micro office 2010.professional.plus.f+activation.by.blackrider.rar\professionnal\activateur\activateur.exe (Riskware.Keygen) -> Quarantined and deleted successfully.

Bonne lecture
13 Avril 2011 20:26:37

frederix a dit :
Re,

supprime toutes tes :o  : http://www.infos-du-net.com/forum/273143-7-cracks-risqu...


Voila c'est fait. J'ai chargé la femme du baudet à mort et ils sont tous partis. Maintenant mon disque est tout léger. Je pense que j'ai compris et vais dès que possible investir dans le soft.
Que dois-je faire maintenant ?

14 Avril 2011 10:03:47

frederix a dit :
Bonjour,

fais un scan antivirus avec Eset.
Tuto : http://forum.pcastuces.com/eset_online_scanner___nouvel...
Poste le rapport.

A+


Re
Voici le rapport
C:\Program Files\Installer\Utils.dll MSIL/Agent.NEW cheval de troie nettoyé par suppression - mis en quarantaine
C:\Users\Claudius\AppData\Local\assembly\dl3\K3MATR67.RD5\KBO39BKX.DP0\8235d8a3\00c6edba_3a9dcb01\Utils.DLL MSIL/Agent.NEW cheval de troie nettoyé par suppression - mis en quarantaine

J'ai demandé la suppression de la quarantaine.

A+
14 Avril 2011 12:49:47

Bonjour,

1) Télécharge :
CCleaner : Ici
Lance-le puis clique sur Options>Avancé et décoche Effacer uniquement les fichiers Temp de Windows datant de plus de 24 heures. Ferme le programme.

2) Lance CCleaner :
Dans le menu Nettoyeur, clique sur Analyse (laisse-le travailler) puis sur le bouton Lancer le nettoyage.
Fais cela plusieurs fois.

A+
15 Avril 2011 06:21:36

frederix a dit :
Bonjour,

1) Télécharge :
CCleaner : Ici
Lance-le puis clique sur Options>Avancé et décoche Effacer uniquement les fichiers Temp de Windows datant de plus de 24 heures. Ferme le programme.

2) Lance CCleaner :
Dans le menu Nettoyeur, clique sur Analyse (laisse-le travailler) puis sur le bouton Lancer le nettoyage.
Fais cela plusieurs fois.

A+


Salut
le système de réponse ne semble pas fonctionner très bien

J'ai fait les opérations demandées, et en plus j'ai passé <Spybot-Search ans Destroy> mais sans trouver de rapport a envoyer. Beaucoup de problèmes trouvés et corrigés.
Le problème est résolu.
Je tient à te remercier pour ton aide précieuse.
Comment puis-je fermer ce sujet ?

15 Avril 2011 08:01:53

chicu a dit :
> J'ai fait les opérations demandées, et en plus j'ai passé <Spybot-Search ans Destroy> mais sans trouver de rapport a envoyer.


:hello: ,

> Spybot S&D est obsolète.

Il faut mettre à jour Java (faille de sécurité) :
http://www.java.com/fr/download/manual.jsp
Clique sur Windows Hors ligne
Décoche Installer la barre d' outils Yahoo!

A+
15 Avril 2011 09:43:44

frederix a dit :
:hello: ,

> Spybot S&D est obsolète.

Il faut mettre à jour Java (faille de sécurité) :
http://www.java.com/fr/download/manual.jsp
Clique sur Windows Hors ligne
Décoche Installer la barre d' outils Yahoo!

A+


Bonjour,
voila c'est fait

A+
15 Avril 2011 19:07:03

Re,

comment va ton Pc?

Poste un dernier rapport RSIT.
15 Avril 2011 19:53:01

frederix a dit :
Re,

comment va ton Pc?

Poste un dernier rapport RSIT.


Bonsoir,

A mon avis ça va mieux, l'ouverture intempestive de Babylon Search a cessé et le PC semble fonctionner normalement.
Mais je préfère avoir ton avis.
Voici le rapport RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by Claudius at 2011-04-15 19:41:00
Microsoft Windows 7 Édition Familiale Premium Service Pack 1
System drive C: has 388 GB (82%) free of 474 GB
Total RAM: 4086 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:20, on 15/04/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE
C:\Program Files (x86)\goodsol\goodsol.exe
C:\Program Files (x86)\goodsol\goodsol.exe
C:\Program Files (x86)\goodsol\goodsol.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Claudius\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Claudius.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {067f6fb8-19ba-4ab6-b7bb-2d6270691a20} - (no file)
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\Userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Softonic_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [gSyncit] C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PC Clone EX.LNK = C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0....
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\x64\maconfservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 27454 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
Softonic_France Toolbar - C:\Program Files (x86)\Softonic_France\tbSoft.dll [2010-11-13 3913000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll [2010-07-01 68280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll [2010-07-01 191160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4daac69c-cba7-45e2-9bc8-1044483d3352} - Softonic_France Toolbar - C:\Program Files (x86)\Softonic_France\tbSoft.dll [2010-11-13 3913000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-12-01 352976]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2011-03-01 190808]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-04 336384]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-01-26 15026056]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"gSyncit"=C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [2011-03-26 31456]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe []
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Logitech Vid"=C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
PC Clone EX.LNK - C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE

C:\Users\Claudius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Logitech . Enregistrement du produit.lnk - C:\Program Files (x86)\Logitech\Ereg\eReg.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Protector Suite\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-04-15 09:21:16 ----D---- C:\Program Files (x86)\Common Files\Java
2011-04-15 09:20:55 ----A---- C:\Windows\SysWOW64\javaws.exe
2011-04-15 09:20:55 ----A---- C:\Windows\SysWOW64\javaw.exe
2011-04-15 09:20:55 ----A---- C:\Windows\SysWOW64\java.exe
2011-04-15 09:20:50 ----D---- C:\Program Files (x86)\Java
2011-04-15 06:06:37 ----A---- C:\Windows\wininit.ini
2011-04-15 05:45:04 ----D---- C:\Program Files (x86)\Conduit
2011-04-15 05:45:02 ----D---- C:\Program Files (x86)\ConduitEngine
2011-04-15 05:44:58 ----D---- C:\Program Files (x86)\Tom's_Guide_France
2011-04-14 19:53:07 ----D---- C:\ProgramData\ma-config.com
2011-04-14 19:46:30 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-04-14 19:46:30 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-04-14 19:33:52 ----D---- C:\Users\Claudius\AppData\Roaming\Protector Suite
2011-04-14 13:01:24 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-04-14 13:01:21 ----A---- C:\Windows\SysWOW64\mfc42u.dll
2011-04-14 13:01:21 ----A---- C:\Windows\SysWOW64\mfc42.dll
2011-04-14 13:01:19 ----A---- C:\Windows\SysWOW64\atmlib.dll
2011-04-14 13:01:19 ----A---- C:\Windows\SysWOW64\atmfd.dll
2011-04-14 13:01:18 ----A---- C:\Windows\SysWOW64\dnscacheugc.exe
2011-04-14 13:01:18 ----A---- C:\Windows\SysWOW64\dnsapi.dll
2011-04-14 13:01:17 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2011-04-14 10:44:40 ----D---- C:\Program Files (x86)\Duplicate Cleaner
2011-04-13 20:10:50 ----D---- C:\Program Files (x86)\MAGIX
2011-04-13 09:13:48 ----D---- C:\Tmp
2011-04-13 09:10:49 ----A---- C:\Windows\SysWOW64\uxtuneup.dll
2011-04-13 09:10:49 ----A---- C:\Windows\SysWOW64\authuitu.dll
2011-04-12 21:39:33 ----RASHD---- C:\Autorun.inf
2011-04-12 13:24:58 ----A---- C:\UsbFix.txt
2011-04-12 13:24:41 ----D---- C:\UsbFix
2011-04-12 12:14:48 ----N---- C:\Ad-Report-CLEAN[1].txt
2011-04-12 11:01:04 ----N---- C:\Ad-Report-SCAN[1].txt
2011-04-12 11:00:22 ----D---- C:\Program Files (x86)\Ad-Remover
2011-04-12 08:23:02 ----D---- C:\Program Files (x86)\trend micro
2011-04-12 08:23:01 ----D---- C:\rsit
2011-04-03 19:22:06 ----D---- C:\Program Files (x86)\K!TV
2011-04-02 20:25:32 ----A---- C:\Windows\SysWOW64\srvany.exe
2011-04-02 19:19:00 ----D---- C:\New Folder
2011-04-02 16:18:47 ----D---- C:\Program Files (x86)\Fieldston Software
2011-04-02 09:31:44 ----D---- C:\Users\Claudius\AppData\Roaming\gSyncit
2011-04-02 09:27:27 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2011-04-02 09:27:27 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2011-04-02 09:27:15 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2011-04-02 09:25:56 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-04-02 09:24:55 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2011-04-02 09:24:17 ----D---- C:\Program Files (x86)\Microsoft Office
2011-04-02 09:24:00 ----RHD---- C:\MSOCache
2011-04-01 09:38:53 ----D---- C:\Program Files (x86)\gSyncit
2011-04-01 07:10:46 ----A---- C:\Windows\SysWOW64\LVUI2RC.dll
2011-04-01 07:10:24 ----A---- C:\Windows\SysWOW64\LVUI2.dll
2011-04-01 07:08:36 ----A---- C:\Windows\SysWOW64\lvcodec2.dll
2011-04-01 07:07:02 ----A---- C:\Windows\SysWOW64\LogiDPPApp.exe
2011-04-01 07:07:02 ----A---- C:\Windows\SysWOW64\LogiDPP.dll
2011-04-01 07:06:56 ----A---- C:\Windows\SysWOW64\DevManagerCore.dll
2011-03-26 21:41:10 ----A---- C:\Windows\SysWOW64\msvcr100.dll
2011-03-26 21:41:10 ----A---- C:\Windows\SysWOW64\msvcp100.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\TTIC32.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\TTI32.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\MXRestore.exe
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\msxml4a.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\mgxcdr.txt
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\DLLTPO32.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\DLLRD32.dll
2011-03-21 10:43:09 ----D---- C:\ProgramData\MAGIX
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLPTL32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLPRJ32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLMSC32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLIX.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLISO32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLIMG32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLDIR32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLCDF32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLCDA32.dll
2011-03-21 10:42:51 ----D---- C:\Users\Claudius\AppData\Roaming\MAGIX
2011-03-21 10:42:44 ----A---- C:\Windows\SysWOW64\DLLDEV32i.dll
2011-03-21 10:42:16 ----D---- C:\Program Files (x86)\Common Files\MAGIX Services

======List of files/folders modified in the last 1 months======

2011-04-15 19:41:17 ----D---- C:\Windows\Temp
2011-04-15 19:40:04 ----D---- C:\Users\Claudius\AppData\Roaming\Skype
2011-04-15 18:46:34 ----D---- C:\ProgramData\Kaspersky Lab
2011-04-15 09:59:28 ----D---- C:\Windows\System32
2011-04-15 09:59:28 ----D---- C:\Windows\inf
2011-04-15 09:39:44 ----D---- C:\Windows
2011-04-15 09:38:56 ----D---- C:\ProgramData\NVIDIA
2011-04-15 09:38:34 ----D---- C:\Config.Msi
2011-04-15 09:37:23 ----SHD---- C:\Windows\Installer
2011-04-15 09:37:03 ----D---- C:\Program Files (x86)\Logitech
2011-04-15 09:36:25 ----D---- C:\Program Files (x86)\Common Files\logishrd
2011-04-15 09:36:22 ----D---- C:\Windows\SysWOW64
2011-04-15 09:33:05 ----D---- C:\Windows\Prefetch
2011-04-15 09:22:54 ----D---- C:\Program Files
2011-04-15 09:21:16 ----D---- C:\Program Files (x86)\Common Files
2011-04-15 09:20:51 ----A---- C:\Windows\SysWOW64\deployJava1.dll
2011-04-15 09:20:50 ----D---- C:\Program Files (x86)
2011-04-15 08:52:02 ----D---- C:\Windows\SysWOW64\logishrd
2011-04-15 06:06:43 ----D---- C:\Program Files (x86)\Free Offers from Freeze.com
2011-04-14 19:53:07 ----D---- C:\ProgramData
2011-04-14 18:17:37 ----D---- C:\Users\Claudius\AppData\Roaming\SudokuTime
2011-04-14 17:56:14 ----D---- C:\Windows\debug
2011-04-14 17:52:12 ----D---- C:\Users\Claudius\AppData\Roaming\uTorrent
2011-04-14 17:52:05 ----D---- C:\Comptes
2011-04-14 16:49:00 ----D---- C:\Windows\Microsoft.NET
2011-04-14 16:48:58 ----RSD---- C:\Windows\assembly
2011-04-14 16:18:23 ----D---- C:\Windows\winsxs
2011-04-14 15:52:46 ----D---- C:\ProgramData\Microsoft Help
2011-04-13 19:48:31 ----D---- C:\ProgramData\eMule
2011-04-13 15:23:29 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-04-13 09:10:34 ----D---- C:\Program Files (x86)\TuneUp Utilities 2011
2011-04-13 09:06:26 ----SHD---- C:\$Recycle.Bin
2011-04-11 17:03:10 ----D---- C:\Users\Claudius\AppData\Roaming\FileZilla
2011-04-11 17:01:56 ----D---- C:\Program Files (x86)\FileZilla FTP Client
2011-04-04 09:45:55 ----D---- C:\Program Files (x86)\Google
2011-04-04 09:42:12 ----D---- C:\Users\Claudius\AppData\Roaming\Media Player Classic
2011-04-03 19:33:46 ----D---- C:\Users\Claudius\AppData\Roaming\vlc
2011-04-02 13:42:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-04-02 09:27:59 ----RSD---- C:\Windows\Fonts
2011-04-02 09:27:57 ----D---- C:\Windows\ShellNew
2011-04-02 09:27:57 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2011-04-02 09:27:46 ----D---- C:\Program Files (x86)\MSBuild
2011-04-02 09:27:15 ----D---- C:\ProgramData\Microsoft
2011-04-02 09:27:15 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-04-02 09:27:15 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-04-02 09:25:25 ----A---- C:\Windows\win.ini
2011-03-24 14:33:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-03-21 11:38:03 ----D---- C:\Program Files (x86)\eRightSoft
2011-03-18 07:15:26 ----D---- C:\Program Files (x86)\Undisker
2011-03-17 15:40:05 ----D---- C:\Windows\rescache
2011-03-16 12:05:14 ----D---- C:\Program Files (x86)\Safari

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys []
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys []
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys []
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys []
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys []
R3 GEARAspiWDM;GearAspiWDM; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys []
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys []
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys []
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys []
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\drivers\BthEnum.sys []
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfoX64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys []
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
S3 driverhardwarev2x64;driverhardwarev2x64; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2010-07-15 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2010-07-15 8456]
S3 fbxusb;Carte réseau virtuelle FreeBox USB (AMD 64 bits); C:\Windows\system32\DRIVERS\fbxusb64.sys []
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-02-04 17152]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys []
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys []
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw64e.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 StillCam;Pilote d’appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys []
S3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 AVP;Kaspersky Anti-Virus Service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe [2010-12-01 352976]
R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe []
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-08-16 73728]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe []
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-27 378472]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-03-30 2026304]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2011-03-07 934176]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-04 136176]
S2 KMService;KMService; C:\Windows\system32\srvany.exe [2003-04-18 8192]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-04-11 1753048]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\x64\maconfservice.exe [2011-04-12 420864]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

A+
16 Avril 2011 16:40:00

Bonjour,

:heink: 

Fais la manip' de ComboFix (merci sUBs) et poste le rapport : Ici

A+
16 Avril 2011 19:48:14

frederix a dit :
Bonjour,

:heink: 

Fais la manip' de ComboFix (merci sUBs) et poste le rapport : Ici

A+


Bonsoir,

voici le rapport: :lol: 

ComboFix 11-04-15.06 - Claudius 16/04/2011 19:31:55.1.8 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4086.2394 [GMT 2:00]
Lancé depuis: c:\users\Claudius\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Claudius\AppData\Roaming\PCFix
c:\users\Claudius\AppData\Roaming\PCFix\unresolvederrors.dat
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-03-16 au 2011-04-16 ))))))))))))))))))))))))))))))))))))
.
.
2011-04-16 17:36 . 2011-04-16 17:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-16 02:36 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{33B77B83-9D15-49DD-A55A-391D3EDF0753}\mpengine.dll
2011-04-15 07:36 . 2011-04-15 07:36 53248 ----a-r- c:\users\Claudius\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-04-15 07:23 . 2011-04-15 07:22 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-15 07:22 . 2011-04-15 07:22 -------- d-----w- c:\program files\Java
2011-04-15 07:21 . 2011-04-15 07:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-04-15 07:20 . 2011-04-15 07:20 -------- d-----w- c:\program files (x86)\Java
2011-04-15 03:45 . 2011-04-15 03:45 -------- d-----w- c:\program files (x86)\Conduit
2011-04-15 03:44 . 2011-04-15 03:45 -------- d-----w- c:\program files (x86)\Tom's_Guide_France
2011-04-14 17:53 . 2011-04-14 17:53 -------- d-----w- c:\program files\ma-config.com
2011-04-14 17:53 . 2011-04-14 17:53 -------- d-----w- c:\programdata\ma-config.com
2011-04-14 17:46 . 2011-04-15 03:50 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-04-14 17:46 . 2011-04-15 03:47 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-04-14 17:33 . 2011-04-14 17:33 -------- d-----w- c:\users\Claudius\AppData\Roaming\Protector Suite
2011-04-14 08:44 . 2011-04-14 15:36 -------- d-----w- c:\users\Claudius\AppData\Local\DuplicateCleaner
2011-04-14 08:44 . 2011-04-14 08:44 -------- d-----w- c:\program files (x86)\Duplicate Cleaner
2011-04-13 18:10 . 2011-04-13 18:10 -------- d-----w- c:\program files (x86)\MAGIX
2011-04-13 07:13 . 2011-04-14 11:17 -------- d-----w- C:\Tmp
2011-04-13 07:10 . 2011-03-30 17:17 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-04-13 07:10 . 2011-03-30 17:17 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-04-13 07:10 . 2011-03-30 17:17 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-04-13 07:10 . 2011-03-30 17:17 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-04-12 11:24 . 2011-04-12 19:39 -------- d-----w- C:\UsbFix
2011-04-12 09:00 . 2011-04-12 09:08 -------- d-----w- c:\program files (x86)\Ad-Remover
2011-04-12 06:23 . 2011-04-15 17:41 -------- d-----w- c:\program files (x86)\trend micro
2011-04-12 06:23 . 2011-04-12 06:23 -------- d-----w- C:\rsit
2011-04-03 17:22 . 2011-04-03 17:28 -------- d-----w- c:\program files (x86)\K!TV
2011-04-02 18:25 . 2003-04-18 17:06 8192 ----a-w- c:\windows\SysWow64\srvany.exe
2011-04-02 17:19 . 2011-04-02 17:45 -------- d-----w- C:\New Folder
2011-04-02 14:18 . 2011-04-02 14:18 -------- d-----w- c:\program files (x86)\Fieldston Software
2011-04-02 07:31 . 2011-04-16 11:27 -------- d-----w- c:\users\Claudius\AppData\Roaming\gSyncit
2011-04-02 07:27 . 2011-04-02 07:27 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2011-04-02 07:27 . 2011-04-02 07:27 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2011-04-02 07:25 . 2011-04-02 07:25 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-04-02 07:24 . 2011-04-02 07:24 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-04-02 07:24 . 2011-04-02 07:24 -------- d-----r- C:\MSOCache
2011-04-01 07:38 . 2011-04-01 07:42 -------- d-----w- c:\program files (x86)\gSyncit
2011-04-01 05:10 . 2011-04-01 05:10 539232 ----a-w- c:\windows\SysWow64\LVUI2RC.dll
2011-04-01 05:10 . 2011-04-01 05:10 543328 ----a-w- c:\windows\SysWow64\LVUI2.dll
2011-04-01 05:08 . 2011-04-01 05:08 301664 ----a-w- c:\windows\SysWow64\lvcodec2.dll
2011-04-01 05:07 . 2011-04-01 05:07 4184672 ----a-w- c:\windows\system32\drivers\lvuvc64.sys
2011-04-01 05:07 . 2011-04-01 05:07 559712 ----a-w- c:\windows\system32\LVUIRC64.dll
2011-04-01 05:07 . 2011-04-01 05:07 767584 ----a-w- c:\windows\system32\LVUI64.dll
2011-04-01 05:07 . 2011-04-01 05:07 10877272 ----a-w- c:\windows\SysWow64\LogiDPP.dll
2011-04-01 05:07 . 2011-04-01 05:07 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
2011-04-01 05:07 . 2011-04-01 05:07 102744 ----a-w- c:\windows\SysWow64\LogiDPPApp.exe
2011-04-01 05:07 . 2011-04-01 05:07 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2011-04-01 05:06 . 2011-04-01 05:06 331608 ----a-w- c:\windows\SysWow64\DevManagerCore.dll
2011-04-01 05:06 . 2011-04-01 05:06 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
2011-04-01 05:06 . 2011-04-01 05:06 341856 ----a-w- c:\windows\system32\drivers\lvrs64.sys
2011-04-01 05:05 . 2011-04-01 05:05 261728 ----a-w- c:\windows\system32\lvco13251014.dll
2011-04-01 05:05 . 2011-04-01 05:05 172128 ----a-w- c:\windows\system32\lvcod64.dll
2011-04-01 04:56 . 2011-04-01 04:56 39318 ----a-w- c:\windows\system32\Repository.reg
2011-03-26 19:41 . 2011-03-26 19:41 770384 ----a-w- c:\windows\SysWow64\msvcr100.dll
2011-03-26 19:41 . 2011-03-26 19:41 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2011-03-24 12:33 . 2011-03-18 17:58 781272 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-03-24 12:33 . 2011-03-18 17:58 728024 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-03-24 12:33 . 2011-03-18 17:58 1975768 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-03-24 12:33 . 2011-03-18 17:58 1893336 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-03-24 12:33 . 2011-03-18 17:58 1874904 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-03-24 12:33 . 2011-03-18 17:58 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-03-24 12:33 . 2011-03-18 17:58 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-03-24 12:33 . 2011-03-18 17:58 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-03-22 22:02 . 2011-03-22 22:02 15192 ----a-w- c:\windows\system32\drivers\iKeyLFT264.dll
2011-03-21 08:42 . 2011-03-21 09:29 -------- d-----w- c:\users\Claudius\AppData\Roaming\MAGIX
2011-03-21 08:42 . 2007-04-27 09:43 120200 ----a-w- c:\windows\SysWow64\DLLDEV32i.dll
2011-03-21 08:42 . 2011-03-21 08:42 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Services
2011-03-20 23:20 . 2011-03-20 23:20 -------- d-----w- c:\users\Claudius\AppData\Local\WMTools Downloaded Files
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-15 07:20 . 2011-02-13 13:57 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-04-12 19:39 . 2011-04-12 19:39 15350083 ----a-w- C:\UsbFix_Upload_Me_CLAUDIUS-PC.zip
2011-03-30 17:21 . 2011-01-24 09:35 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-03-15 08:38 . 2011-03-15 08:38 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-03-15 08:38 . 2011-03-15 08:38 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-03-15 08:38 . 2011-03-15 08:38 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-03-15 08:38 . 2011-03-15 08:38 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-03-15 08:38 . 2011-03-15 08:38 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-03-15 08:38 . 2011-03-15 08:38 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-03-15 08:38 . 2011-03-15 08:38 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-03-15 08:38 . 2011-03-15 08:38 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-03-15 08:38 . 2011-03-15 08:38 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-03-15 08:38 . 2011-03-15 08:38 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-03-15 08:38 . 2011-03-15 08:38 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-03-15 08:38 . 2011-03-15 08:38 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-03-15 08:38 . 2011-03-15 08:38 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-03-15 08:38 . 2011-03-15 08:38 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-15 08:38 . 2011-03-15 08:38 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-03-15 08:38 . 2011-03-15 08:38 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-03-15 08:38 . 2011-03-15 08:38 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-03-15 08:38 . 2011-03-15 08:38 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-03-15 08:38 . 2011-03-15 08:38 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-03-15 08:38 . 2011-03-15 08:38 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-03-15 08:38 . 2011-03-15 08:38 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-15 08:38 . 2011-03-15 08:38 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-15 08:38 . 2011-03-15 08:38 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-15 08:38 . 2011-03-15 08:38 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-03-15 08:38 . 2011-03-15 08:38 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-03-15 08:38 . 2011-03-15 08:38 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-03-15 08:38 . 2011-03-15 08:38 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-03-15 08:38 . 2011-03-15 08:38 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-15 08:38 . 2011-03-15 08:38 448512 ----a-w- c:\windows\system32\html.iec
2011-03-15 08:38 . 2011-03-15 08:38 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-15 08:38 . 2011-03-15 08:38 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-15 08:38 . 2011-03-15 08:38 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-03-15 08:38 . 2011-03-15 08:38 222208 ----a-w- c:\windows\system32\msls31.dll
2011-03-15 08:38 . 2011-03-15 08:38 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-15 08:38 . 2011-03-15 08:38 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-03-15 08:38 . 2011-03-15 08:38 160256 ----a-w- c:\windows\system32\wextract.exe
2011-03-15 08:38 . 2011-03-15 08:38 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-15 08:38 . 2011-03-15 08:38 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-03-15 08:38 . 2011-03-15 08:38 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-15 08:38 . 2011-03-15 08:38 12288 ----a-w- c:\windows\system32\mshta.exe
2011-03-15 08:38 . 2011-03-15 08:38 114176 ----a-w- c:\windows\system32\admparse.dll
2011-03-15 08:38 . 2011-03-15 08:38 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-09 08:31 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-24 07:06 . 2011-02-24 07:06 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-02-23 05:26 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-02-23 05:26 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-19 12:05 . 2011-03-09 08:36 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 12:04 . 2011-03-09 08:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 12:04 . 2011-03-09 08:36 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:30 . 2011-03-09 08:36 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 06:30 . 2011-03-09 08:36 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-18 15:36 . 2011-02-18 15:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-02 17:11 . 2010-12-01 09:20 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-26 17:30 . 2011-01-26 17:30 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-19 16:47 . 2011-02-27 16:05 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x64.sys
2011-01-18 10:19 . 2011-02-19 09:26 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-18 10:19 . 2011-02-19 09:26 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-01-18 10:19 . 2011-02-19 09:26 5652584 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-01-18 10:19 . 2011-02-19 09:05 7729256 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-01-18 10:19 . 2011-02-19 09:26 20478568 ----a-w- c:\windows\system32\nvoglv64.dll
2011-01-18 10:19 . 2011-02-19 09:26 15051368 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-01-18 10:19 . 2011-02-19 09:26 12977128 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-01-18 10:19 . 2011-02-19 09:06 1359976 ----a-w- c:\windows\system32\nvgenco642040.dll
2011-01-18 10:19 . 2011-02-19 09:06 1614440 ----a-w- c:\windows\system32\nvdispco642090.dll
2011-01-18 10:19 . 2011-02-19 09:05 12862568 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-01-18 10:19 . 2011-02-19 09:05 10080872 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-01-18 10:19 . 2011-02-19 09:26 6606440 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-18 10:19 . 2011-02-19 09:26 4943464 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-01-18 10:19 . 2011-02-19 09:26 3113576 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-18 10:19 . 2011-02-19 09:26 2897512 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-01-18 10:19 . 2011-02-19 09:26 2482280 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-18 10:19 . 2011-02-19 09:26 2252904 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-01-18 10:19 . 2011-02-19 09:26 1978472 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-01-18 10:19 . 2011-02-19 09:26 18580072 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-18 10:19 . 2011-02-19 09:26 13011560 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-01-18 10:19 . 2011-02-19 09:05 2212968 ----a-w- c:\windows\system32\nvapi64.dll
2011-01-17 11:09 . 2011-02-23 07:18 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-17 05:47 . 2011-02-23 07:18 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files (x86)\Softonic_France\tbSoft.dll" [2010-11-13 3913000]
.
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
2010-11-13 20:58 3913000 ----a-w- c:\program files (x86)\Softonic_France\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files (x86)\Softonic_France\tbSoft.dll" [2010-11-13 3913000]
.
[HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"gSyncit"="c:\program files (x86)\Fieldston Software\gSyncit\gsyncit.exe" [2011-03-26 31456]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-12-01 352976]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-04 336384]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\users\Claudius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Enregistrement du produit.lnk - c:\program files (x86)\Logitech\Ereg\eReg.exe [2009-11-16 517384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
PC Clone EX.LNK - c:\program files (x86)\PcCloneEX\PcCloneEX.EXE [2011-2-15 5810176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"AppleSyncNotifier"=c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-04 136176]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-07-15 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-07-15 9096]
R3 fbxusb;Carte réseau virtuelle FreeBox USB (AMD 64 bits);c:\windows\system32\DRIVERS\fbxusb64.sys [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-04-12 420864]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 MSICDSetup;MSICDSetup;D:\CDriver64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-27 378472]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-03-30 2026304]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [x]
S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - CPUZ135
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-08-16 12:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-04 08:10]
.
2011-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-04 08:10]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2009-08-26 15:52 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2009-08-26 15:52 5948168 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-14 11465832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Ajouter à l'Anti-bannière - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Claudius\AppData\Roaming\Mozilla\Firefox\Profiles\161qbj25.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=eb6361f00000000000007071bc76c4bb&tlver=1.4.19.19&instlRef=sst&ss=1&affID=18026&q=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{067f6fb8-19ba-4ab6-b7bb-2d6270691a20} - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
WebBrowser-{067F6FB8-19BA-4AB6-B7BB-2D6270691A20} - (no file)
WebBrowser-{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - (no file)
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-04-16 19:37:51
ComboFix-quarantined-files.txt 2011-04-16 17:37
.
Avant-CF: 407 662 837 760 octets libres
Après-CF: 407 725 346 816 octets libres
.
- - End Of File - - C12B50AD9B5F6E90DA7A7B9B9DB3A6BB
:hello: 
18 Avril 2011 08:04:07

Bonjour,

poste un rapport RSIT...

A+
18 Avril 2011 09:31:51

frederix a dit :
Bonjour,

poste un rapport RSIT...

A+


Bonjour Frederix,

Le PC est beaucoup rapide qu'avant, il semble plus léger.
j'ai pour essai remplacé Kasperski par Avira personal.
Je ne sais pas si c'est une bonne idée ?

Pour information j'ai depuis 2 ou 3 jours une petite anomalie: click droit sur le bureau>nouveau raccourci ne fonctionne plus.

Si non tout semble aller bien, voici le rapport.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Claudius at 2011-04-18 09:16:03
Microsoft Windows 7 Édition Familiale Premium Service Pack 1
System drive C: has 389 GB (82%) free of 474 GB
Total RAM: 4086 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:16:10, on 18/04/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Claudius\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Claudius.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Softonic_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files (x86)\Softonic_France\tbSoft.dll
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PC Clone EX.LNK = C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0....
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\x64\maconfservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 25255 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
Softonic_France Toolbar - C:\Program Files (x86)\Softonic_France\tbSoft.dll [2010-11-13 3913000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4daac69c-cba7-45e2-9bc8-1044483d3352} - Softonic_France Toolbar - C:\Program Files (x86)\Softonic_France\tbSoft.dll [2010-11-13 3913000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2011-03-01 190808]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-04 336384]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2011-03-04 281768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-01-26 15026056]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Logitech Vid"=C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
PC Clone EX.LNK - C:\Program Files (x86)\PcCloneEX\PcCloneEX.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2011-03-15 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Protector Suite\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutorun"=3
"NoDriveTypeAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-04-17 09:37:43 ----D---- C:\Users\Claudius\AppData\Roaming\Avira
2011-04-17 09:35:27 ----D---- C:\ProgramData\Avira
2011-04-17 09:35:27 ----D---- C:\Program Files (x86)\Avira
2011-04-16 19:45:56 ----SHD---- C:\$RECYCLE.BIN
2011-04-16 19:37:51 ----A---- C:\ComboFix.txt
2011-04-16 19:31:15 ----A---- C:\Windows\zip.exe
2011-04-16 19:31:15 ----A---- C:\Windows\SWSC.exe
2011-04-16 19:31:15 ----A---- C:\Windows\SWREG.exe
2011-04-16 19:31:15 ----A---- C:\Windows\sed.exe
2011-04-16 19:31:15 ----A---- C:\Windows\PEV.exe
2011-04-16 19:31:15 ----A---- C:\Windows\NIRCMD.exe
2011-04-16 19:31:15 ----A---- C:\Windows\MBR.exe
2011-04-16 19:31:15 ----A---- C:\Windows\grep.exe
2011-04-16 19:31:11 ----D---- C:\Windows\ERDNT
2011-04-16 19:28:19 ----D---- C:\Qoobox
2011-04-16 19:27:46 ----A---- C:\Windows\SWXCACLS.exe
2011-04-15 09:21:16 ----D---- C:\Program Files (x86)\Common Files\Java
2011-04-15 09:20:55 ----A---- C:\Windows\SysWOW64\javaws.exe
2011-04-15 09:20:55 ----A---- C:\Windows\SysWOW64\javaw.exe
2011-04-15 09:20:55 ----A---- C:\Windows\SysWOW64\java.exe
2011-04-15 09:20:50 ----D---- C:\Program Files (x86)\Java
2011-04-15 06:06:37 ----A---- C:\Windows\wininit.ini
2011-04-15 05:45:04 ----D---- C:\Program Files (x86)\Conduit
2011-04-15 05:45:02 ----D---- C:\Program Files (x86)\ConduitEngine
2011-04-15 05:44:58 ----D---- C:\Program Files (x86)\Tom's_Guide_France
2011-04-14 19:53:07 ----D---- C:\ProgramData\ma-config.com
2011-04-14 19:46:30 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-04-14 19:46:30 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-04-14 19:33:52 ----D---- C:\Users\Claudius\AppData\Roaming\Protector Suite
2011-04-14 13:01:24 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-04-14 13:01:21 ----A---- C:\Windows\SysWOW64\mfc42u.dll
2011-04-14 13:01:21 ----A---- C:\Windows\SysWOW64\mfc42.dll
2011-04-14 13:01:19 ----A---- C:\Windows\SysWOW64\atmlib.dll
2011-04-14 13:01:19 ----A---- C:\Windows\SysWOW64\atmfd.dll
2011-04-14 13:01:18 ----A---- C:\Windows\SysWOW64\dnscacheugc.exe
2011-04-14 13:01:18 ----A---- C:\Windows\SysWOW64\dnsapi.dll
2011-04-14 13:01:17 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2011-04-14 10:44:40 ----D---- C:\Program Files (x86)\Duplicate Cleaner
2011-04-13 20:10:50 ----D---- C:\Program Files (x86)\MAGIX
2011-04-13 09:13:48 ----D---- C:\Tmp
2011-04-13 09:10:49 ----A---- C:\Windows\SysWOW64\uxtuneup.dll
2011-04-13 09:10:49 ----A---- C:\Windows\SysWOW64\authuitu.dll
2011-04-12 21:39:33 ----RAD---- C:\Autorun.inf
2011-04-12 13:24:58 ----A---- C:\UsbFix.txt
2011-04-12 13:24:41 ----D---- C:\UsbFix
2011-04-12 12:14:48 ----N---- C:\Ad-Report-CLEAN[1].txt
2011-04-12 11:01:04 ----N---- C:\Ad-Report-SCAN[1].txt
2011-04-12 11:00:22 ----D---- C:\Program Files (x86)\Ad-Remover
2011-04-12 08:23:02 ----D---- C:\Program Files (x86)\trend micro
2011-04-12 08:23:01 ----D---- C:\rsit
2011-04-03 19:22:06 ----D---- C:\Program Files (x86)\K!TV
2011-04-02 20:25:32 ----A---- C:\Windows\SysWOW64\srvany.exe
2011-04-02 19:19:00 ----D---- C:\New Folder
2011-04-02 16:18:47 ----D---- C:\Program Files (x86)\Fieldston Software
2011-04-02 09:31:44 ----D---- C:\Users\Claudius\AppData\Roaming\gSyncit
2011-04-02 09:27:27 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2011-04-02 09:27:27 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2011-04-02 09:27:15 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2011-04-02 09:25:56 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-04-02 09:24:55 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2011-04-02 09:24:17 ----D---- C:\Program Files (x86)\Microsoft Office
2011-04-02 09:24:00 ----RD---- C:\MSOCache
2011-04-01 09:38:53 ----D---- C:\Program Files (x86)\gSyncit
2011-04-01 07:10:46 ----A---- C:\Windows\SysWOW64\LVUI2RC.dll
2011-04-01 07:10:24 ----A---- C:\Windows\SysWOW64\LVUI2.dll
2011-04-01 07:08:36 ----A---- C:\Windows\SysWOW64\lvcodec2.dll
2011-04-01 07:07:02 ----A---- C:\Windows\SysWOW64\LogiDPPApp.exe
2011-04-01 07:07:02 ----A---- C:\Windows\SysWOW64\LogiDPP.dll
2011-04-01 07:06:56 ----A---- C:\Windows\SysWOW64\DevManagerCore.dll
2011-03-26 21:41:10 ----A---- C:\Windows\SysWOW64\msvcr100.dll
2011-03-26 21:41:10 ----A---- C:\Windows\SysWOW64\msvcp100.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\TTIC32.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\TTI32.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\MXRestore.exe
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\msxml4a.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\mgxcdr.txt
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\DLLTPO32.dll
2011-03-21 10:43:10 ----A---- C:\Windows\SysWOW64\DLLRD32.dll
2011-03-21 10:43:09 ----D---- C:\ProgramData\MAGIX
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLPTL32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLPRJ32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLMSC32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLIX.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLISO32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLIMG32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLDIR32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLCDF32.dll
2011-03-21 10:43:09 ----A---- C:\Windows\SysWOW64\DLLCDA32.dll
2011-03-21 10:42:51 ----D---- C:\Users\Claudius\AppData\Roaming\MAGIX
2011-03-21 10:42:44 ----A---- C:\Windows\SysWOW64\DLLDEV32i.dll
2011-03-21 10:42:16 ----D---- C:\Program Files (x86)\Common Files\MAGIX Services

======List of files/folders modified in the last 1 months======

2011-04-18 09:16:10 ----D---- C:\Windows\Prefetch
2011-04-18 09:15:00 ----D---- C:\Windows\Temp
2011-04-18 08:51:24 ----D---- C:\Windows\System32
2011-04-18 08:51:24 ----D---- C:\Windows\inf
2011-04-18 08:48:28 ----D---- C:\Users\Claudius\AppData\Roaming\Skype
2011-04-18 08:46:56 ----D---- C:\ProgramData\NVIDIA
2011-04-17 18:50:06 ----D---- C:\Windows
2011-04-17 12:04:46 ----D---- C:\Comptes
2011-04-17 09:35:27 ----D---- C:\ProgramData
2011-04-17 09:35:27 ----D---- C:\Program Files (x86)
2011-04-17 09:27:42 ----D---- C:\Config.Msi
2011-04-17 09:26:54 ----SHD---- C:\Windows\Installer
2011-04-16 19:36:15 ----A---- C:\Windows\system.ini
2011-04-16 19:34:09 ----D---- C:\Windows\SysWOW64\drivers
2011-04-16 19:34:09 ----D---- C:\Windows\SysWOW64
2011-04-16 19:34:09 ----D---- C:\Windows\AppPatch
2011-04-16 19:34:07 ----D---- C:\Program Files (x86)\Common Files
2011-04-15 20:06:38 ----D---- C:\ProgramData\Lavasoft
2011-04-15 09:37:03 ----D---- C:\Program Files (x86)\Logitech
2011-04-15 09:36:25 ----D---- C:\Program Files (x86)\Common Files\logishrd
2011-04-15 09:22:54 ----D---- C:\Program Files
2011-04-15 09:20:51 ----A---- C:\Windows\SysWOW64\deployJava1.dll
2011-04-15 08:52:02 ----D---- C:\Windows\SysWOW64\logishrd
2011-04-15 06:06:43 ----D---- C:\Program Files (x86)\Free Offers from Freeze.com
2011-04-14 18:17:37 ----D---- C:\Users\Claudius\AppData\Roaming\SudokuTime
2011-04-14 17:56:14 ----D---- C:\Windows\debug
2011-04-14 17:52:12 ----D---- C:\Users\Claudius\AppData\Roaming\uTorrent
2011-04-14 16:49:00 ----D---- C:\Windows\Microsoft.NET
2011-04-14 16:48:58 ----RSD---- C:\Windows\assembly
2011-04-14 16:18:23 ----D---- C:\Windows\winsxs
2011-04-14 15:52:46 ----D---- C:\ProgramData\Microsoft Help
2011-04-13 19:48:31 ----D---- C:\ProgramData\eMule
2011-04-13 15:23:29 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-04-13 09:10:34 ----D---- C:\Program Files (x86)\TuneUp Utilities 2011
2011-04-11 17:03:10 ----D---- C:\Users\Claudius\AppData\Roaming\FileZilla
2011-04-11 17:01:56 ----D---- C:\Program Files (x86)\FileZilla FTP Client
2011-04-04 09:45:55 ----D---- C:\Program Files (x86)\Google
2011-04-04 09:42:12 ----D---- C:\Users\Claudius\AppData\Roaming\Media Player Classic
2011-04-03 19:33:46 ----D---- C:\Users\Claudius\AppData\Roaming\vlc
2011-04-02 13:42:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-04-02 09:27:59 ----RSD---- C:\Windows\Fonts
2011-04-02 09:27:57 ----D---- C:\Windows\ShellNew
2011-04-02 09:27:57 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2011-04-02 09:27:46 ----D---- C:\Program Files (x86)\MSBuild
2011-04-02 09:27:15 ----D---- C:\ProgramData\Microsoft
2011-04-02 09:27:15 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-04-02 09:27:15 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-04-02 09:25:25 ----A---- C:\Windows\win.ini
2011-03-24 14:33:31 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-03-21 11:38:03 ----D---- C:\Program Files (x86)\eRightSoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys []
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys []
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys []
R3 GEARAspiWDM;GearAspiWDM; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys []
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys []
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys []
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys []
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\drivers\BthEnum.sys []
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfoX64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys []
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
S3 driverhardwarev2x64;driverhardwarev2x64; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~2\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2010-07-15 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2010-07-15 8456]
S3 fbxusb;Carte réseau virtuelle FreeBox USB (AMD 64 bits); C:\Windows\system32\DRIVERS\fbxusb64.sys []
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys []
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys []
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys []
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw64e.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 StillCam;Pilote d’appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys []
S3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-03-04 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-03-04 269480]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe []
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-08-16 73728]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe []
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-27 378472]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-03-30 2026304]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-04 136176]
S2 KMService;KMService; C:\Windows\system32\srvany.exe [2003-04-18 8192]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2011-03-07 934176]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\x64\maconfservice.exe [2011-04-12 420864]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------
@+ :hello: 
18 Avril 2011 10:19:02

chicu a dit :
1] j'ai pour essai remplacé Kasperski par Avira personal.
Je ne sais pas si c'est une bonne idée ?

2] Pour information j'ai depuis 2 ou 3 jours une petite anomalie: click droit sur le bureau>nouveau raccourci ne fonctionne plus.


Re,

1] C' est une bonne idée.

2] :??: 

Fais analyser ceci par VirusTotal : C:\Windows\SysWOW64\srvany.exe
Tuto : http://forum.pcastuces.com/scan_chez_virus_total-f31s15...
Poste le rapport.
18 Avril 2011 11:45:28

frederix a dit :
Re,

1] C' est une bonne idée.

2] :??: 

Fais analyser ceci par VirusTotal : C:\Windows\SysWOW64\srvany.exe
Tuto : http://forum.pcastuces.com/scan_chez_virus_total-f31s15...
Poste le rapport.


Re,

Voici le rapport:

VT Community Sign in ▼ Languages ▼
Virus Total
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
5 VT Community user(s) with a total of 91 reputation credit(s) say(s) this sample is goodware. 1 VT Community user(s) with a total of 1 reputation credit(s) say(s) this sample is malware.
File name:
srvany.exe
Submission date:
2011-04-18 02:23:36 (UTC)
Current status:
finished
Result:
1 /42 (2.4%)

VT Community

goodware
Safety score: 98.9%
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.04.18.00 2011.04.17 -
AntiVir 7.11.6.147 2011.04.18 -
Antiy-AVL 2.0.3.7 2011.04.17 -
Avast 4.8.1351.0 2011.04.17 -
Avast5 5.0.677.0 2011.04.17 -
AVG 10.0.0.1190 2011.04.17 -
BitDefender 7.2 2011.04.18 -
CAT-QuickHeal 11.00 2011.04.17 -
ClamAV 0.97.0.0 2011.04.18 -
Commtouch 5.2.11.5 2011.04.17 -
Comodo 8380 2011.04.18 -
DrWeb 5.0.2.03300 2011.04.18 -
Emsisoft 5.1.0.5 2011.04.18 -
eSafe 7.0.17.0 2011.04.17 -
eTrust-Vet 36.1.8274 2011.04.15 -
F-Prot 4.6.2.117 2011.04.17 -
F-Secure 9.0.16440.0 2011.04.18 -
Fortinet 4.2.257.0 2011.04.18 -
GData 22 2011.04.18 -
Ikarus T3.1.1.103.0 2011.04.18 -
Jiangmin 13.0.900 2011.04.16 -
K7AntiVirus 9.96.4404 2011.04.16 Riskware
Kaspersky 7.0.0.125 2011.04.18 -
McAfee 5.400.0.1158 2011.04.18 -
McAfee-GW-Edition 2010.1D 2011.04.17 -
Microsoft 1.6702 2011.04.17 -
NOD32 6050 2011.04.18 -
Norman 6.07.07 2011.04.17 -
Panda 10.0.3.5 2011.04.17 -
PCTools 7.0.3.5 2011.04.17 -
Prevx 3.0 2011.04.18 -
Rising 23.53.05.03 2011.04.16 -
Sophos 4.64.0 2011.04.17 -
SUPERAntiSpyware 4.40.0.1006 2011.04.16 -
Symantec 20101.3.2.89 2011.04.18 -
TheHacker 6.7.0.1.176 2011.04.17 -
TrendMicro 9.200.0.1012 2011.04.17 -
TrendMicro-HouseCall 9.200.0.1012 2011.04.18 -
VBA32 3.12.16.0 2011.04.15 -
VIPRE 9046 2011.04.18 -
ViRobot 2011.4.16.4414 2011.04.17 -
VirusBuster 13.6.309.0 2011.04.17 -
Additional information
MD5 : 4635935fc972c582632bf45c26bfcb0e
SHA1 : 7c5329229042535fe56e74f1f246c6da8cea3be8
SHA256: abd4afd71b3c2bd3f741bbe3cec52c4fa63ac78d353101d2e7dc4de2725d1ca1

VT Community

User:
Anonymous
Reputation:
1 credits
Comment date:
2010-10-14 16:18:51 (UTC)
suspicious file and activity
Tags: Malware,

Was this comment helpful? Yes (4) | No (7) | Report abuse

User:
Anonymous
Reputation:
1 credits
Comment date:
2010-11-14 14:35:08 (UTC)
it's crack for ms office 2010, which is installed as a service
Tags: Goodware, behaveslike

Was this comment helpful? Yes (17) | No (0) | Report abuse

User:
simplex
Reputation:
87 credits
Comment date:
2010-11-25 02:51:56 (UTC)
used by KMS mini activator for office crack

in services.msc @KMS Service there will be under Path to executable
C:\Windows\system32\srvany.exe

might also be a microsoft program
"Srvany.exe allows any Windows NT application to run as a service."
Tags: Goodware, behaveslike

Was this comment helpful? Yes (19) | No (0) | Report abuse

User:
Anonymous
Reputation:
1 credits
Comment date:
2011-02-11 19:58:15 (UTC)
crack for ms office 2010

Was this comment helpful? Yes (7) | No (0) | Report abuse

User:
Anonymous
Reputation:
1 credits
Comment date:
2011-02-15 23:29:51 (UTC)
Tags: Goodware, behaveslike

Was this comment helpful? Yes (5) | No (0) | Report abuse
Prev12Next



Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
Goodware
Malware
Spam attachment/link

P2P download
Propagating via IM
Network worm

Drive-by-download






ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com - TOS & Privacy Policy
19 Avril 2011 09:31:55

frederix a dit :
Bonjour,

refais correctement la première manip' d' UsbFix : http://www.teamxscript.org/usbfixScan.html

A+


Bonjour,

Voilà je pense l'avoir effectué correctement.

Voici le rapport :

############################## | UsbFix 7.043 | [Recherche]

Utilisateur: Claudius (Administrateur) # CLAUDIUS-PC [ ]
Mis à jour le 06/04/2011 par TeamXscript
Lancé à 09:23:52 | 19/04/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Core(TM) i7 CPU K 875 @ 2.93GHz
CPU 2: Intel(R) Core(TM) i7 CPU K 875 @ 2.93GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
Internet Explorer 9.0.8112.16421

Pare-feu Windows: Activé
RAM -> 4086 Mo
C:\ (%systemdrive%) -> Disque fixe # 463 Go (378 Go libre(s) - 82%) [Ghost 500 Go] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque fixe # 134 Mo (48 Mo libre(s) - 36%) [] # NTFS
G:\ -> Disque fixe # 63 Mo (4 Mo libre(s) - 6%) [] # NTFS
H:\ -> Disque fixe # 119 Go (66 Go libre(s) - 55%) [SSD SATA II 120] # NTFS
I:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [USB 4 GO] # FAT32

################## | Éléments infectieux |


Présent! C:\tmp

################## | Registre |

Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Présent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |


################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
F:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
Z:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

################## | E.O.F |

Merci de ta persévérance.

@+
:hello: 
20 Avril 2011 09:19:45

frederix a dit :
Re,

dernière manip', fais la deuxième d' UsbFix : http://www.teamxscript.org/usbfixNettoyage.html


Bonjour Frederix,

Voici le compte rendu du nettoyage d'UsbFix :

############################## | UsbFix 7.043 | [Suppression]

Utilisateur: Claudius (Administrateur) # CLAUDIUS-PC [ ]
Mis à jour le 06/04/2011 par TeamXscript
Lancé à 09:11:10 | 20/04/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Core(TM) i7 CPU K 875 @ 2.93GHz
CPU 2: Intel(R) Core(TM) i7 CPU K 875 @ 2.93GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
Internet Explorer 9.0.8112.16421

Pare-feu Windows: Activé
RAM -> 4086 Mo
C:\ (%systemdrive%) -> Disque fixe # 463 Go (377 Go libre(s) - 82%) [Ghost 500 Go] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Disque fixe # 134 Mo (50 Mo libre(s) - 37%) [] # NTFS
G:\ -> Disque fixe # 63 Mo (4 Mo libre(s) - 6%) [] # NTFS
H:\ -> Disque fixe # 119 Go (66 Go libre(s) - 55%) [SSD SATA II 120] # NTFS
I:\ -> Disque amovible # 4 Go (4 Go libre(s) - 100%) [USB 4 GO] # FAT32

################## | Éléments infectieux |


Supprimé! C:\$RECYCLE.BIN\S-1-5-18
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-24353398-3523330611-3705775822-1000
Supprimé! F:\$RECYCLE.BIN\S-1-5-21-24353398-3523330611-3705775822-1000
Supprimé! C:\tmp

################## | Registre |

Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |


################## | Listing |

[20/04/2011 - 09:11:42 | SHD ] C:\$RECYCLE.BIN
[15/04/2011 - 19:54:48 | N | 94123] C:\aaw7boot.log
[12/04/2011 - 12:15:40 | N | 17066] C:\Ad-Report-CLEAN[1].txt
[12/04/2011 - 11:01:42 | N | 17523] C:\Ad-Report-SCAN[1].txt
[29/01/2011 - 23:09:22 | D ] C:\ATI
[12/04/2011 - 21:39:33 | RAD ] C:\Autorun.inf
[20/01/2011 - 18:58:01 | N | 635867] C:\BESR2010PatchLog.txt
[16/04/2011 - 19:37:51 | N | 30880] C:\ComboFix.txt
[17/04/2011 - 12:04:46 | D ] C:\Comptes
[20/04/2011 - 09:03:28 | D ] C:\Config.Msi
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[24/01/2011 - 11:55:59 | D ] C:\found.000
[30/01/2011 - 00:22:16 | D ] C:\Intel
[13/11/2010 - 09:50:30 | N | 528] C:\MediaID.bin
[02/04/2011 - 09:24:00 | RD ] C:\MSOCache
[02/04/2011 - 19:45:41 | D ] C:\New Folder
[19/02/2011 - 11:25:36 | D ] C:\NVIDIA
[20/04/2011 - 08:30:30 | ASH | 4284243968] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[20/04/2011 - 09:02:25 | D ] C:\Program Files
[20/04/2011 - 09:02:24 | D ] C:\Program Files (x86)
[17/04/2011 - 09:35:27 | D ] C:\ProgramData
[16/04/2011 - 19:37:53 | D ] C:\Qoobox
[01/12/2010 - 01:18:54 | D ] C:\Recovery
[12/04/2011 - 08:23:21 | D ] C:\rsit
[19/04/2011 - 10:48:55 | SHD ] C:\System Volume Information
[05/12/2010 - 20:37:37 | D ] C:\TEMP
[20/04/2011 - 09:11:43 | D ] C:\UsbFix
[20/04/2011 - 09:11:12 | A | 2980] C:\UsbFix.txt
[12/04/2011 - 21:39:41 | N | 15350083] C:\UsbFix_Upload_Me_CLAUDIUS-PC.zip
[01/12/2010 - 01:19:04 | D ] C:\Users
[20/01/2011 - 20:10:51 | D ] C:\VProRecovery
[19/04/2011 - 03:40:31 | D ] C:\Windows
[20/04/2011 - 09:11:42 | D ] F:\$RECYCLE.BIN
[12/04/2011 - 21:39:33 | RAD ] F:\Autorun.inf
[27/02/2011 - 10:44:21 | D ] F:\Boot
[20/11/2010 - 14:40:07 | RASH | 383786] F:\bootmgr
[01/12/2010 - 01:07:17 | N | 8192] F:\BOOTSECT.BAK
[09/12/2009 - 16:47:54 | N | 203836] F:\grldr
[30/11/2010 - 17:26:51 | D ] F:\Search
[09/01/2011 - 11:04:47 | SHD ] F:\System Volume Information
[09/12/2009 - 16:47:55 | N | 0] F:\winx.ld
[12/04/2011 - 21:39:34 | RASHD ] Z:\Autorun.inf
[21/03/2011 - 11:20:02 | ASH | 145920] Z:\Thumbs.db

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
F:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
Z:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_CLAUDIUS-PC.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.

################## | E.O.F |

Espérons que tout va bien

@+ :hello: 
20 Avril 2011 13:25:32

chicu a dit :
> ################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_CLAUDIUS-PC.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.


Bonjour,

> ;) 

Comment va ta machine?

A+
20 Avril 2011 17:29:14

frederix a dit :
Bonjour,

> ;) 

Comment va ta machine?

A+


Re Frederix,

Ma machine va très bien.

Le system est vif comme il n'a jamais été.

Que demande le peuple ?

Encore Merci

A+ :bounce: 
21 Avril 2011 09:07:10

Bonjour,

si tout est ok :

* Je te conseille de défragmenter ton Pc.
* Il est fortement recommandé d' avoir tous ses logiciels à jour.
* Tu peux supprimer ceux que nous avons utilisés (fais démarrer>Exécuter puis tape ComboFix /uninstall>Ok, RSIT, Ad-Remover, UsbFix...) traitant d' infections spécifiques.
* Garde Malwarebytes' Anti-Malware et CCleaner.

-----------------------------------------------------------------------------------------------------------------------------------

Maintenant que ta machine n' est plus infectée, désactive/réactive la Restauration du système : http://www.infos-du-net.com/forum/297053-11-tuto-desact...

-----------------------------------------------------------------------------------------------------------------------------------

Pour la sécurité de ton Pc, prends quelques minutes pour lire :
http://www.infos-du-net.com/forum/275481-11-dossier-pre...

-----------------------------------------------------------------------------------------------------------------------------------

Dénonce stv ton infection en postant sur Malware-Complaints :

- Règles du forum : http://www.malwarecomplaints.info/viewtopic.php?t=5
- Enregistre-toi à l' aide du bouton Register
- Choisis I Agree to these terms and am over or exactly 13 years of age

Indique aussi le nom du forum qui t' a aidé, Idn.

-----------------------------------------------------------------------------------------------------------------------------------

Marque ton sujet en (Résolu).

A+
24 Avril 2011 10:23:12

frederix a dit :
Bonjour,

si tout est ok :

* Je te conseille de défragmenter ton Pc.
* Il est fortement recommandé d' avoir tous ses logiciels à jour.
* Tu peux supprimer ceux que nous avons utilisés (fais démarrer>Exécuter puis tape ComboFix /uninstall>Ok, RSIT, Ad-Remover, UsbFix...) traitant d' infections spécifiques.
* Garde Malwarebytes' Anti-Malware et CCleaner.

-----------------------------------------------------------------------------------------------------------------------------------

Maintenant que ta machine n' est plus infectée, désactive/réactive la Restauration du système : http://www.infos-du-net.com/forum/297053-11-tuto-desact...

-----------------------------------------------------------------------------------------------------------------------------------

Pour la sécurité de ton Pc, prends quelques minutes pour lire :
http://www.infos-du-net.com/forum/275481-11-dossier-pre...

-----------------------------------------------------------------------------------------------------------------------------------

Dénonce stv ton infection en postant sur Malware-Complaints :

- Règles du forum : http://www.malwarecomplaints.info/viewtopic.php?t=5
- Enregistre-toi à l' aide du bouton Register
- Choisis I Agree to these terms and am over or exactly 13 years of age

Indique aussi le nom du forum qui t' a aidé, Idn.

-----------------------------------------------------------------------------------------------------------------------------------

Marque ton sujet en (Résolu).

A+


Encore merci,

J'ai lu dossier le dossier-prévention-protection, Toujours beaucoup de choses à apprendre.

Sur Malware-Complaints il parait que je suis déjà enregistré, mais sous quel nom ?

Je vais marquer le sujet résolu, et j'espère ne plus avoir besoin de ton aide........

Bonne continuation,

Chicu
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS