Se connecter / S'enregistrer
Votre question
Résolu

Hijackthis : Connexion Internet tres tres lente

Tags :
  • Connexion
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Mai 2010 00:11:01

J'ai un gros probleme avec mon PC.

Depuis plus de 2 semaines, le debit/temps de reponse de ma connexion Bluewin ADSL est vraiment tres tres lent.

Je pense que j'ai des problemes avec les virus malgre mes multiples scans aves les antivirus.

Auriez-vous l'amabilite de me rendre une precieuse aide.
D'avance, merci beaucoup.

Ci-apres le log de HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:10:09, on 17.05.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtect.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\DOCUME~1\Hung\LOCALS~1\Temp\clclean.0001
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe
C:\Program Files\Vpskeys\VPSKEYS.EXE
C:\Program Files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe
C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\PC Speed Maximizer\SPMTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\NETGEAR\WG111T\wlan111t.exe
C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\mRouterRuntime.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\ConnMngMntBox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
M:\Download\10 - Just downloaded\40 - Software\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: SBCONVERT - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\PROGRA~1\SearchPredict\SearchPredict.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SpeedBit Video Downloader\Toolbar\grabber.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)
O3 - Toolbar: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [InternetCalls] "C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKCU\..\Run: [VPSKEYS] C:\Program Files\Vpskeys\VPSKEYS.EXE
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SmsDiscount] "C:\Program Files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe" -nosplash -minimized
O4 - HKCU\..\Run: [SpeedConnectStartUp] C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files\PC Speed Maximizer\SPMTray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = ?
O4 - Global Startup: Phone Connection Monitor.lnk = C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\MegaUpload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0...
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FolderProtectService - Unknown owner - C:\Program Files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
O24 - Desktop Component 1: Yahoo! - http://www.yahoo.com/

--
End of file - 19647 bytes

Autres pages sur : hijackthis connexion internet tres tres lente

18 Mai 2010 11:59:47

lu,
à supprimer :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb

O2 - BHO: (no name) - AutorunsDisabled - (no file)

O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)

O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe

O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe

beaucoup de choses comme tu peux le voir... ca devrait aller mieux ensuite, tu as beaucoup de toolbar à ce que j'ai pu voir, met-en le minimum parce que c'est l'idéal pour ralentir un navigateur web...
m
0
l
20 Mai 2010 21:34:38

Salut Couguar,

Je t'en remercie beaucoup de ton aide.

J'avais fait ce que tu m'as demande mais malheureusement le debit ADSL Swisscom continue toujours de ramer.

J'ai remarque que si j'eteinds le PC ET mon modem, mon routeur TOUTE LA NUIT et que si je reparte le matin suivant, le debit pourrait atteindre
la 1ere fois a 4024 Kbps (avec Speed Connect Connection Tester) puis il chute drastiquement pour atteindre 10, 15 minutes apres a
a 80kbps, voire nulle !!!

As-tu une meilleure idee ?

D'avance, merci.


Ci-apres le log de HiJackThis apres les delete :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:49:49, on 20.05.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtect.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\DOCUME~1\Hung\LOCALS~1\Temp\clclean.0001
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe
C:\Program Files\Vpskeys\VPSKEYS.EXE
C:\Program Files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe
C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\PC Speed Maximizer\SPMTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\NETGEAR\WG111T\wlan111t.exe
C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\mRouterRuntime.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\ConnMngMntBox.exe
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
M:\Download\10 - Just downloaded\40 - Software\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)
O2 - BHO: SBCONVERT - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\PROGRA~1\SearchPredict\SearchPredict.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SpeedBit Video Downloader\Toolbar\grabber.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O3 - Toolbar: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files\Avanquest_FR\tbAvan.dll
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [InternetCalls] "C:\Program Files\InternetCalls.com\InternetCalls\InternetCalls.exe" -nosplash -minimized
O4 - HKCU\..\Run: [VPSKEYS] C:\Program Files\Vpskeys\VPSKEYS.EXE
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SmsDiscount] "C:\Program Files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe" -nosplash -minimized
O4 - HKCU\..\Run: [SpeedConnectStartUp] C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files\PC Speed Maximizer\SPMTray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = ?
O4 - Global Startup: Phone Connection Monitor.lnk = C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\MegaUpload\Mega Manager\mm_file.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0...
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FolderProtectService - Unknown owner - C:\Program Files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
O24 - Desktop Component 1: Yahoo! - http://www.yahoo.com/

--
End of file - 18437 bytes

m
0
l
Contenus similaires
20 Mai 2010 21:48:55

Bonsoir
  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.


    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Scanner.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\
    m
    0
    l
    21 Mai 2010 10:07:42

    Bonjour Sham_Rock,

    Je te remercie beaucoup de ton aide.

    Comme demande, ci-apres le Ad-Remover log (j'ai du downloader une version anglaise).

    En attendant de tes bonnes nouvelles,
    Ciao et Bonne Journee,



    .
    ======= LOGFILE OF AD-REMOVER 2.0.0.0,D | ONLY XP/VISTA/7 =======
    .
    Updated by C_XX on 19/05/10 à 19:20
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Started: 09:36:37 le 21/05/2010 | Normal boot | Option: SCAN
    Executed from: C:\Ad-Remover\ADR.exe
    OS: Microsoft Windows XP Home Edition (Service Pack 3 - X86)
    Computer name: KHATU2005
    Current user: Hung
    .
    ============== FOUND ELEMENTS ==============
    .
    .
    C:\Documents and Settings\All Users\Start Menu\Programs\WebMediaPlayer
    C:\Documents and Settings\Hung\Application Data\Mozilla\FireFox\Profiles\b827ualb.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    C:\Program Files\AskBarDis
    C:\WINDOWS\Downloaded Program Files\F3initialsetup1.0.1.1.inf
    .
    HKCU\Software\AppDataLow\AskBarDis
    HKCU\Software\Lanconfig
    HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\62119EF862C6B3A0D853419B87EB3E2F6C78640A
    HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
    HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\E6A6A4A475FCE37F8B5AC2F1244DEB2BFCA5615A
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKCU\Software\WebMediaPlayer
    HKLM\Software\AppDataLow\AskBarDis
    HKLM\Software\AskBarDis
    HKLM\Software\Classes\AskIBar.PopSwatterBarButton
    HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1
    HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl
    HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1
    HKLM\Software\Classes\AskToolBar.SettingsPlugin
    HKLM\Software\Classes\AskToolBar.SettingsPlugin.1
    HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
    HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
    HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
    HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
    HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870E}
    HKLM\Software\Classes\ComObject.DeskbarEnabler
    HKLM\Software\Classes\ComObject.DeskbarEnabler.1
    HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery
    HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1
    HKLM\Software\Classes\Interface\{384FE458-A963-450D-9187-EEFF81913FD0}
    HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
    HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
    HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
    HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
    HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870E}
    HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7D}
    HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
    HKLM\Software\Classes\TypeLib\{F0CF944C-F160-4F65-8F0A-2773322FF357}
    HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook
    HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    .
    .
    ============== ADDITIONNAL SCAN ==============
    .
    * Mozilla FireFox Version 3.6.3 (fr) *
    .
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.download.dir: C:\\Documents and Settings\\Hung\\My Documents\\Téléchargements
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.download.lastDir: C:\\Program Files\\Paragon_Software
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.search.defaultenginename: BearShare Web Search
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.search.defaulturl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&SearchSource=3&q={searchTerms}
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.search.selectedEngine: Avanquest FR Customized Web Search
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.startup.homepage: hxxp://www.vnexpress.net/GL/Home/
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&q=
    .
    .
    * Internet Explorer Version 6.0.2900.5512 *
    .
    [HKCU\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.yahoo.com/
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Search Page: hxxp://www.google.com
    Show_ToolBar: yes
    Start Page: hxxp://www.google.com/
    Use Custom Search URL: 1
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.google.com/ie
    Delete_Temp_Files_On_Exit: yes
    Local Page: %SystemRoot%\system32\blank.htm
    Search bar: hxxp://www.google.com/ie
    Search Page: hxxp://www.google.com
    Start Page: hxxp://www.yahoo.com/
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    .
    Blank: res://mshtml.dll/blank.htm
    .
    ========================================
    .
    C:\Ad-Remover\Quarantine: 0 Files
    C:\Ad-Remover\Backup: 0 Files
    .
    C:\Ad-Report-SCAN[1].txt - 478 Byte(s)
    C:\Ad-Report-SCAN[2].txt - 6139 Byte(s)
    .
    End at: 09:47:15, 21/05/2010
    .
    ============== E.O.F - SCAN[2] ==============
    m
    0
    l
    21 Mai 2010 18:06:09

    re
  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Nettoyer.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    [fixed]/!\ Pense à réactiver ton antivirus /!\

    m
    0
    l
    22 Mai 2010 11:53:40

    Salut Sham_Rock

    Tu trouves ci-apres le rapport apres l'execution du Clean.

    Merci et Bonne Journee,

    .
    ======= LOGFILE OF AD-REMOVER 2.0.0.0,D | ONLY XP/VISTA/7 =======
    .
    Updated by C_XX on 19/05/10 à 19:20
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Started: 10:30:27 le 22/05/2010 | Normal boot | Option: CLEAN
    Executed from: C:\Ad-Remover\ADR.exe
    OS: Microsoft Windows XP Home Edition (Service Pack 3 - X86)
    Computer name: KHATU2005
    Current user: Hung
    .
    ============== FIXED ELEMENTS ==============
    .
    .
    C:\Documents and Settings\All Users\Start Menu\Programs\WebMediaPlayer
    C:\Documents and Settings\Hung\Application Data\Mozilla\FireFox\Profiles\b827ualb.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    C:\Program Files\AskBarDis
    C:\WINDOWS\Downloaded Program Files\F3initialsetup1.0.1.1.inf

    (!) -- Deleted temporary files.
    .
    HKCU\Software\AppDataLow\AskBarDis
    HKCU\Software\Lanconfig
    HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
    HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\62119EF862C6B3A0D853419B87EB3E2F6C78640A
    HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
    HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\E6A6A4A475FCE37F8B5AC2F1244DEB2BFCA5615A
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKCU\Software\WebMediaPlayer
    HKLM\Software\AppDataLow\AskBarDis
    HKLM\Software\AskBarDis
    HKLM\Software\Classes\AskIBar.PopSwatterBarButton
    HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1
    HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl
    HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1
    HKLM\Software\Classes\AskToolBar.SettingsPlugin
    HKLM\Software\Classes\AskToolBar.SettingsPlugin.1
    HKLM\Software\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
    HKLM\Software\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
    HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKLM\Software\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
    HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
    HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    HKLM\Software\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870E}
    HKLM\Software\Classes\ComObject.DeskbarEnabler
    HKLM\Software\Classes\ComObject.DeskbarEnabler.1
    HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery
    HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1
    HKLM\Software\Classes\Interface\{384FE458-A963-450D-9187-EEFF81913FD0}
    HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
    HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
    HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
    HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
    HKLM\Software\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870E}
    HKLM\Software\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7D}
    HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
    HKLM\Software\Classes\TypeLib\{F0CF944C-F160-4F65-8F0A-2773322FF357}
    HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook
    HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1
    HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
    HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
    .
    .
    ============== ADDITIONNAL SCAN ==============
    .
    * Mozilla FireFox Version 3.6.3 (fr) *
    .
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.download.dir: C:\\Documents and Settings\\Hung\\My Documents\\Téléchargements
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.download.lastDir: C:\\Program Files\\Paragon_Software
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.search.defaultenginename: BearShare Web Search
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.search.defaulturl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&SearchSource=3&q={searchTerms}
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.startup.homepage: hxxp://www.vnexpress.net/GL/Home/
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.2.3
    C:\Documents and Settings\Hung\..\b827ualb.default\prefs.js - keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&q=
    .
    .
    * Internet Explorer Version 6.0.2900.5512 *
    .
    [HKCU\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Custom Search URL: 1
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: %SystemRoot%\system32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Use Search Asst: no
    .
    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm
    .
    ========================================
    .
    C:\Ad-Remover\Quarantine: 1 Files
    C:\Ad-Remover\Backup: 13 Files
    .
    C:\Ad-Report-CLEAN[1].txt - 6270 Byte(s)
    C:\Ad-Report-SCAN[1].txt - 478 Byte(s)
    C:\Ad-Report-SCAN[2].txt - 6263 Byte(s)
    .
    End at: 10:41:53, 22/05/2010
    .
    ============== E.O.F - CLEAN[1] ==============
    m
    0
    l
    22 Mai 2010 14:33:18

    re
    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
    Une fois l'installation et la mise à jour effectuées :
  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    ~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    ~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.


    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    Note : Si tu ne parviens à télécharger MBAM à partir de MajorGeeks, tu peux le télécharger ici!

    [#FF0000]Aide
    :
  • Comment utiliser MBAM.

    +++
    m
    0
    l
    23 Mai 2010 11:22:25

    Salut Sham_Rock,

    Grace a toi et a MBAM, j'ai pu tuer un cheval de Troie comme inclus le rapport ci -apres.
    Malheureusement, apres 15 mn de test avec internet, le temps de reponse reste toujours tres tres lent.

    As-tu une autre idee ?
    Je pense que je sois oblige de re-installer mon Windows ce soir.

    Merci beaucoup de ton aide,


    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4073

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 6.0.2900.5512

    22.05.2010 17:15:18
    mbam-log-2010-05-22 (17-15-18).txt

    Scan type: Full scan (C:\|K:\|L:\|M:\|)
    Objects scanned: 265938
    Time elapsed: 1 hour(s), 29 minute(s), 22 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\Program Files\Universal Share Downloader\Methode\NL\test.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    m
    0
    l
    23 Mai 2010 23:14:48

    re
    Désactive ton antivirus et tout autre type de protection.
    Télécharge ComboFix de sUBs :
    ComboFix.exe
    et sauvegarde le sur ton bureau et pas ailleurs!

    Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
    clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

    viens sur le forum et édition "coller"

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer



    m
    0
    l
    24 Mai 2010 10:13:19

    Je te remets ci-joint le rapport de ComboFix.

    Veuilles-bien noter que le Microsoft Windows Recovery Module n'est pas pu etre downloade.

    Merci beaucoup de ton aide et de ta patience.


    ComboFix 10-05-23.06 - Hung 24.05.2010 9:32.1.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1498 [GMT 2:00]
    Running from: c:\documents and settings\Hung\My Documents\Téléchargements\ComboFix.exe
    AV: BitDefender Antivirus *On-access scanning disabled* (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
    FW: BitDefender Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\desktop.ini
    c:\documents and settings\All Users\Application Data\hpe2F.dll
    c:\documents and settings\All Users\Start Menu\HP Image Zone .lnk
    c:\documents and settings\Hung\Application Data\chrtmp
    c:\documents and settings\Hung\Application Data\inst.exe
    c:\windows\system32\bISrCcfe.ini
    c:\windows\system32\bISrCcfe.ini2
    c:\windows\system32\ceLRtBeg.ini
    c:\windows\system32\ceLRtBeg.ini2
    c:\windows\system32\Data
    c:\windows\system32\Dgfedccf.ini
    c:\windows\system32\dLnXwGgh.ini
    c:\windows\system32\dLnXwGgh.ini2
    c:\windows\system32\drivers\etc\lmhosts
    c:\windows\system32\ffMVxyay.ini
    c:\windows\system32\ffMVxyay.ini2
    c:\windows\system32\GilUxyxx.ini
    c:\windows\system32\GilUxyxx.ini2
    c:\windows\system32\GNnqYcdd.ini
    c:\windows\system32\GNnqYcdd.ini2
    c:\windows\system32\HiRrAcdd.ini
    c:\windows\system32\HiRrAcdd.ini2
    c:\windows\system32\IRtCdMoq.ini
    c:\windows\system32\IRtCdMoq.ini2
    c:\windows\system32\lnXxwyxx.ini
    c:\windows\system32\lnXxwyxx.ini2
    c:\windows\system32\mTssDfhk.ini
    c:\windows\system32\NWxEhkkj.ini
    c:\windows\system32\slootniw01.dll
    c:\windows\system32\tuFLmnmp.ini
    c:\windows\system32\tuFLmnmp.ini2
    c:\windows\system32\uDfLnUvw.ini
    c:\windows\system32\uDfLnUvw.ini2

    .
    ((((((((((((((((((((((((( Files Created from 2010-04-24 to 2010-05-24 )))))))))))))))))))))))))))))))
    .

    2010-05-23 14:34 . 2010-05-23 14:34 61440 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-67109e5d-n\decora-sse.dll
    2010-05-23 14:34 . 2010-05-23 14:34 12800 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-67109e5d-n\decora-d3d.dll
    2010-05-21 07:30 . 2010-05-22 08:41 -------- d-----w- C:\Ad-Remover
    2010-05-20 13:33 . 2010-05-20 13:33 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Avanquest_FR
    2010-05-15 15:39 . 2010-05-15 15:39 503808 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2bcbbce4-n\msvcp71.dll
    2010-05-15 15:39 . 2010-05-15 15:39 499712 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2bcbbce4-n\jmc.dll
    2010-05-15 15:39 . 2010-05-15 15:39 348160 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2bcbbce4-n\msvcr71.dll
    2010-05-15 15:39 . 2010-05-15 15:39 61440 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2cc1f619-n\decora-sse.dll
    2010-05-15 15:39 . 2010-05-15 15:39 12800 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2cc1f619-n\decora-d3d.dll
    2010-05-15 15:37 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
    2010-05-08 22:50 . 2010-05-08 22:50 -------- d-----w- c:\windows\system32\InstallShield Installation Information
    2010-05-08 07:52 . 2010-05-08 07:52 -------- d-----w- c:\documents and settings\Hung\Application Data\PC Speed Maximizer
    2010-05-08 07:52 . 2010-05-08 07:52 -------- d-----w- c:\program files\PC Speed Maximizer
    2010-05-08 07:49 . 2010-05-08 07:49 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\Conduit
    2010-05-08 07:49 . 2010-05-08 17:33 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\Avanquest_FR
    2010-05-08 07:49 . 2010-05-08 07:49 -------- d-----w- c:\program files\Avanquest_FR
    2010-05-08 07:49 . 2010-05-08 07:49 -------- d-----w- c:\program files\Conduit
    2010-05-07 09:27 . 2010-05-06 22:13 15880 ----a-w- c:\windows\system32\lsdelete.exe
    2010-05-06 22:14 . 2010-02-04 15:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2010-05-06 21:56 . 2010-05-06 21:56 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
    2010-05-06 21:56 . 2010-02-04 15:53 2954656 -c--a-w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
    2010-05-06 21:56 . 2010-05-17 13:06 63488 ----a-w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
    2010-05-06 21:56 . 2010-05-06 21:56 52224 ----a-w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
    2010-05-06 21:56 . 2010-05-17 13:06 117760 ----a-w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
    2010-05-06 21:48 . 2010-05-06 21:48 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
    2010-05-06 21:48 . 2010-05-08 06:58 -------- d-----w- c:\program files\SUPERAntiSpyware
    2010-05-06 21:48 . 2010-05-06 21:48 -------- d-----w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com
    2010-05-06 21:24 . 2010-05-06 21:24 -------- d-----w- c:\documents and settings\Hung\Application Data\Malwarebytes
    2010-05-06 21:24 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-05-06 21:24 . 2010-05-06 21:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-05-06 21:24 . 2010-05-06 21:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2010-05-06 21:24 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-05-06 17:03 . 2010-05-06 17:03 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\Real
    2010-05-05 21:44 . 2010-05-05 21:44 -------- d-----w- c:\documents and settings\All Users\Application Data\141C5
    2010-05-05 21:41 . 2010-05-05 21:42 -------- d-----w- c:\documents and settings\Hung\Application Data\bearsharemediabartb
    2010-05-05 21:40 . 2010-05-05 21:44 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\BearShare
    2010-05-05 21:40 . 2010-05-05 22:03 -------- d-----w- c:\program files\BearShare Applications
    2010-05-05 21:02 . 2010-05-12 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel
    2010-05-05 20:11 . 2010-04-21 15:00 40560 ----a-w- c:\windows\system32\drivers\hotcore3.sys
    2010-05-05 20:10 . 2010-05-05 20:14 -------- d-----w- c:\program files\Paragon_Software
    2010-05-05 19:11 . 2010-05-05 19:11 -------- d-----w- c:\documents and settings\All Users\Application Data\explauncher
    2010-05-05 18:33 . 2010-05-05 19:09 -------- d-----w- c:\program files\Paragon
    2010-04-27 21:31 . 2010-04-27 21:32 -------- d-----w- c:\program files\iCare Format Recovery Software
    2010-04-26 19:37 . 2010-04-26 19:37 181096 ----a-w- c:\documents and settings\Hung\Application Data\Mozilla\Firefox\Profiles\b827ualb.default\FlashGot.exe

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-05-23 18:27 . 2007-11-20 23:05 -------- d-----w- c:\documents and settings\Hung\Application Data\Azureus
    2010-05-23 08:37 . 2009-05-22 06:31 -------- d-----w- c:\program files\Universal Share Downloader
    2010-05-17 12:52 . 2009-08-20 07:27 3421392 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2010-05-16 21:35 . 2010-04-19 08:31 -------- d-----w- c:\program files\Corel
    2010-05-16 21:35 . 2007-12-07 20:57 -------- d-----w- c:\program files\InterVideo
    2010-05-16 21:14 . 2007-06-03 19:53 -------- d-----w- c:\documents and settings\Hung\Application Data\DMCache
    2010-05-16 21:05 . 2008-10-25 08:28 -------- d-----w- c:\program files\Internet Download Manager
    2010-05-16 21:00 . 2008-09-20 05:36 -------- d-----w- c:\program files\UTILITIES
    2010-05-16 15:34 . 2010-03-26 14:16 -------- d-----w- c:\documents and settings\Hung\Application Data\Software Informer
    2010-05-15 21:11 . 2008-06-01 16:51 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
    2010-05-15 19:03 . 2007-01-02 18:08 -------- d-----w- c:\program files\Zone Labs
    2010-05-15 15:38 . 2006-04-07 17:26 -------- d-----w- c:\program files\Common Files\Java
    2010-05-15 15:37 . 2006-04-07 17:26 -------- d-----w- c:\program files\Java
    2010-05-15 13:10 . 2007-10-28 09:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
    2010-05-14 20:14 . 2007-01-03 23:25 -------- d-----w- c:\program files\Google
    2010-05-14 06:59 . 2008-10-29 22:42 -------- d-----w- c:\documents and settings\Hung\Application Data\Free Download Manager
    2010-05-12 21:21 . 2010-04-19 13:36 440624 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
    2010-05-12 20:07 . 2006-04-07 17:31 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-05-12 07:00 . 2009-10-12 13:41 -------- d-----w- c:\program files\SG TCP
    2010-05-06 22:13 . 2009-11-23 10:23 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-05-06 21:56 . 2007-02-03 06:47 -------- d-----w- c:\program files\Lavasoft
    2010-05-06 21:56 . 2008-03-17 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
    2010-05-06 21:47 . 2008-08-27 15:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
    2010-05-06 17:02 . 2010-05-06 17:02 49152 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
    2010-05-06 17:02 . 2010-05-06 17:02 308808 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
    2010-05-06 17:02 . 2010-05-06 17:02 14848 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    2010-05-06 17:02 . 2010-05-06 17:02 40960 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
    2010-05-06 17:02 . 2010-05-06 17:02 341600 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    2010-05-06 17:02 . 2009-01-25 18:43 -------- d-----w- c:\program files\Common Files\Real
    2010-05-06 17:02 . 2010-05-06 17:01 -------- d-----w- c:\program files\real
    2010-05-06 17:02 . 2010-05-06 17:02 -------- d-----w- c:\program files\Common Files\xing shared
    2010-05-05 21:06 . 2009-01-25 18:46 5018 -csha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
    2010-05-05 21:06 . 2009-01-25 18:46 5018 -csha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
    2010-05-05 21:05 . 2009-01-25 18:46 168 -csh--r- c:\documents and settings\All Users\Application Data\EBE7AD504F.sys
    2010-05-05 21:05 . 2009-01-25 18:46 168 -csh--r- c:\documents and settings\All Users\Application Data\EBE7AD504F.sys
    2010-05-05 20:27 . 2007-01-09 22:50 -------- d-----w- c:\documents and settings\Hung\Application Data\Vso
    2010-05-05 20:13 . 2010-05-05 20:13 20336 ----a-w- c:\program files\Product Registration.pdf
    2010-05-05 16:48 . 2008-05-15 22:13 -------- d-----w- c:\documents and settings\All Users\Application Data\1Click DVD Copy Pro
    2010-05-05 09:20 . 2010-04-08 17:16 -------- d-----w- c:\documents and settings\Hung\Application Data\Thinstall
    2010-05-05 09:20 . 2010-04-08 17:13 -------- d-----w- c:\program files\CBS Software
    2010-05-04 22:11 . 2008-11-28 13:48 -------- d-----w- c:\program files\BitComet
    2010-05-04 21:57 . 2007-10-13 17:28 -------- d-----w- c:\program files\Lambda
    2010-05-03 21:28 . 2008-09-14 17:24 214448 -c--a-w- c:\documents and settings\Hung\Application Data\IDMidmmzcc2\components\idmmzcc.dll
    2010-05-03 05:32 . 2010-01-28 16:51 -------- d-----w- c:\program files\GRETECH
    2010-05-02 22:17 . 2010-04-18 15:41 -------- d-----w- c:\documents and settings\Hung\Application Data\Godlike
    2010-05-02 21:21 . 2010-03-11 21:11 -------- d-----w- c:\program files\DAP
    2010-05-02 21:21 . 2010-03-11 21:11 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit
    2010-04-30 20:09 . 2008-10-26 11:54 -------- d-----w- c:\documents and settings\Hung\Application Data\dvdcss
    2010-04-30 20:09 . 2010-01-28 15:59 -------- d-----w- c:\program files\ALLPlayer
    2010-04-21 15:00 . 2010-04-21 15:00 4254224 ----a-w- c:\windows\system32\qtp-mt334.dll
    2010-04-21 15:00 . 2010-04-21 15:00 249872 ----a-w- c:\windows\system32\prgiso.dll
    2010-04-21 15:00 . 2010-04-21 15:00 385544 ----a-w- c:\windows\system32\drivers\Uim_IM.sys
    2010-04-21 15:00 . 2010-04-21 15:00 34392 ----a-w- c:\windows\system32\drivers\UimBus.sys
    2010-04-21 15:00 . 2010-04-21 15:00 261416 ----a-w- c:\windows\system32\drivers\UimFIO.sys
    2010-04-19 13:35 . 2007-01-02 18:13 8224 -c--a-w- c:\documents and settings\Hung\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-04-19 13:27 . 2009-01-29 12:54 -------- d-----w- c:\program files\QuickTime
    2010-04-19 13:24 . 2008-05-05 12:34 -------- d-----w- c:\program files\Common Files\Apple
    2010-04-19 09:34 . 2010-04-19 09:31 -------- d-----w- c:\documents and settings\All Users\Application Data\RealHideIP
    2010-04-19 09:31 . 2010-04-19 09:31 -------- d-----w- c:\documents and settings\Hung\Application Data\RealHideIP
    2010-04-19 06:39 . 2010-04-18 16:58 -------- d-----w- c:\documents and settings\All Users\Application Data\SuperHideIP
    2010-04-18 16:58 . 2010-04-18 16:58 -------- d-----w- c:\documents and settings\Hung\Application Data\SuperHideIP
    2010-04-18 16:57 . 2010-04-18 16:55 -------- d-----w- c:\program files\SuperHideIP
    2010-04-18 16:41 . 2009-03-13 05:44 -------- d-----w- c:\documents and settings\Hung\Application Data\LimeWire
    2010-04-18 16:40 . 2008-08-25 18:54 -------- d-----w- c:\program files\Spyware Doctor
    2010-04-18 16:40 . 2008-05-06 18:05 -------- d-----w- c:\program files\NETGEAR
    2010-04-18 16:40 . 2006-04-07 17:36 -------- d-----w- c:\program files\Microsoft Works
    2010-04-18 16:40 . 2009-11-07 07:43 -------- d-----w- c:\program files\Free MKV Video2Dvd
    2010-04-18 16:40 . 2007-06-30 06:19 -------- d-----w- c:\program files\FlashGet
    2010-04-18 16:40 . 2007-11-20 22:26 -------- d-----w- c:\program files\Azureus
    2010-04-18 16:40 . 2010-01-30 13:03 -------- d-----w- c:\program files\adslTV
    2010-04-18 15:31 . 2010-04-16 14:08 -------- d-----w- c:\program files\WinTools Software
    2010-04-13 13:26 . 2010-04-13 12:55 -------- d-----w- c:\program files\1AVCenter
    2010-04-13 12:55 . 2010-04-13 12:53 -------- d-----w- c:\program files\PCWinSoft
    2010-04-12 14:07 . 2010-04-12 14:07 -------- d-----w- c:\program files\Flash Recovery Toolbox
    2010-04-08 17:16 . 2010-04-08 17:16 4596336 ----a-w- c:\windows\SpeedConnect Internet Accelerator full.exe
    2010-04-08 17:12 . 2010-04-08 17:12 2019912 ----a-w- c:\windows\SpeedConnect_Setup.exe
    2010-04-06 23:58 . 2010-04-06 23:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
    2010-03-26 14:58 . 2010-03-26 14:14 -------- d-----w- c:\program files\SIW
    2010-03-26 14:16 . 2010-03-26 14:16 -------- d-----w- c:\program files\Software Informer
    2010-03-09 11:09 . 2004-08-10 11:51 430080 ----a-w- c:\windows\system32\vbscript.dll
    2010-03-04 17:23 . 2010-03-04 17:15 71241 ----a-w- c:\windows\hpqins04.dat
    2010-03-04 16:07 . 2010-03-04 16:07 3584 ----a-r- c:\documents and settings\Hung\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
    2010-02-26 05:43 . 2004-08-10 11:51 667136 ----a-w- c:\windows\system32\wininet.dll
    2010-02-26 05:43 . 2004-08-10 11:51 81920 ----a-w- c:\windows\system32\ieencode.dll
    2010-02-24 13:11 . 2006-04-07 17:11 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2008-09-29 06:17 . 2008-09-01 15:32 782 -c--a-w- c:\program files\mwsbar.zip
    2007-12-08 21:50 . 2007-12-08 21:49 1672201 -c--a-w- c:\program files\Matroska_Playback_Pack_0.5.exe
    2009-12-01 09:51 . 2008-09-03 13:56 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
    2010-01-02 13:31 . 2010-01-02 13:25 48 --sh--w- c:\windows\SF6680608.tmp
    .

    ------- Sigcheck -------

    [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
    [-] 2008-04-13 18:40 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
    [7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
    [7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
    [7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}"= "c:\program files\Avanquest_FR\tbAvan.dll" [2009-12-31 2349080]

    [HKEY_CLASSES_ROOT\clsid\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
    2010-03-11 21:10 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
    2010-02-28 09%3
    m
    0
    l
    24 Mai 2010 14:09:35

    Salut Sham_Rock,

    Mille excuses : J'ai realise avec retard que la transmission du rapport ne s'est pas tres bien terminee.

    Je t'envoie ci-joint le rapport en son complet.


    Merci beaucoup de ton aide,





    ComboFix 10-05-23.06 - Hung 24.05.2010 9:32.1.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1498 [GMT 2:00]
    Running from: c:\documents and settings\Hung\My Documents\Téléchargements\ComboFix.exe
    AV: BitDefender Antivirus *On-access scanning disabled* (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
    FW: BitDefender Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\desktop.ini
    c:\documents and settings\All Users\Application Data\hpe2F.dll
    c:\documents and settings\All Users\Start Menu\HP Image Zone .lnk
    c:\documents and settings\Hung\Application Data\chrtmp
    c:\documents and settings\Hung\Application Data\inst.exe
    c:\windows\system32\bISrCcfe.ini
    c:\windows\system32\bISrCcfe.ini2
    c:\windows\system32\ceLRtBeg.ini
    c:\windows\system32\ceLRtBeg.ini2
    c:\windows\system32\Data
    c:\windows\system32\Dgfedccf.ini
    c:\windows\system32\dLnXwGgh.ini
    c:\windows\system32\dLnXwGgh.ini2
    c:\windows\system32\drivers\etc\lmhosts
    c:\windows\system32\ffMVxyay.ini
    c:\windows\system32\ffMVxyay.ini2
    c:\windows\system32\GilUxyxx.ini
    c:\windows\system32\GilUxyxx.ini2
    c:\windows\system32\GNnqYcdd.ini
    c:\windows\system32\GNnqYcdd.ini2
    c:\windows\system32\HiRrAcdd.ini
    c:\windows\system32\HiRrAcdd.ini2
    c:\windows\system32\IRtCdMoq.ini
    c:\windows\system32\IRtCdMoq.ini2
    c:\windows\system32\lnXxwyxx.ini
    c:\windows\system32\lnXxwyxx.ini2
    c:\windows\system32\mTssDfhk.ini
    c:\windows\system32\NWxEhkkj.ini
    c:\windows\system32\slootniw01.dll
    c:\windows\system32\tuFLmnmp.ini
    c:\windows\system32\tuFLmnmp.ini2
    c:\windows\system32\uDfLnUvw.ini
    c:\windows\system32\uDfLnUvw.ini2

    .
    ((((((((((((((((((((((((( Files Created from 2010-04-24 to 2010-05-24 )))))))))))))))))))))))))))))))
    .

    2010-05-23 14:34 . 2010-05-23 14:34 61440 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-67109e5d-n\decora-sse.dll
    2010-05-23 14:34 . 2010-05-23 14:34 12800 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-67109e5d-n\decora-d3d.dll
    2010-05-21 07:30 . 2010-05-22 08:41 -------- d-----w- C:\Ad-Remover
    2010-05-20 13:33 . 2010-05-20 13:33 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Avanquest_FR
    2010-05-15 15:39 . 2010-05-15 15:39 503808 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2bcbbce4-n\msvcp71.dll
    2010-05-15 15:39 . 2010-05-15 15:39 499712 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2bcbbce4-n\jmc.dll
    2010-05-15 15:39 . 2010-05-15 15:39 348160 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2bcbbce4-n\msvcr71.dll
    2010-05-15 15:39 . 2010-05-15 15:39 61440 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2cc1f619-n\decora-sse.dll
    2010-05-15 15:39 . 2010-05-15 15:39 12800 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2cc1f619-n\decora-d3d.dll
    2010-05-15 15:37 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
    2010-05-08 22:50 . 2010-05-08 22:50 -------- d-----w- c:\windows\system32\InstallShield Installation Information
    2010-05-08 07:52 . 2010-05-08 07:52 -------- d-----w- c:\documents and settings\Hung\Application Data\PC Speed Maximizer
    2010-05-08 07:52 . 2010-05-08 07:52 -------- d-----w- c:\program files\PC Speed Maximizer
    2010-05-08 07:49 . 2010-05-08 07:49 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\Conduit
    2010-05-08 07:49 . 2010-05-08 17:33 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\Avanquest_FR
    2010-05-08 07:49 . 2010-05-08 07:49 -------- d-----w- c:\program files\Avanquest_FR
    2010-05-08 07:49 . 2010-05-08 07:49 -------- d-----w- c:\program files\Conduit
    2010-05-07 09:27 . 2010-05-06 22:13 15880 ----a-w- c:\windows\system32\lsdelete.exe
    2010-05-06 22:14 . 2010-02-04 15:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2010-05-06 21:56 . 2010-05-06 21:56 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
    2010-05-06 21:56 . 2010-02-04 15:53 2954656 -c--a-w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
    2010-05-06 21:56 . 2010-05-17 13:06 63488 ----a-w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
    2010-05-06 21:56 . 2010-05-06 21:56 52224 ----a-w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
    2010-05-06 21:56 . 2010-05-17 13:06 117760 ----a-w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
    2010-05-06 21:48 . 2010-05-06 21:48 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
    2010-05-06 21:48 . 2010-05-08 06:58 -------- d-----w- c:\program files\SUPERAntiSpyware
    2010-05-06 21:48 . 2010-05-06 21:48 -------- d-----w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com
    2010-05-06 21:24 . 2010-05-06 21:24 -------- d-----w- c:\documents and settings\Hung\Application Data\Malwarebytes
    2010-05-06 21:24 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-05-06 21:24 . 2010-05-06 21:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-05-06 21:24 . 2010-05-06 21:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2010-05-06 21:24 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-05-06 17:03 . 2010-05-06 17:03 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\Real
    2010-05-05 21:44 . 2010-05-05 21:44 -------- d-----w- c:\documents and settings\All Users\Application Data\141C5
    2010-05-05 21:41 . 2010-05-05 21:42 -------- d-----w- c:\documents and settings\Hung\Application Data\bearsharemediabartb
    2010-05-05 21:40 . 2010-05-05 21:44 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\BearShare
    2010-05-05 21:40 . 2010-05-05 22:03 -------- d-----w- c:\program files\BearShare Applications
    2010-05-05 21:02 . 2010-05-12 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel
    2010-05-05 20:11 . 2010-04-21 15:00 40560 ----a-w- c:\windows\system32\drivers\hotcore3.sys
    2010-05-05 20:10 . 2010-05-05 20:14 -------- d-----w- c:\program files\Paragon_Software
    2010-05-05 19:11 . 2010-05-05 19:11 -------- d-----w- c:\documents and settings\All Users\Application Data\explauncher
    2010-05-05 18:33 . 2010-05-05 19:09 -------- d-----w- c:\program files\Paragon
    2010-04-27 21:31 . 2010-04-27 21:32 -------- d-----w- c:\program files\iCare Format Recovery Software
    2010-04-26 19:37 . 2010-04-26 19:37 181096 ----a-w- c:\documents and settings\Hung\Application Data\Mozilla\Firefox\Profiles\b827ualb.default\FlashGot.exe

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-05-23 18:27 . 2007-11-20 23:05 -------- d-----w- c:\documents and settings\Hung\Application Data\Azureus
    2010-05-23 08:37 . 2009-05-22 06:31 -------- d-----w- c:\program files\Universal Share Downloader
    2010-05-17 12:52 . 2009-08-20 07:27 3421392 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2010-05-16 21:35 . 2010-04-19 08:31 -------- d-----w- c:\program files\Corel
    2010-05-16 21:35 . 2007-12-07 20:57 -------- d-----w- c:\program files\InterVideo
    2010-05-16 21:14 . 2007-06-03 19:53 -------- d-----w- c:\documents and settings\Hung\Application Data\DMCache
    2010-05-16 21:05 . 2008-10-25 08:28 -------- d-----w- c:\program files\Internet Download Manager
    2010-05-16 21:00 . 2008-09-20 05:36 -------- d-----w- c:\program files\UTILITIES
    2010-05-16 15:34 . 2010-03-26 14:16 -------- d-----w- c:\documents and settings\Hung\Application Data\Software Informer
    2010-05-15 21:11 . 2008-06-01 16:51 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
    2010-05-15 19:03 . 2007-01-02 18:08 -------- d-----w- c:\program files\Zone Labs
    2010-05-15 15:38 . 2006-04-07 17:26 -------- d-----w- c:\program files\Common Files\Java
    2010-05-15 15:37 . 2006-04-07 17:26 -------- d-----w- c:\program files\Java
    2010-05-15 13:10 . 2007-10-28 09:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
    2010-05-14 20:14 . 2007-01-03 23:25 -------- d-----w- c:\program files\Google
    2010-05-14 06:59 . 2008-10-29 22:42 -------- d-----w- c:\documents and settings\Hung\Application Data\Free Download Manager
    2010-05-12 21:21 . 2010-04-19 13:36 440624 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
    2010-05-12 20:07 . 2006-04-07 17:31 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-05-12 07:00 . 2009-10-12 13:41 -------- d-----w- c:\program files\SG TCP
    2010-05-06 22:13 . 2009-11-23 10:23 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-05-06 21:56 . 2007-02-03 06:47 -------- d-----w- c:\program files\Lavasoft
    2010-05-06 21:56 . 2008-03-17 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
    2010-05-06 21:47 . 2008-08-27 15:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
    2010-05-06 17:02 . 2010-05-06 17:02 49152 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
    2010-05-06 17:02 . 2010-05-06 17:02 308808 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
    2010-05-06 17:02 . 2010-05-06 17:02 14848 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    2010-05-06 17:02 . 2010-05-06 17:02 40960 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
    2010-05-06 17:02 . 2010-05-06 17:02 341600 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    2010-05-06 17:02 . 2009-01-25 18:43 -------- d-----w- c:\program files\Common Files\Real
    2010-05-06 17:02 . 2010-05-06 17:01 -------- d-----w- c:\program files\real
    2010-05-06 17:02 . 2010-05-06 17:02 -------- d-----w- c:\program files\Common Files\xing shared
    2010-05-05 21:06 . 2009-01-25 18:46 5018 -csha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
    2010-05-05 21:06 . 2009-01-25 18:46 5018 -csha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
    2010-05-05 21:05 . 2009-01-25 18:46 168 -csh--r- c:\documents and settings\All Users\Application Data\EBE7AD504F.sys
    2010-05-05 21:05 . 2009-01-25 18:46 168 -csh--r- c:\documents and settings\All Users\Application Data\EBE7AD504F.sys
    2010-05-05 20:27 . 2007-01-09 22:50 -------- d-----w- c:\documents and settings\Hung\Application Data\Vso
    2010-05-05 20:13 . 2010-05-05 20:13 20336 ----a-w- c:\program files\Product Registration.pdf
    2010-05-05 16:48 . 2008-05-15 22:13 -------- d-----w- c:\documents and settings\All Users\Application Data\1Click DVD Copy Pro
    2010-05-05 09:20 . 2010-04-08 17:16 -------- d-----w- c:\documents and settings\Hung\Application Data\Thinstall
    2010-05-05 09:20 . 2010-04-08 17:13 -------- d-----w- c:\program files\CBS Software
    2010-05-04 22:11 . 2008-11-28 13:48 -------- d-----w- c:\program files\BitComet
    2010-05-04 21:57 . 2007-10-13 17:28 -------- d-----w- c:\program files\Lambda
    2010-05-03 21:28 . 2008-09-14 17:24 214448 -c--a-w- c:\documents and settings\Hung\Application Data\IDMidmmzcc2\components\idmmzcc.dll
    2010-05-03 05:32 . 2010-01-28 16:51 -------- d-----w- c:\program files\GRETECH
    2010-05-02 22:17 . 2010-04-18 15:41 -------- d-----w- c:\documents and settings\Hung\Application Data\Godlike
    2010-05-02 21:21 . 2010-03-11 21:11 -------- d-----w- c:\program files\DAP
    2010-05-02 21:21 . 2010-03-11 21:11 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit
    2010-04-30 20:09 . 2008-10-26 11:54 -------- d-----w- c:\documents and settings\Hung\Application Data\dvdcss
    2010-04-30 20:09 . 2010-01-28 15:59 -------- d-----w- c:\program files\ALLPlayer
    2010-04-21 15:00 . 2010-04-21 15:00 4254224 ----a-w- c:\windows\system32\qtp-mt334.dll
    2010-04-21 15:00 . 2010-04-21 15:00 249872 ----a-w- c:\windows\system32\prgiso.dll
    2010-04-21 15:00 . 2010-04-21 15:00 385544 ----a-w- c:\windows\system32\drivers\Uim_IM.sys
    2010-04-21 15:00 . 2010-04-21 15:00 34392 ----a-w- c:\windows\system32\drivers\UimBus.sys
    2010-04-21 15:00 . 2010-04-21 15:00 261416 ----a-w- c:\windows\system32\drivers\UimFIO.sys
    2010-04-19 13:35 . 2007-01-02 18:13 8224 -c--a-w- c:\documents and settings\Hung\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-04-19 13:27 . 2009-01-29 12:54 -------- d-----w- c:\program files\QuickTime
    2010-04-19 13:24 . 2008-05-05 12:34 -------- d-----w- c:\program files\Common Files\Apple
    2010-04-19 09:34 . 2010-04-19 09:31 -------- d-----w- c:\documents and settings\All Users\Application Data\RealHideIP
    2010-04-19 09:31 . 2010-04-19 09:31 -------- d-----w- c:\documents and settings\Hung\Application Data\RealHideIP
    2010-04-19 06:39 . 2010-04-18 16:58 -------- d-----w- c:\documents and settings\All Users\Application Data\SuperHideIP
    2010-04-18 16:58 . 2010-04-18 16:58 -------- d-----w- c:\documents and settings\Hung\Application Data\SuperHideIP
    2010-04-18 16:57 . 2010-04-18 16:55 -------- d-----w- c:\program files\SuperHideIP
    2010-04-18 16:41 . 2009-03-13 05:44 -------- d-----w- c:\documents and settings\Hung\Application Data\LimeWire
    2010-04-18 16:40 . 2008-08-25 18:54 -------- d-----w- c:\program files\Spyware Doctor
    2010-04-18 16:40 . 2008-05-06 18:05 -------- d-----w- c:\program files\NETGEAR
    2010-04-18 16:40 . 2006-04-07 17:36 -------- d-----w- c:\program files\Microsoft Works
    2010-04-18 16:40 . 2009-11-07 07:43 -------- d-----w- c:\program files\Free MKV Video2Dvd
    2010-04-18 16:40 . 2007-06-30 06:19 -------- d-----w- c:\program files\FlashGet
    2010-04-18 16:40 . 2007-11-20 22:26 -------- d-----w- c:\program files\Azureus
    2010-04-18 16:40 . 2010-01-30 13:03 -------- d-----w- c:\program files\adslTV
    2010-04-18 15:31 . 2010-04-16 14:08 -------- d-----w- c:\program files\WinTools Software
    2010-04-13 13:26 . 2010-04-13 12:55 -------- d-----w- c:\program files\1AVCenter
    2010-04-13 12:55 . 2010-04-13 12:53 -------- d-----w- c:\program files\PCWinSoft
    2010-04-12 14:07 . 2010-04-12 14:07 -------- d-----w- c:\program files\Flash Recovery Toolbox
    2010-04-08 17:16 . 2010-04-08 17:16 4596336 ----a-w- c:\windows\SpeedConnect Internet Accelerator full.exe
    2010-04-08 17:12 . 2010-04-08 17:12 2019912 ----a-w- c:\windows\SpeedConnect_Setup.exe
    2010-04-06 23:58 . 2010-04-06 23:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
    2010-03-26 14:58 . 2010-03-26 14:14 -------- d-----w- c:\program files\SIW
    2010-03-26 14:16 . 2010-03-26 14:16 -------- d-----w- c:\program files\Software Informer
    2010-03-09 11:09 . 2004-08-10 11:51 430080 ----a-w- c:\windows\system32\vbscript.dll
    2010-03-04 17:23 . 2010-03-04 17:15 71241 ----a-w- c:\windows\hpqins04.dat
    2010-03-04 16:07 . 2010-03-04 16:07 3584 ----a-r- c:\documents and settings\Hung\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
    2010-02-26 05:43 . 2004-08-10 11:51 667136 ----a-w- c:\windows\system32\wininet.dll
    2010-02-26 05:43 . 2004-08-10 11:51 81920 ----a-w- c:\windows\system32\ieencode.dll
    2010-02-24 13:11 . 2006-04-07 17:11 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2008-09-29 06:17 . 2008-09-01 15:32 782 -c--a-w- c:\program files\mwsbar.zip
    2007-12-08 21:50 . 2007-12-08 21:49 1672201 -c--a-w- c:\program files\Matroska_Playback_Pack_0.5.exe
    2009-12-01 09:51 . 2008-09-03 13:56 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
    2010-01-02 13:31 . 2010-01-02 13:25 48 --sh--w- c:\windows\SF6680608.tmp
    .

    ------- Sigcheck -------

    [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
    [-] 2008-04-13 18:40 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
    [7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
    [7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
    [7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}"= "c:\program files\Avanquest_FR\tbAvan.dll" [2009-12-31 2349080]

    [HKEY_CLASSES_ROOT\clsid\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
    2010-03-11 21:10 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
    2010-02-28 09:37 435688 ----a-w- c:\progra~1\SearchPredict\SearchPredict.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}]
    2009-12-31 09:53 2349080 ----a-w- c:\program files\Avanquest_FR\tbAvan.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}"= "c:\program files\Avanquest_FR\tbAvan.dll" [2009-12-31 2349080]

    [HKEY_CLASSES_ROOT\clsid\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848}"= "c:\program files\Avanquest_FR\tbAvan.dll" [2009-12-31 2349080]

    [HKEY_CLASSES_ROOT\clsid\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FolderProtect0]
    @="{D7BC78F3-3624-455C-8C4B-9C77C3BFEE4E}"
    [HKEY_CLASSES_ROOT\CLSID\{D7BC78F3-3624-455C-8C4B-9C77C3BFEE4E}]
    2007-12-02 16:05 348160 ----a-w- c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectShellExtension.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FolderProtect1]
    @="{8A814C29-D3CD-4F9E-9770-DF8704503ACA}"
    [HKEY_CLASSES_ROOT\CLSID\{8A814C29-D3CD-4F9E-9770-DF8704503ACA}]
    2007-12-02 16:05 348160 ----a-w- c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectShellExtension.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 24576]
    "VPSKEYS"="c:\program files\Vpskeys\VPSKEYS.EXE" [2003-03-29 102400]
    "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-26 4351216]
    "SmsDiscount"="c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe" [2009-11-11 9078072]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-05-08 2017280]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-01 30192]
    "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 71152]
    "BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2010-01-20 1120704]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Phone Connection Monitor.lnk - c:\program files\Sony Ericsson\Mobile\audevicemgr.exe [2008-9-9 754176]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "NoSecCpl"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoStartMenuSubFolders"= 0 (0x0)
    "NoCommonGroups"= 0 (0x0)
    "NoPrinters"= 0 (0x0)
    "NoRecentDocsNetHood"= 0 (0x0)
    "NoChangeAnimation"= 0 (0x0)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
    backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
    backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NETGEAR WG111T Smart Wizard.lnk]
    backup=c:\windows\pss\NETGEAR WG111T Smart Wizard.lnkCommon Startup
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
    2008-10-14 20:38 623992 ------w- c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    2006-11-16 17:04 139264 -c--a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol]
    2005-09-15 08:47 57344 -c----w- c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
    2005-09-08 04:20 122940 -c--a-w- c:\windows\system32\DLA\DLACTRLW.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    2007-05-08 15:24 54840 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
    2005-10-14 19:46 77824 -c--a-w- c:\windows\system32\hkcmd.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
    2005-10-14 19:50 114688 -c--a-w- c:\windows\system32\igfxpers.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
    2005-10-14 19:49 94208 -c--a-w- c:\windows\system32\igfxtray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
    2006-03-20 16:34 213936 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    2007-10-18 09:34 5724184 -c----w- c:\program files\Windows Live\Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    2006-01-12 13:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Speed Maximizer]
    2009-10-30 11:08 205072 ----a-w- c:\program files\PC Speed Maximizer\SPMTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
    2009-07-27 02:37 180224 -c--a-w- c:\program files\PowerISO\PWRISOVM.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2009-09-04 23:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
    2006-05-12 09:27 831488 -c--a-w- c:\windows\vsnpstd3.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    2010-05-06 17:01 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
    2000-05-11 00:00 90112 -c----w- c:\windows\Updreg.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoiceCenter]
    2005-09-19 06:42 1159168 -c----w- c:\program files\Creative\VoiceCenter\AndreaVC.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "Desktop Secretary"="c:\program files\Spotmau WinCare 2008\sub\Desktop_Secretary\Desktop_Secretary.exe" /background
    "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    "UniblueSpeedUpMyPC"=c:\program files\Uniblue\SpeedUpMyPC\Launcher.exe -minimize
    "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
    "ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" "sleep"
    "Software Informer"="c:\program files\Software Informer\softinfo.exe" -autorun
    "Super Hide IP"=c:\program files\SuperHideIP\SuperHideIP.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "MBMon"=Rundll32 CTMBHA.DLL,MBMon
    "DMXLauncher"=c:\program files\Dell\Media Experience\DMXLauncher.exe
    "HPUsageTracking"=c:\program files\HP\HP UT\bin\hppusg.exe "c:\program files\HP\HP UT\"
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "c:\\Program Files\\InternetCalls.com\\InternetCalls\\InternetCalls.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP2014MC.EXE"=
    "c:\\Program Files\\SmsDiscount.com\\SmsDiscount\\SmsDiscount.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\LimeWire\\LimeWire.exe"=
    "c:\\Program Files\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\uTorrent\\utorrent.exe"=
    "c:\\Program Files\\Azureus\\Azureus.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "9935:TCP"= 9935:TCP:*:D isabled:BitComet 9935 TCP
    "9935:UDP"= 9935:UDP:*:D isabled:BitComet 9935 UDP
    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [17.02.2010 12:25 160640]
    R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [17.02.2010 12:25 5248]
    R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [05.05.2010 22:11 40560]
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [07.05.2010 00:14 64288]
    R1 FolderProtectDriver;FolderProtectDriver;c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectDriver.sys [25.11.2008 14:46 15616]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.02.2010 11:25 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [27.04.2010 17:30 68168]
    R2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [22.09.2009 09:22 83208]
    R2 FolderProtectService;FolderProtectService;c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectService.exe [25.11.2008 14:46 10240]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [04.02.2010 17:52 1285864]
    R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [13.02.2010 10:21 90112]
    R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [07.12.2009 19:46 153448]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [19.10.2009 17:04 110984]
    R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [13.02.2010 10:22 27632]
    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14.02.2010 10:29 135664]
    S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [19.10.2009 17:06 183880]
    S3 DDPlayCam;DDPlay Virtual Camera;c:\windows\system32\drivers\DDPlayCam.sys [02.03.2006 08:08 150016]
    S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [06.05.2008 20:05 17149]
    S3 FTLUND;Lundinova Filter Driver;c:\windows\system32\drivers\ftlund.sys [12.09.2008 13:06 6828]
    S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [07.12.2007 22:59 30192]
    S3 NDISKIO;NDISKIO;\??\c:\docume~1\Hung\LOCALS~1\Temp\000006e5.nmc\nse\bin\ndiskio.sys --> c:\docume~1\Hung\LOCALS~1\Temp\000006e5.nmc\nse\bin\ndiskio.sys [?]
    S3 nsak;nsak;\??\c:\docume~1\Hung\LOCALS~1\Temp\00000295.nmc\nse\bin\nsak.sys --> c:\docume~1\Hung\LOCALS~1\Temp\00000295.nmc\nse\bin\nsak.sys [?]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan
    .
    Contents of the 'Scheduled Tasks' folder

    2010-05-24 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 22:08]

    2010-05-20 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

    2010-05-24 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-03-25 23:58]

    2010-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 08:29]

    2010-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 08:29]

    2010-05-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3258514260-1877139318-2177451161-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

    2010-05-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3258514260-1877139318-2177451161-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Settings,ProxyServer = http=
    IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
    IE: Ajouter au fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
    IE: Download Link Using Mega Manager... - c:\program files\MegaUpload\Mega Manager\mm_file.htm
    IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
    IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
    IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
    IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
    IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
    FF - ProfilePath - c:\documents and settings\Hung\Application Data\Mozilla\Firefox\Profiles\b827ualb.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&q=
    FF - prefs.js: network.proxy.type - 4
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- FIREFOX POLICIES ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    .
    - - - - ORPHANS REMOVED - - - -

    Toolbar-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file)
    WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file)
    WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
    AddRemove-BearShare MediaBar - c:\program files\BearShare Applications\MediaBar\UnwiseLauncher.exe
    AddRemove-{F37167DD-4436-4641-90B6-329D60632DDA} - c:\program files\InstallShield Installation Information\{F37167DD-4436-4641-90B6-329D60632DDA}\Setup.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-05-24 09:43
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

    device: opened successfully
    user: MBR read successfully
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8A582578]<<
    kernel: MBR read successfully
    detected MBR rootkit hooks:
    \Driver\Disk -> CLASSPNP.SYS @ 0xba0ecf28
    \Driver\ACPI -> ACPI.sys @ 0xb9f57cb8
    \Driver\atapi -> 0x8a582578
    IoDeviceObjectType -> ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
    \Device\Harddisk0\DR0 -> ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
    NDIS: -> SendCompleteHandler -> 0x0
    PacketIndicateHandler -> 0x0
    SendHandler -> 0x0
    Warning: possible MBR rootkit infection !
    user & kernel MBR OK

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_USERS\.Default\Software\SetID\Internal]
    @Denied: (A 2) (LocalSystem)
    "DATA"="<settings expireTime=\"0\" productStatus=\"1\" obSize=\"0\" InstallTS=\"2145870353\" isSubsc=\"0\" version=\"12.0.1\" timeDiff=\"1\" oldDevice=\"\" authStatus_ts=\"0\" />"
    "Device"="yM29zbvPzMnLvrm+x8fPzce+zro="

    [HKEY_USERS\S-1-5-21-3258514260-1877139318-2177451161-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CD64448-8868-3154-BBF4-956CB9F02139}*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    "iacddjdcapgcockmfn"=hex:69,61,6f,66,63,70,6d,6d,62,65,65,67,65,67,69,6a,6a,6d,
    00,00
    "haedjajdnpipmaic"=hex:69,61,6f,66,63,70,6d,6d,62,65,65,67,65,67,69,6a,6a,6d,
    00,00

    [HKEY_USERS\S-1-5-21-3258514260-1877139318-2177451161-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{971F0959-A762-BEA5-921F-6C94D2C48CB5}*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{16cc9d24-38b2-46ae-a6eb-ffa8d2b434d3}]
    @Denied: (Full) (Everyone)
    "Model"=dword:000000b6
    "Therad"=dword:0000001e
    "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
    38,95,44,ff,25,5b,70,e9,89,02,32,28,f6,2b,65,55,21,95,a0,75,c0,90,48,62,87,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
    @Denied: (Full) (Everyone)
    "scansk"=hex(0):ca,a5,c8,17,12,eb,15,8b,be,fb,90,9a,cb,9f,d0,cd,ee,13,81,7e,3e,
    eb,aa,33,be,d9,af,6b,0c,90,63,71,d2,8c,bc,ed,00,eb,8d,5a,00,00,00,00,00,00,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
    @Denied: (Full) (Everyone)
    "scansk"=hex(0):55,8f,07,fa,7e,02,2d,48,35,be,d1,36,61,2d,30,b7,0f,cd,98,a5,96,
    23,2d,93,d8,62,20,b2,c0,e5,a0,31,79,51,14,d7,82,53,18,53,00,00,00,00,00,00,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{a8730b3f-0a95-46fb-a502-751a3c83888a}]
    @Denied: (Full) (Everyone)
    "Model"=dword:00000115
    "Therad"=dword:00000015
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(1148)
    c:\program files\SUPERAntiSpyware\SASWINLO.dll

    - - - - - - - > 'explorer.exe'(1900)
    c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectShellExtension.dll
    c:\program files\Vpskeys\VPSKM32.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
    c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
    c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr
    c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\Ati2evxx.exe
    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\windows\system32\CTsvcCDA.exe
    c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\windows\system32\HPZipm12.exe
    c:\windows\System32\spool\DRIVERS\W32X86\3\HP2014MC.EXE
    c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtect.exe
    c:\program files\Microsoft ActiveSync\wcescomm.exe
    c:\progra~1\INTUWA~1\Shared\MROUTE~1\mRouterRuntime.exe
    c:\progra~1\MICROS~4\rapimgr.exe
    c:\progra~1\SONYER~1\Mobile\CONNEC~1\ConnMngMntBox.exe
    c:\program files\Yahoo!\Messenger\ymsgr_tray.exe
    c:\windows\system32\wbem\unsecapp.exe
    .
    **************************************************************************
    .
    Completion time: 2010-05-24 09:48:36 - machine was rebooted
    ComboFix-quarantined-files.txt 2010-05-24 07:48

    Pre-Run: 5'956'804'608 bytes free
    Post-Run: 5'830'455'296 bytes free

    - - End Of File - - 011D6E714E6EB9491338B7E6FDFCA050
    m
    0
    l
    24 Mai 2010 15:40:36

    re
    ça sent pas bon...


    Copie (Ctrl+C) le texte ci-dessous :
    MBR::



    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte que tu viens de copier.
    Sauvegarde ce fichier sous le nom de CFScript.txt

    Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture


  • Combofix se lance, laisse toi guider..

  • Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
    Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis

  • Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer


    ++++++++++++++++++++++++++
    vu ceci:
    Citation :
    [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
    [-] 2008-04-13 18:40 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
    [7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys

    On va voir si tu n'as pas quelques drivers légitimes modifiéss par une infection...

    Télécharge GMER à partir de ce lien : http://www.gmer.net/files.php - clic sur "Download EXE" et télécharge le fichier sur ton bureau.
    Voir le tutorial GMER, ça peut peut-être t'aider : http://www.malekal.com/tutorial_GMER.php

  • Désactive tes logiciels de protection (antivirus, antispyware etc) et ferme tous les programmes ouverts.
  • Double-clique sur le fichier GMER téléchargé.
    IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
  • Clique sur l'onglet "rootkit"
  • A droite, coche tout.
  • Clique maintenant sur Scan.
  • Lorsque le scan est terminé, clique sur Copy.
  • Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
    Le rapport doit alors apparaître.
  • Enregistre le fichier sur ton Bureau et poste le contenu ici.


    m
    0
    l
    25 Mai 2010 14:22:52

    Salut Sham_Rock,

    Je te remets ci-joint les rapports de ComboFix et de Gmer.

    Quelques remarques :
    . Le GMER a fait planter le PC (blue screen) avec le message suivant :
    "The problem seems to be caused by the following file pflirpow.sys"
    ...

    . Lors du scan avec GMER, l'usage du CPU est a son maximum (100%), avec les 4 applications suivantes :
    - bdagent.exe (BitDefender)
    - wuauclt.xe
    - vsserv.exe
    - system

    . J'ai du forcer l'arret du GMER (power off manuel) parce qu'elle a tourne plus de 7 heures


    Merci beaucoup de ton aide,



    ComboFix 10-05-23.06 - Hung 24.05.2010 17:42:21.2.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.41.1033.18.2046.1433 [GMT 2:00]
    Running from: c:\documents and settings\Hung\My Documents\Téléchargements\ComboFix.exe
    Command switches used :: c:\documents and settings\Hung\Desktop\CFScript.txt.lnk
    AV: BitDefender Antivirus *On-access scanning disabled* (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
    FW: BitDefender Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
    .

    ((((((((((((((((((((((((( Files Created from 2010-04-24 to 2010-05-24 )))))))))))))))))))))))))))))))
    .

    2010-05-23 14:34 . 2010-05-23 14:34 61440 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-67109e5d-n\decora-sse.dll
    2010-05-23 14:34 . 2010-05-23 14:34 12800 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-67109e5d-n\decora-d3d.dll
    2010-05-21 07:30 . 2010-05-22 08:41 -------- d-----w- C:\Ad-Remover
    2010-05-20 13:33 . 2010-05-20 13:33 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Avanquest_FR
    2010-05-15 15:39 . 2010-05-15 15:39 503808 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2bcbbce4-n\msvcp71.dll
    2010-05-15 15:39 . 2010-05-15 15:39 499712 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2bcbbce4-n\jmc.dll
    2010-05-15 15:39 . 2010-05-15 15:39 348160 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2bcbbce4-n\msvcr71.dll
    2010-05-15 15:39 . 2010-05-15 15:39 61440 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2cc1f619-n\decora-sse.dll
    2010-05-15 15:39 . 2010-05-15 15:39 12800 ----a-w- c:\documents and settings\Hung\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2cc1f619-n\decora-d3d.dll
    2010-05-15 15:37 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
    2010-05-08 22:50 . 2010-05-08 22:50 -------- d-----w- c:\windows\system32\InstallShield Installation Information
    2010-05-08 07:52 . 2010-05-08 07:52 -------- d-----w- c:\documents and settings\Hung\Application Data\PC Speed Maximizer
    2010-05-08 07:52 . 2010-05-08 07:52 -------- d-----w- c:\program files\PC Speed Maximizer
    2010-05-08 07:49 . 2010-05-08 07:49 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\Conduit
    2010-05-08 07:49 . 2010-05-08 17:33 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\Avanquest_FR
    2010-05-08 07:49 . 2010-05-08 07:49 -------- d-----w- c:\program files\Avanquest_FR
    2010-05-08 07:49 . 2010-05-08 07:49 -------- d-----w- c:\program files\Conduit
    2010-05-07 09:27 . 2010-05-06 22:13 15880 ----a-w- c:\windows\system32\lsdelete.exe
    2010-05-06 22:14 . 2010-02-04 15:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2010-05-06 21:56 . 2010-05-06 21:56 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
    2010-05-06 21:56 . 2010-02-04 15:53 2954656 -c--a-w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
    2010-05-06 21:56 . 2010-05-17 13:06 63488 ----a-w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
    2010-05-06 21:56 . 2010-05-06 21:56 52224 ----a-w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
    2010-05-06 21:56 . 2010-05-17 13:06 117760 ----a-w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
    2010-05-06 21:48 . 2010-05-06 21:48 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
    2010-05-06 21:48 . 2010-05-08 06:58 -------- d-----w- c:\program files\SUPERAntiSpyware
    2010-05-06 21:48 . 2010-05-06 21:48 -------- d-----w- c:\documents and settings\Hung\Application Data\SUPERAntiSpyware.com
    2010-05-06 21:24 . 2010-05-06 21:24 -------- d-----w- c:\documents and settings\Hung\Application Data\Malwarebytes
    2010-05-06 21:24 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-05-06 21:24 . 2010-05-06 21:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-05-06 21:24 . 2010-05-06 21:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2010-05-06 21:24 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-05-06 17:03 . 2010-05-06 17:03 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\Real
    2010-05-05 21:44 . 2010-05-05 21:44 -------- d-----w- c:\documents and settings\All Users\Application Data\141C5
    2010-05-05 21:41 . 2010-05-05 21:42 -------- d-----w- c:\documents and settings\Hung\Application Data\bearsharemediabartb
    2010-05-05 21:40 . 2010-05-05 21:44 -------- d-----w- c:\documents and settings\Hung\Local Settings\Application Data\BearShare
    2010-05-05 21:40 . 2010-05-05 22:03 -------- d-----w- c:\program files\BearShare Applications
    2010-05-05 21:02 . 2010-05-12 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel
    2010-05-05 20:11 . 2010-04-21 15:00 40560 ----a-w- c:\windows\system32\drivers\hotcore3.sys
    2010-05-05 20:10 . 2010-05-05 20:14 -------- d-----w- c:\program files\Paragon_Software
    2010-05-05 19:11 . 2010-05-05 19:11 -------- d-----w- c:\documents and settings\All Users\Application Data\explauncher
    2010-05-05 18:33 . 2010-05-05 19:09 -------- d-----w- c:\program files\Paragon
    2010-04-27 21:31 . 2010-04-27 21:32 -------- d-----w- c:\program files\iCare Format Recovery Software
    2010-04-26 19:37 . 2010-04-26 19:37 181096 ----a-w- c:\documents and settings\Hung\Application Data\Mozilla\Firefox\Profiles\b827ualb.default\FlashGot.exe

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-05-23 18:27 . 2007-11-20 23:05 -------- d-----w- c:\documents and settings\Hung\Application Data\Azureus
    2010-05-23 08:37 . 2009-05-22 06:31 -------- d-----w- c:\program files\Universal Share Downloader
    2010-05-17 12:52 . 2009-08-20 07:27 3421392 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2010-05-16 21:35 . 2010-04-19 08:31 -------- d-----w- c:\program files\Corel
    2010-05-16 21:35 . 2007-12-07 20:57 -------- d-----w- c:\program files\InterVideo
    2010-05-16 21:14 . 2007-06-03 19:53 -------- d-----w- c:\documents and settings\Hung\Application Data\DMCache
    2010-05-16 21:05 . 2008-10-25 08:28 -------- d-----w- c:\program files\Internet Download Manager
    2010-05-16 21:00 . 2008-09-20 05:36 -------- d-----w- c:\program files\UTILITIES
    2010-05-16 15:34 . 2010-03-26 14:16 -------- d-----w- c:\documents and settings\Hung\Application Data\Software Informer
    2010-05-15 21:11 . 2008-06-01 16:51 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
    2010-05-15 19:03 . 2007-01-02 18:08 -------- d-----w- c:\program files\Zone Labs
    2010-05-15 15:38 . 2006-04-07 17:26 -------- d-----w- c:\program files\Common Files\Java
    2010-05-15 15:37 . 2006-04-07 17:26 -------- d-----w- c:\program files\Java
    2010-05-15 13:10 . 2007-10-28 09:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
    2010-05-14 20:14 . 2007-01-03 23:25 -------- d-----w- c:\program files\Google
    2010-05-14 06:59 . 2008-10-29 22:42 -------- d-----w- c:\documents and settings\Hung\Application Data\Free Download Manager
    2010-05-12 21:21 . 2010-04-19 13:36 440624 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
    2010-05-12 20:07 . 2006-04-07 17:31 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-05-12 07:00 . 2009-10-12 13:41 -------- d-----w- c:\program files\SG TCP
    2010-05-06 22:13 . 2009-11-23 10:23 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-05-06 21:56 . 2007-02-03 06:47 -------- d-----w- c:\program files\Lavasoft
    2010-05-06 21:56 . 2008-03-17 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
    2010-05-06 21:47 . 2008-08-27 15:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
    2010-05-06 17:02 . 2010-05-06 17:02 49152 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
    2010-05-06 17:02 . 2010-05-06 17:02 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
    2010-05-06 17:02 . 2010-05-06 17:02 308808 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
    2010-05-06 17:02 . 2010-05-06 17:02 14848 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    2010-05-06 17:02 . 2010-05-06 17:02 40960 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
    2010-05-06 17:02 . 2010-05-06 17:02 341600 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    2010-05-06 17:02 . 2009-01-25 18:43 -------- d-----w- c:\program files\Common Files\Real
    2010-05-06 17:02 . 2010-05-06 17:01 -------- d-----w- c:\program files\real
    2010-05-06 17:02 . 2010-05-06 17:02 -------- d-----w- c:\program files\Common Files\xing shared
    2010-05-05 21:06 . 2009-01-25 18:46 5018 -csha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
    2010-05-05 21:06 . 2009-01-25 18:46 5018 -csha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
    2010-05-05 21:05 . 2009-01-25 18:46 168 -csh--r- c:\documents and settings\All Users\Application Data\EBE7AD504F.sys
    2010-05-05 21:05 . 2009-01-25 18:46 168 -csh--r- c:\documents and settings\All Users\Application Data\EBE7AD504F.sys
    2010-05-05 20:27 . 2007-01-09 22:50 -------- d-----w- c:\documents and settings\Hung\Application Data\Vso
    2010-05-05 20:13 . 2010-05-05 20:13 20336 ----a-w- c:\program files\Product Registration.pdf
    2010-05-05 16:48 . 2008-05-15 22:13 -------- d-----w- c:\documents and settings\All Users\Application Data\1Click DVD Copy Pro
    2010-05-05 09:20 . 2010-04-08 17:16 -------- d-----w- c:\documents and settings\Hung\Application Data\Thinstall
    2010-05-05 09:20 . 2010-04-08 17:13 -------- d-----w- c:\program files\CBS Software
    2010-05-04 22:11 . 2008-11-28 13:48 -------- d-----w- c:\program files\BitComet
    2010-05-04 21:57 . 2007-10-13 17:28 -------- d-----w- c:\program files\Lambda
    2010-05-03 21:28 . 2008-09-14 17:24 214448 -c--a-w- c:\documents and settings\Hung\Application Data\IDMidmmzcc2\components\idmmzcc.dll
    2010-05-03 05:32 . 2010-01-28 16:51 -------- d-----w- c:\program files\GRETECH
    2010-05-02 22:17 . 2010-04-18 15:41 -------- d-----w- c:\documents and settings\Hung\Application Data\Godlike
    2010-05-02 21:21 . 2010-03-11 21:11 -------- d-----w- c:\program files\DAP
    2010-05-02 21:21 . 2010-03-11 21:11 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit
    2010-04-30 20:09 . 2008-10-26 11:54 -------- d-----w- c:\documents and settings\Hung\Application Data\dvdcss
    2010-04-30 20:09 . 2010-01-28 15:59 -------- d-----w- c:\program files\ALLPlayer
    2010-04-21 15:00 . 2010-04-21 15:00 4254224 ----a-w- c:\windows\system32\qtp-mt334.dll
    2010-04-21 15:00 . 2010-04-21 15:00 249872 ----a-w- c:\windows\system32\prgiso.dll
    2010-04-21 15:00 . 2010-04-21 15:00 385544 ----a-w- c:\windows\system32\drivers\Uim_IM.sys
    2010-04-21 15:00 . 2010-04-21 15:00 34392 ----a-w- c:\windows\system32\drivers\UimBus.sys
    2010-04-21 15:00 . 2010-04-21 15:00 261416 ----a-w- c:\windows\system32\drivers\UimFIO.sys
    2010-04-19 13:35 . 2007-01-02 18:13 8224 -c--a-w- c:\documents and settings\Hung\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-04-19 13:27 . 2009-01-29 12:54 -------- d-----w- c:\program files\QuickTime
    2010-04-19 13:24 . 2008-05-05 12:34 -------- d-----w- c:\program files\Common Files\Apple
    2010-04-19 09:34 . 2010-04-19 09:31 -------- d-----w- c:\documents and settings\All Users\Application Data\RealHideIP
    2010-04-19 09:31 . 2010-04-19 09:31 -------- d-----w- c:\documents and settings\Hung\Application Data\RealHideIP
    2010-04-19 06:39 . 2010-04-18 16:58 -------- d-----w- c:\documents and settings\All Users\Application Data\SuperHideIP
    2010-04-18 16:58 . 2010-04-18 16:58 -------- d-----w- c:\documents and settings\Hung\Application Data\SuperHideIP
    2010-04-18 16:57 . 2010-04-18 16:55 -------- d-----w- c:\program files\SuperHideIP
    2010-04-18 16:41 . 2009-03-13 05:44 -------- d-----w- c:\documents and settings\Hung\Application Data\LimeWire
    2010-04-18 16:40 . 2008-08-25 18:54 -------- d-----w- c:\program files\Spyware Doctor
    2010-04-18 16:40 . 2008-05-06 18:05 -------- d-----w- c:\program files\NETGEAR
    2010-04-18 16:40 . 2006-04-07 17:36 -------- d-----w- c:\program files\Microsoft Works
    2010-04-18 16:40 . 2009-11-07 07:43 -------- d-----w- c:\program files\Free MKV Video2Dvd
    2010-04-18 16:40 . 2007-06-30 06:19 -------- d-----w- c:\program files\FlashGet
    2010-04-18 16:40 . 2007-11-20 22:26 -------- d-----w- c:\program files\Azureus
    2010-04-18 16:40 . 2010-01-30 13:03 -------- d-----w- c:\program files\adslTV
    2010-04-18 15:31 . 2010-04-16 14:08 -------- d-----w- c:\program files\WinTools Software
    2010-04-13 13:26 . 2010-04-13 12:55 -------- d-----w- c:\program files\1AVCenter
    2010-04-13 12:55 . 2010-04-13 12:53 -------- d-----w- c:\program files\PCWinSoft
    2010-04-12 14:07 . 2010-04-12 14:07 -------- d-----w- c:\program files\Flash Recovery Toolbox
    2010-04-08 17:16 . 2010-04-08 17:16 4596336 ----a-w- c:\windows\SpeedConnect Internet Accelerator full.exe
    2010-04-08 17:12 . 2010-04-08 17:12 2019912 ----a-w- c:\windows\SpeedConnect_Setup.exe
    2010-04-06 23:58 . 2010-04-06 23:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
    2010-03-26 14:58 . 2010-03-26 14:14 -------- d-----w- c:\program files\SIW
    2010-03-26 14:16 . 2010-03-26 14:16 -------- d-----w- c:\program files\Software Informer
    2010-03-09 11:09 . 2004-08-10 11:51 430080 ----a-w- c:\windows\system32\vbscript.dll
    2010-03-04 17:23 . 2010-03-04 17:15 71241 ----a-w- c:\windows\hpqins04.dat
    2010-03-04 16:07 . 2010-03-04 16:07 3584 ----a-r- c:\documents and settings\Hung\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
    2010-02-26 05:43 . 2004-08-10 11:51 667136 ----a-w- c:\windows\system32\wininet.dll
    2010-02-26 05:43 . 2004-08-10 11:51 81920 ----a-w- c:\windows\system32\ieencode.dll
    2010-02-24 13:11 . 2006-04-07 17:11 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2008-09-29 06:17 . 2008-09-01 15:32 782 -c--a-w- c:\program files\mwsbar.zip
    2007-12-08 21:50 . 2007-12-08 21:49 1672201 -c--a-w- c:\program files\Matroska_Playback_Pack_0.5.exe
    2009-12-01 09:51 . 2008-09-03 13:56 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
    2010-01-02 13:31 . 2010-01-02 13:25 48 --sh--w- c:\windows\SF6680608.tmp
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}"= "c:\program files\Avanquest_FR\tbAvan.dll" [2009-12-31 2349080]

    [HKEY_CLASSES_ROOT\clsid\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
    2010-03-11 21:10 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
    2010-02-28 09:37 435688 ----a-w- c:\progra~1\SearchPredict\SearchPredict.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}]
    2009-12-31 09:53 2349080 ----a-w- c:\program files\Avanquest_FR\tbAvan.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}"= "c:\program files\Avanquest_FR\tbAvan.dll" [2009-12-31 2349080]

    [HKEY_CLASSES_ROOT\clsid\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848}"= "c:\program files\Avanquest_FR\tbAvan.dll" [2009-12-31 2349080]

    [HKEY_CLASSES_ROOT\clsid\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FolderProtect0]
    @="{D7BC78F3-3624-455C-8C4B-9C77C3BFEE4E}"
    [HKEY_CLASSES_ROOT\CLSID\{D7BC78F3-3624-455C-8C4B-9C77C3BFEE4E}]
    2007-12-02 16:05 348160 ----a-w- c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectShellExtension.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FolderProtect1]
    @="{8A814C29-D3CD-4F9E-9770-DF8704503ACA}"
    [HKEY_CLASSES_ROOT\CLSID\{8A814C29-D3CD-4F9E-9770-DF8704503ACA}]
    2007-12-02 16:05 348160 ----a-w- c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectShellExtension.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 24576]
    "VPSKEYS"="c:\program files\Vpskeys\VPSKEYS.EXE" [2003-03-29 102400]
    "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-26 4351216]
    "SmsDiscount"="c:\program files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe" [2009-11-11 9078072]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-05-08 2017280]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-01 30192]
    "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 71152]
    "BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2010-01-20 1120704]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Phone Connection Monitor.lnk - c:\program files\Sony Ericsson\Mobile\audevicemgr.exe [2008-9-9 754176]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "NoSecCpl"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoStartMenuSubFolders"= 0 (0x0)
    "NoCommonGroups"= 0 (0x0)
    "NoPrinters"= 0 (0x0)
    "NoRecentDocsNetHood"= 0 (0x0)
    "NoChangeAnimation"= 0 (0x0)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
    @=""

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
    backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
    backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NETGEAR WG111T Smart Wizard.lnk]
    backup=c:\windows\pss\NETGEAR WG111T Smart Wizard.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
    2008-10-14 20:38 623992 ------w- c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    2006-11-16 17:04 139264 -c--a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol]
    2005-09-15 08:47 57344 -c----w- c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
    2005-09-08 04:20 122940 -c--a-w- c:\windows\system32\DLA\DLACTRLW.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    2007-05-08 15:24 54840 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
    2005-10-14 19:46 77824 -c--a-w- c:\windows\system32\hkcmd.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
    2005-10-14 19:50 114688 -c--a-w- c:\windows\system32\igfxpers.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
    2005-10-14 19:49 94208 -c--a-w- c:\windows\system32\igfxtray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
    2006-03-20 16:34 213936 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    2007-10-18 09:34 5724184 -c----w- c:\program files\Windows Live\Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    2006-01-12 13:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Speed Maximizer]
    2009-10-30 11:08 205072 ----a-w- c:\program files\PC Speed Maximizer\SPMTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
    2009-07-27 02:37 180224 -c--a-w- c:\program files\PowerISO\PWRISOVM.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2009-09-04 23:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
    2006-05-12 09:27 831488 -c--a-w- c:\windows\vsnpstd3.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    2010-05-06 17:01 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
    2000-05-11 00:00 90112 -c----w- c:\windows\Updreg.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoiceCenter]
    2005-09-19 06:42 1159168 -c----w- c:\program files\Creative\VoiceCenter\AndreaVC.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "Desktop Secretary"="c:\program files\Spotmau WinCare 2008\sub\Desktop_Secretary\Desktop_Secretary.exe" /background
    "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    "UniblueSpeedUpMyPC"=c:\program files\Uniblue\SpeedUpMyPC\Launcher.exe -minimize
    "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
    "ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" "sleep"
    "Software Informer"="c:\program files\Software Informer\softinfo.exe" -autorun
    "Super Hide IP"=c:\program files\SuperHideIP\SuperHideIP.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "MBMon"=Rundll32 CTMBHA.DLL,MBMon
    "DMXLauncher"=c:\program files\Dell\Media Experience\DMXLauncher.exe
    "HPUsageTracking"=c:\program files\HP\HP UT\bin\hppusg.exe "c:\program files\HP\HP UT\"
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "c:\\Program Files\\InternetCalls.com\\InternetCalls\\InternetCalls.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP2014MC.EXE"=
    "c:\\Program Files\\SmsDiscount.com\\SmsDiscount\\SmsDiscount.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\LimeWire\\LimeWire.exe"=
    "c:\\Program Files\\Intuwave Ltd\\Shared\\mRouterRunTime\\mRouterRuntime.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\uTorrent\\utorrent.exe"=
    "c:\\Program Files\\Azureus\\Azureus.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "9935:TCP"= 9935:TCP:*:D isabled:BitComet 9935 TCP
    "9935:UDP"= 9935:UDP:*:D isabled:BitComet 9935 UDP
    "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

    R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [17.02.2010 12:25 5248]
    R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [05.05.2010 22:11 40560]
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [07.05.2010 00:14 64288]
    R1 FolderProtectDriver;FolderProtectDriver;c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectDriver.sys [25.11.2008 14:46 15616]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.02.2010 11:25 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [27.04.2010 17:30 68168]
    R2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [22.09.2009 09:22 83208]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [04.02.2010 17:52 1285864]
    R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [07.12.2009 19:46 153448]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [19.10.2009 17:04 110984]
    R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [13.02.2010 10:22 27632]
    S2 FolderProtectService;FolderProtectService;c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectService.exe [25.11.2008 14:46 10240]
    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14.02.2010 10:29 135664]
    S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [13.02.2010 10:21 90112]
    S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [19.10.2009 17:06 183880]
    S3 DDPlayCam;DDPlay Virtual Camera;c:\windows\system32\drivers\DDPlayCam.sys [02.03.2006 08:08 150016]
    S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [06.05.2008 20:05 17149]
    S3 FTLUND;Lundinova Filter Driver;c:\windows\system32\drivers\ftlund.sys [12.09.2008 13:06 6828]
    S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [07.12.2007 22:59 30192]
    S3 NDISKIO;NDISKIO;\??\c:\docume~1\Hung\LOCALS~1\Temp\000006e5.nmc\nse\bin\ndiskio.sys --> c:\docume~1\Hung\LOCALS~1\Temp\000006e5.nmc\nse\bin\ndiskio.sys [?]
    S3 nsak;nsak;\??\c:\docume~1\Hung\LOCALS~1\Temp\00000295.nmc\nse\bin\nsak.sys --> c:\docume~1\Hung\LOCALS~1\Temp\00000295.nmc\nse\bin\nsak.sys [?]
    S4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [17.02.2010 12:25 160640]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan
    .
    Contents of the 'Scheduled Tasks' folder

    2010-05-24 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 22:08]

    2010-05-20 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

    2010-05-24 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-03-25 23:58]

    2010-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 08:29]

    2010-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-14 08:29]

    2010-05-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3258514260-1877139318-2177451161-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

    2010-05-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3258514260-1877139318-2177451161-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Settings,ProxyServer = http=
    IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
    IE: Ajouter au fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
    IE: Download Link Using Mega Manager... - c:\program files\MegaUpload\Mega Manager\mm_file.htm
    IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
    IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
    IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
    IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
    IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
    FF - ProfilePath - c:\documents and settings\Hung\Application Data\Mozilla\Firefox\Profiles\b827ualb.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2500339&q=
    FF - prefs.js: network.proxy.type - 4
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- FIREFOX POLICIES ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    .
    - - - - ORPHANS REMOVED - - - -

    Toolbar-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file)



    **************************************************************************
    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files:

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_USERS\.Default\Software\SetID\Internal]
    @Denied: (A 2) (LocalSystem)
    "DATA"="<settings expireTime=\"0\" productStatus=\"1\" obSize=\"0\" InstallTS=\"2145870353\" isSubsc=\"0\" version=\"12.0.1\" timeDiff=\"1\" oldDevice=\"\" authStatus_ts=\"0\" />"
    "Device"="yM29zbvPzMnLvrm+x8fPzce+zro="

    [HKEY_USERS\S-1-5-21-3258514260-1877139318-2177451161-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CD64448-8868-3154-BBF4-956CB9F02139}*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    "iacddjdcapgcockmfn"=hex:69,61,6f,66,63,70,6d,6d,62,65,65,67,65,67,69,6a,6a,6d,
    00,00
    "haedjajdnpipmaic"=hex:69,61,6f,66,63,70,6d,6d,62,65,65,67,65,67,69,6a,6a,6d,
    00,00

    [HKEY_USERS\S-1-5-21-3258514260-1877139318-2177451161-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{971F0959-A762-BEA5-921F-6C94D2C48CB5}*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{16cc9d24-38b2-46ae-a6eb-ffa8d2b434d3}]
    @Denied: (Full) (Everyone)
    "Model"=dword:000000b6
    "Therad"=dword:0000001e
    "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
    38,95,44,ff,25,5b,70,e9,89,02,32,28,f6,2b,65,55,21,95,a0,75,c0,90,48,62,87,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
    @Denied: (Full) (Everyone)
    "scansk"=hex(0):ca,a5,c8,17,12,eb,15,8b,be,fb,90,9a,cb,9f,d0,cd,ee,13,81,7e,3e,
    eb,aa,33,be,d9,af,6b,0c,90,63,71,d2,8c,bc,ed,00,eb,8d,5a,00,00,00,00,00,00,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
    @Denied: (Full) (Everyone)
    "scansk"=hex(0):55,8f,07,fa,7e,02,2d,48,35,be,d1,36,61,2d,30,b7,0f,cd,98,a5,96,
    23,2d,93,d8,62,20,b2,c0,e5,a0,31,79,51,14,d7,82,53,18,53,00,00,00,00,00,00,\

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{a8730b3f-0a95-46fb-a502-751a3c83888a}]
    @Denied: (Full) (Everyone)
    "Model"=dword:00000115
    "Therad"=dword:00000015
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(1132)
    c:\program files\SUPERAntiSpyware\SASWINLO.dll

    - - - - - - - > 'explorer.exe'(2876)
    c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectShellExtension.dll
    c:\program files\Vpskeys\VPSKM32.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    Completion time: 2010-05-24 17:49:34
    ComboFix-quarantined-files.txt 2010-05-24 15:49

    Pre-Run: 5'655'863'296 bytes free
    Post-Run: 5'615'493'120 bytes free

    WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptOut

    - - End Of File - - 88C3D55A06E8A2CCF095607E22C94170


    ====================================================================================================================


    GMER 1.0.15.15281 - http://www.gmer.net
    Rootkit scan 2010-05-25 07:29:23
    Windows 5.1.2600 Service Pack 3
    Running: yn0pey0h.exe; Driver: C:\DOCUME~1\Hung\LOCALS~1\Temp\pflirpow.sys


    ---- System - GMER 1.0.15 ----

    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwAllocateVirtualMemory [0xB15BB884]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwAssignProcessToJobObject [0xB15BBBF0]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwConnectPort [0xB15BCDA0]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateFile [0xB15BC5B6]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateKey [0xB15BD20A]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateProcess [0xB15BBD3A]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateProcessEx [0xB15BBDBC]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateSection [0xB15BC3DA]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateThread [0xB15BB486]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwDeviceIoControlFile [0xB15BD30A]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwDuplicateObject [0xB15BF9F4]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwFsControlFile [0xB15BD44E]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwLoadDriver [0xB15BDD92]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwOpenFile [0xB15BC4CA]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwOpenProcess [0xB15BF746]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwOpenSection [0xB15BC2FA]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwOpenThread [0xB15BF874]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwProtectVirtualMemory [0xB15BB782]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwQueueApcThread [0xB15BBC92]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwRequestPort [0xB15BCE30]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwRequestWaitReplyPort [0xB15BCBEC]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSecureConnectPort [0xB15BCFBA]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSetContextThread [0xB15BB576]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSetSystemInformation [0xB15BB988]
    SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xBA0F8BFE]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSuspendProcess [0xB15BB6E4]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSuspendThread [0xB15BB646]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSystemDebugControl [0xB15BBB4E]
    SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xB6CF9950]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwTerminateThread [0xB15BFB02]
    SSDT \??\C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwWriteVirtualMemory [0xB15BB384]

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!ZwCallbackReturn + 2CE0 8050457C 2 Bytes [F4, F9] {HLT ; STC }
    .text ntkrnlpa.exe!ZwCallbackReturn + 2DF4 80504690 2 Bytes [82, B7]
    .text ntkrnlpa.exe!ZwCallbackReturn + 2FC4 80504860 12 Bytes [E4, B6, 5B, B1, 46, B6, 5B, ...]
    .text ntkrnlpa.exe!ZwCallbackReturn + 3024 805048C0 2 Bytes [84, B3]
    init C:\WINDOWS\system32\drivers\sigfilt.sys entry point in "init" section [0xB7137F80]

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\USER32.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHLWAPI.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6113A3BF] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [61138FE2] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [61138F66] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [61138FA4] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6113A3BF] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [611390DD] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [61138FA4] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [61138FE2] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [611390A5] C:\Program Files\Yahoo!\Messenger\yui.dll
    IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3320] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [61138F66] C:\Program Files\Yahoo!\Messenger\yui.dll

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
    AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume5 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume6 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
    AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

    Device \FileSystem\Fastfat \Fat B0A8CD20

    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SOFTWARE\Classes\CLSID\{16cc9d24-38b2-46ae-a6eb-ffa8d2b434d3}@Model 182
    Reg HKLM\SOFTWARE\Classes\CLSID\{16cc9d24-38b2-46ae-a6eb-ffa8d2b434d3}@Therad 30
    Reg HKLM\SOFTWARE\Classes\CLSID\{16cc9d24-38b2-46ae-a6eb-ffa8d2b434d3}@MData 0x2B 0x8F 0x78 0x29 ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}@scansk 0xCA 0xA5 0xC8 0x17 ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}@scansk 0x55 0x8F 0x07 0xFA ...
    Reg HKLM\SOFTWARE\Classes\CLSID\{a8730b3f-0a95-46fb-a502-751a3c83888a}@Model 277
    Reg HKLM\SOFTWARE\Classes\CLSID\{a8730b3f-0a95-46fb-a502-751a3c83888a}@Therad 21
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CD64448-8868-3154-BBF4-956CB9F02139}
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CD64448-8868-3154-BBF4-956CB9F02139}@iacddjdcapgcockmfn 0x69 0x61 0x6F 0x66 ...
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6CD64448-8868-3154-BBF4-956CB9F02139}@haedjajdnpipmaic 0x69 0x61 0x6F 0x66 ...
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{971F0959-A762-BEA5-921F-6C94D2C48CB5}

    ---- EOF - GMER 1.0.15 ----

    m
    0
    l
    26 Mai 2010 21:19:02

    Salut Sham_Rock,

    Malheureusement, malgre plusieurs essais de ma part, le scan en ligne avec Kaspersky ne peut pas se faire.
    Vu le debit de mon internet, j'ai un timeout lors de l'excution de la phase Database Update (0 (Error : Update Timeout).

    Autre suggestion ?
    m
    0
    l
    29 Mai 2010 08:51:11

    Salut Sham_Rock,

    Malheureusement, j'ai le meme probleme qu'avec Tutorial ESET Online Scanner. Malgre plusieurs essais de ma part, le PC est raide avec la session Internet.

    J'ai un 2eme PC en Wi-Fi. Le debit est tres lent (mais moins lent que celui-ci).
    Je peux essayer toujours de downloader avec puis de le transferer apres.

    Merci de ton aide,
    m
    0
    l
    30 Mai 2010 21:13:49

    Salut Sham_Rock,

    J'ai du te renvoyer le rapport suivant car le premier n'est pas bien transmis a midi.

    Merci de ton aide,


    10:52:50:062 3800 TDSS rootkit removing tool 2.3.1.0 May 25 2010 12:52:14
    10:52:50:062 3800 ================================================================================
    10:52:50:062 3800 SystemInfo:

    10:52:50:062 3800 OS Version: 5.1.2600 ServicePack: 3.0
    10:52:50:062 3800 Product type: Workstation
    10:52:50:062 3800 ComputerName: KHATU2005
    10:52:50:062 3800 UserName: Hung
    10:52:50:062 3800 Windows directory: C:\WINDOWS
    10:52:50:062 3800 Processor architecture: Intel x86
    10:52:50:062 3800 Number of processors: 2
    10:52:50:062 3800 Page size: 0x1000
    10:52:50:062 3800 Boot type: Normal boot
    10:52:50:062 3800 ================================================================================
    10:52:50:375 3800 Initialize success
    10:52:50:375 3800
    10:52:50:375 3800 Scanning Services ...
    10:52:50:750 3800 Raw services enum returned 421 services
    10:52:50:765 3800
    10:52:50:765 3800 Scanning Drivers ...
    10:52:51:234 3800 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys
    10:52:51:250 3800 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys
    10:52:51:296 3800 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
    10:52:51:343 3800 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    10:52:51:390 3800 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    10:52:51:421 3800 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
    10:52:51:468 3800 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    10:52:51:500 3800 AegisP (2c5c22990156a1063e19ad162191dc1d) C:\WINDOWS\system32\DRIVERS\AegisP.sys
    10:52:51:531 3800 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
    10:52:51:593 3800 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
    10:52:51:625 3800 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
    10:52:51:640 3800 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
    10:52:51:687 3800 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
    10:52:51:703 3800 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
    10:52:51:750 3800 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
    10:52:51:796 3800 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
    10:52:51:812 3800 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
    10:52:51:828 3800 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
    10:52:51:859 3800 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
    10:52:51:875 3800 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
    10:52:51:890 3800 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
    10:52:51:937 3800 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    10:52:51:968 3800 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    10:52:52:062 3800 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
    10:52:52:109 3800 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    10:52:52:125 3800 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    10:52:52:171 3800 bdfm (67c2a47db7190673350a3f9f5a1507cb) C:\WINDOWS\system32\drivers\bdfm.sys
    10:52:52:218 3800 Bdfndisf (b0c893050917dd8f3492ed029224b927) C:\WINDOWS\system32\DRIVERS\bdfndisf.sys
    10:52:52:234 3800 bdfsfltr (9b281f5f673cbc5b9ec886d59e0b4f26) C:\WINDOWS\system32\drivers\bdfsfltr.sys
    10:52:52:296 3800 bdftdif (bf1088ece2236621aa31d9108afcc53c) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys
    10:52:52:359 3800 BDSelfPr (aa5a7f6c60d921698f325293023e12db) C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys
    10:52:52:375 3800 BDVEDISK (33392317fe8ab70b46c013d8af8fe119) C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys
    10:52:52:453 3800 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    10:52:52:500 3800 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
    10:52:52:500 3800 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    10:52:52:546 3800 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    10:52:52:562 3800 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
    10:52:52:593 3800 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    10:52:52:640 3800 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    10:52:52:656 3800 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    10:52:52:687 3800 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
    10:52:52:718 3800 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
    10:52:52:765 3800 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
    10:52:52:765 3800 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys
    10:52:52:796 3800 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
    10:52:52:843 3800 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
    10:52:52:875 3800 DDPlayCam (0a3c810bf58f70f6b42bb8646ee16636) C:\WINDOWS\system32\DRIVERS\DDPlayCam.sys
    10:52:52:937 3800 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    10:52:52:984 3800 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
    10:52:53:000 3800 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
    10:52:53:015 3800 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS
    10:52:53:046 3800 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
    10:52:53:062 3800 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
    10:52:53:078 3800 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
    10:52:53:125 3800 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
    10:52:53:140 3800 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
    10:52:53:171 3800 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
    10:52:53:218 3800 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    10:52:53:265 3800 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    10:52:53:281 3800 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    10:52:53:312 3800 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    10:52:53:359 3800 DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\WINDOWS\system32\DNINDIS5.SYS
    10:52:53:421 3800 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
    10:52:53:468 3800 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    10:52:53:500 3800 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
    10:52:53:515 3800 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
    10:52:53:546 3800 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
    10:52:53:593 3800 ElbyCDIO (aaa8999a169e39fb8b48ae49cd6ac30a) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
    10:52:53:609 3800 ElbyDelay (e205c313417da6fa7afe85912a310a65) C:\WINDOWS\system32\Drivers\ElbyDelay.sys
    10:52:53:656 3800 ezplay (73e701e0fa4d2fc7d22efceff276c50a) C:\WINDOWS\system32\Drivers\ezplay.sys
    10:52:53:703 3800 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    10:52:53:765 3800 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    10:52:53:812 3800 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    10:52:53:843 3800 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    10:52:53:890 3800 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    10:52:53:968 3800 FolderProtectDriver (170155f56fae39419887e14b32ec1086) C:\Program Files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectDriver.sys
    10:52:54:000 3800 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    10:52:54:031 3800 FTDIBUS (8672947aeec467dc5907ba024baf06ef) C:\WINDOWS\system32\drivers\ftdibus.sys
    10:52:54:046 3800 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    10:52:54:062 3800 FTLUND (e51ec9d232494c0713e0a0938dd9c893) C:\WINDOWS\system32\drivers\ftlund.sys
    10:52:54:078 3800 FTSER2K (1baea6f4a629abcbd87267c2c732c982) C:\WINDOWS\system32\drivers\ftser2k.sys
    10:52:54:109 3800 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
    10:52:54:156 3800 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    10:52:54:203 3800 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    10:52:54:234 3800 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    10:52:54:281 3800 hotcore3 (aa045211f03a2be9bfb16f77ca92769e) C:\WINDOWS\system32\DRIVERS\hotcore3.sys
    10:52:54:296 3800 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
    10:52:54:359 3800 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
    10:52:54:375 3800 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
    10:52:54:421 3800 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
    10:52:54:484 3800 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    10:52:54:515 3800 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
    10:52:54:546 3800 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
    10:52:54:562 3800 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    10:52:54:640 3800 ialm (5a8e05f1d5c36abd58cffa111eb325ea) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
    10:52:54:703 3800 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    10:52:54:718 3800 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
    10:52:54:765 3800 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
    10:52:54:796 3800 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    10:52:54:828 3800 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    10:52:54:843 3800 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    10:52:54:890 3800 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    10:52:54:921 3800 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    10:52:54:937 3800 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    10:52:54:953 3800 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    10:52:54:968 3800 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    10:52:55:000 3800 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    10:52:55:046 3800 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    10:52:55:062 3800 klmd23 (0b06b0a25e08df0d536402bce3bde61e) C:\WINDOWS\system32\drivers\klmd.sys
    10:52:55:109 3800 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    10:52:55:140 3800 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    10:52:55:187 3800 Lbd (713cd5267abfb86fe90a72e384e82a38) C:\WINDOWS\system32\DRIVERS\Lbd.sys
    10:52:55:234 3800 LCcfltr (691d50cf54be2013659925d3ff953dc2) C:\WINDOWS\system32\Drivers\LCcFltr.Sys
    10:52:55:281 3800 LHidFlt2 (03976c309ede05d39017c05b817cd94f) C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
    10:52:55:328 3800 LHidUsb (25688115843c4028686a96d88bc28007) C:\WINDOWS\system32\Drivers\LHidUsb.Sys
    10:52:55:343 3800 LMouFlt2 (26407519fca64ec4091fe1f815b4afc4) C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
    10:52:55:359 3800 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    10:52:55:390 3800 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    10:52:55:437 3800 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    10:52:55:468 3800 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    10:52:55:500 3800 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    10:52:55:515 3800 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
    10:52:55:531 3800 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    10:52:55:578 3800 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    10:52:55:625 3800 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    10:52:55:656 3800 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    10:52:55:671 3800 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    10:52:55:687 3800 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    10:52:55:734 3800 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    10:52:55:765 3800 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    10:52:55:796 3800 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
    10:52:55:812 3800 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    10:52:55:843 3800 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    10:52:55:875 3800 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    10:52:55:953 3800 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    10:52:55:968 3800 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    10:52:55:984 3800 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    10:52:56:031 3800 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
    10:52:56:078 3800 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    10:52:56:125 3800 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    10:52:56:187 3800 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    10:52:56:296 3800 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    10:52:56:312 3800 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    10:52:56:375 3800 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    10:52:56:453 3800 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    10:52:56:468 3800 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    10:52:56:500 3800 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
    10:52:56:546 3800 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    10:52:56:562 3800 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    10:52:56:656 3800 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    10:52:56:703 3800 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
    10:52:56:734 3800 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    10:52:56:750 3800 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    10:52:56:781 3800 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
    10:52:56:843 3800 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
    10:52:56:921 3800 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
    10:52:56:937 3800 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
    10:52:56:984 3800 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    10:52:57:031 3800 PQNTDrv (04f3971b70a7855f04d351aa4bee7799) C:\WINDOWS\system32\drivers\PQNTDrv.sys
    10:52:57:125 3800 Profos (d90a33660d328a9f587580f0b38c85de) C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys
    10:52:57:187 3800 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    10:52:57:203 3800 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    10:52:57:234 3800 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    10:52:57:265 3800 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
    10:52:57:296 3800 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
    10:52:57:328 3800 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
    10:52:57:359 3800 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
    10:52:57:406 3800 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
    10:52:57:453 3800 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    10:52:57:484 3800 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    10:52:57:500 3800 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    10:52:57:515 3800 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    10:52:57:562 3800 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    10:52:57:593 3800 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    10:52:57:640 3800 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    10:52:57:687 3800 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
    10:52:57:718 3800 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    10:52:57:781 3800 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    10:52:57:781 3800 SASKUTIL (4fd72291a89793049104ca0a7e353cd4) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    10:52:57:859 3800 SCDEmu (23aa53256ce05b975398b78a33474265) C:\WINDOWS\system32\drivers\SCDEmu.sys
    10:52:57:906 3800 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    10:52:57:953 3800 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
    10:52:58:000 3800 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    10:52:58:031 3800 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
    10:52:58:046 3800 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    10:52:58:109 3800 sigfilt (6bd3976b881888ac9a0ed3eb94e7fd38) C:\WINDOWS\system32\drivers\sigfilt.sys
    10:52:58:171 3800 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
    10:52:58:203 3800 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    10:52:58:906 3800 SNPSTD3 (7bad0c53b3268226188f52702277a289) C:\WINDOWS\system32\DRIVERS\snpstd3.sys
    10:52:59:140 3800 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
    10:52:59:187 3800 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    10:52:59:250 3800 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    10:52:59:296 3800 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys
    10:52:59:343 3800 STHDA (b95480c92c4c9c311be47b8a1ad73770) C:\WINDOWS\system32\drivers\sthda.sys
    10:52:59:390 3800 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    10:52:59:406 3800 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    10:52:59:421 3800 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    10:52:59:453 3800 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
    10:52:59:484 3800 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
    10:52:59:515 3800 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
    10:52:59:546 3800 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
    10:52:59:593 3800 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    10:52:59:656 3800 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    10:52:59:734 3800 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
    10:52:59:796 3800 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    10:52:59:812 3800 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    10:52:59:875 3800 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    10:52:59:906 3800 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
    10:53:00:000 3800 Trufos (b16d66a71de03285e14e9f165b59eda4) C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys
    10:53:00:031 3800 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
    10:53:00:078 3800 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    10:53:00:109 3800 UimBus (c0b8d187f4d819822179553e04bc9144) C:\WINDOWS\system32\DRIVERS\UimBus.sys
    10:53:00:140 3800 Uim_IM (17f0587b04a80bca09de5984170b2853) C:\WINDOWS\system32\Drivers\Uim_IM.sys
    10:53:00:171 3800 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
    10:53:00:234 3800 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    10:53:00:296 3800 USBAAPL (c1ca131f4e3ed63d6bc89a35ffad4cda) C:\WINDOWS\system32\Drivers\usbaapl.sys
    10:53:00:343 3800 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    10:53:00:359 3800 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    10:53:00:406 3800 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    10:53:00:468 3800 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    10:53:00:484 3800 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    10:53:00:500 3800 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    10:53:00:531 3800 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    10:53:00:562 3800 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
    10:53:00:578 3800 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    10:53:00:609 3800 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
    10:53:00:640 3800 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
    10:53:00:656 3800 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    10:53:00:671 3800 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    10:53:00:718 3800 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
    10:53:00:765 3800 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
    10:53:00:812 3800 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    10:53:00:843 3800 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    10:53:00:890 3800 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    10:53:00:906 3800 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    10:53:00:906 3800
    10:53:00:906 3800 Completed
    10:53:00:906 3800
    10:53:00:906 3800 Results:
    10:53:00:906 3800 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
    10:53:00:906 3800 File objects infected / cured / cured on reboot: 0 / 0 / 0
    10:53:00:921 3800
    10:53:00:921 3800 KLMD(ARK) unloaded successfully


    m
    0
    l

    Meilleure solution

    31 Mai 2010 21:10:36

    re
    Citation :
    J'ai un 2eme PC en Wi-Fi. Le debit est tres lent (mais moins lent que celui-ci).
    Je peux essayer toujours de downloader avec puis de le transferer apres.

    J'ai tiqué sur ça... (mais je voulais vérifier avant)
    crée un topic ici:
    Section Internet & Réseaux
    Sujet: lenteur internet
    Dis dedans que ce n'est probablement pas un virus.
    tiens-moi au jus.
    partage
    3 Juin 2010 11:55:41

    Salut Sham_Rock,

    Effectivement, c'etait un probleme de hardware.
    J'ai essaye de remplacer le modem Zyxel et le routeur Netgear par un routeur D-Link DSL-G664T et l'acces a Internet est a nouveau correct (~ 4000 kbps).

    Je t' en remercie beaucoup de ton aide et de ta patience.
    m
    0
    l
    5 Juin 2010 18:25:53

    re
    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!


    ~Edite ton premier message et marque [résolu] dans le titre.
    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 

    m
    0
    l
    12 Juin 2010 12:02:12

    Meilleure réponse sélectionnée par KhaTu2005.
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS