Sujet Précédent Sujet Suivant

Mon Pc est infecté de virus

knostra Messages postés 171 Statut Membre -  
moment de grace Messages postés 30049 Statut Contributeur sécurité -
Bonjour,

Comme indiqué sur cette page : https://www.commentcamarche.net/faq/2490-supprimer-les-adwares-publicites-intempestives-pop-up-etc

j'ai téléchargé Random's System Information Tool (RSIT) et suivie les instruction je vous poste donc les deux fichier qui ont été généré, en espérant que vous pourrez m'aider ;)

Ah oui je pense être infecté car j'ai 50 mille pop-up qui s'ouvre toutes les 30 secondes quand je navigue sur internet.

voici le fichier log.txt 
Logfile of random's system information tool 1.06 (written by random/random)
Run by beatrice at 2010-01-15 17:50:42
Microsoft® Windows Vista™ Édition Familiale Premium  Service Pack 2
System drive C: has 7 GB (3%) free of 229 GB
Total RAM: 3069 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:51:58, on 15/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Users\beatrice\AppData\Local\qknhkehc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Search Guard PlusU\sgpupdaters.exe
C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Users\beatrice\Desktop\desinfection\RSIT.exe
C:\Program Files\trend micro\beatrice.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www8.hp.com/fr/fr/home.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.hugedomains.com/domain_profile.cfm?d=duxet&e=com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll (file missing)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [oozeaxis] "C:\ProgramData\Move Byte Byte.aivhmn4"
O4 - HKCU\..\Run: [Google Update] "C:\Users\beatrice\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [qknhkehc] "c:\users\beatrice\appdata\local\qknhkehc.exe" qknhkehc
O4 - HKCU\..\Run: [AdobeUpdater6] "C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_9a642328\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_9a642328\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 11927 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-987366186-1126316390-497482987-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-987366186-1126316390-497482987-1000UA.job
C:\Windows\tasks\HPCeeScheduleForbeatrice.job
C:\Windows\tasks\RegCure Program Check.job
C:\Windows\tasks\RegCure.job
C:\Windows\tasks\User_Feed_Synchronization-{E6443B5F-FC79-4622-9000-749D11B0DB42}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 113512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
BrowserHelper Class - C:\Program Files\SGPSA\SearchAssistant.dll [2009-10-15 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}]
GamesBarBHO Class - C:\Program Files\GamesBar\oberontb.dll [2008-01-06 540672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-13 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
Fast Browser Search Toolbar Helper - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll [2009-08-13 2602368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{6F282B65-56BF-4BD1-A8B2-A4449A05863D} - GamesBar - C:\Program Files\GamesBar\oberontb.dll [2008-01-06 540672]
{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - Fast Browser Search Toolbar - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll [2009-08-13 2602368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NWEReboot"= []
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-04-15 442433]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"FBSSA"=C:\Program Files\SGPSA\ie3sh.exe [2009-08-27 765824]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe -autorun []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"oozeaxis"=C:\ProgramData\Move Byte Byte.aivhmn4 [2009-12-21 28688]
"Google Update"=C:\Users\beatrice\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-01 135664]
"qknhkehc"=c:\users\beatrice\appdata\local\qknhkehc.exe [2010-01-15 364544]
"AdobeUpdater6"=C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe [2009-01-08 2521464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-09-23 520024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files\Common Files\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]
C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-08-05 647520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-08-22 2363392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Long Internet Team Stupid]
C:\ProgramData\Settings Bait Bird.vdfer1 [2009-02-09 315408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\oozeaxis]
C:\ProgramData\Move Byte Byte.k48u1qf []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-13 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray.exe [2008-04-15 442433]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uqmokgm]
c:\users\beatrice\appdata\local\uqmokgm.exe uqmokgm []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2006-12-05 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^beatrice^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk]
C:\Users\beatrice\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-04-13 135680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^beatrice^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-09-12 384000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogoff"=0
"NoClose"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1e413f9b-d3fa-11dd-a17d-001eec84c788}]
shell\AutoRun\command - F:\AutoRunCardDetector.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6f546ffb-81ae-11dd-8201-806e6f6e6963}]
shell\AutoRun\command - E:\setup.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2010-01-15 17:35:24 ----D---- C:\rsit
2010-01-15 17:35:24 ----D---- C:\Program Files\trend micro
2010-01-13 08:35:56 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 08:35:56 ----A---- C:\Windows\system32\fontsub.dll
2010-01-12 09:54:19 ----D---- C:\ProgramData\HideAndSecret3
2010-01-08 07:01:18 ----D---- C:\Users\beatrice\AppData\Roaming\iMaxGen
2010-01-06 14:28:03 ----D---- C:\ProgramData\PlayfulAge
2010-01-05 20:17:14 ----D---- C:\Users\beatrice\AppData\Roaming\casanova
2010-01-04 20:35:53 ----D---- C:\ProgramData\SOS
2009-12-30 15:10:53 ----D---- C:\Users\beatrice\AppData\Roaming\ElementalsTheMagicKey
2009-12-30 14:33:14 ----D---- C:\Windows\system32\AGEIA
2009-12-30 14:33:14 ----D---- C:\Program Files\AGEIA Technologies
2009-12-30 14:32:56 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-12-26 17:25:14 ----D---- C:\Users\beatrice\AppData\Roaming\Big Fish Games
2009-12-23 16:51:03 ----D---- C:\Users\beatrice\AppData\Roaming\EscapeTheMuseum2
2009-12-22 01:24:00 ----A---- C:\Windows\ntbtlog.txt
2009-12-18 19:24:29 ----D---- C:\Users\beatrice\AppData\Roaming\Gamers Digital
2009-12-18 19:24:29 ----D---- C:\ProgramData\Gamers Digital
2009-12-18 15:52:22 ----D---- C:\Users\beatrice\AppData\Roaming\GTM_Bodie
2009-12-18 08:15:15 ----D---- C:\Users\beatrice\AppData\Roaming\GOA
2009-12-18 08:15:15 ----D---- C:\ProgramData\GOA
2009-12-17 19:02:06 ----D---- C:\Users\beatrice\AppData\Roaming\MastersOfMystery2
2009-12-16 15:19:20 ----D---- C:\Users\beatrice\AppData\Roaming\Awem
2009-12-11 09:58:27 ----D---- C:\Users\beatrice\AppData\Roaming\V-Games
2009-12-10 13:01:17 ----D---- C:\ProgramData\Windows Genuine Advantage
2009-12-10 08:02:04 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-10 08:01:58 ----A---- C:\Windows\system32\httpapi.dll
2009-12-09 17:09:08 ----A---- C:\Windows\system32\winhttp.dll
2009-12-09 17:08:56 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 17:08:55 ----A---- C:\Windows\system32\ieframe.dll
2009-12-09 17:08:54 ----A---- C:\Windows\system32\iertutil.dll
2009-12-09 17:08:53 ----A---- C:\Windows\system32\wininet.dll
2009-12-09 17:08:53 ----A---- C:\Windows\system32\urlmon.dll
2009-12-09 17:08:52 ----A---- C:\Windows\system32\occache.dll
2009-12-09 17:08:52 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-09 17:08:52 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-09 17:08:51 ----A---- C:\Windows\system32\ieui.dll
2009-12-09 17:08:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-09 17:08:50 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-09 17:08:50 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-09 17:08:50 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-09 17:08:50 ----A---- C:\Windows\system32\iepeers.dll
2009-12-09 17:08:50 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-09 17:08:49 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-09 17:08:49 ----A---- C:\Windows\system32\iesetup.dll
2009-12-09 17:08:49 ----A---- C:\Windows\system32\iernonce.dll
2009-12-09 17:07:17 ----A---- C:\Windows\system32\rastls.dll
2009-11-29 11:17:43 ----D---- C:\Users\beatrice\AppData\Roaming\SaveThePuppy
2009-11-26 07:40:28 ----D---- C:\ProgramData\FarmFrenzy3
2009-11-26 03:03:30 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 19:53:56 ----D---- C:\Users\beatrice\AppData\Roaming\runic games
2009-11-25 15:45:10 ----D---- C:\Users\beatrice\AppData\Roaming\World-LooM
2009-11-25 07:28:25 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 07:28:24 ----A---- C:\Windows\system32\msxml3.dll
2009-11-18 06:14:02 ----D---- C:\Program Files\Windows Portable Devices
2009-11-18 05:46:20 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-18 05:46:19 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-18 05:46:19 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-18 05:45:29 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-18 05:45:24 ----A---- C:\Windows\system32\cdd.dll
2009-11-18 05:45:21 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-18 05:45:21 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-18 05:45:21 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-18 05:45:21 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-18 05:45:21 ----A---- C:\Windows\system32\d2d1.dll
2009-11-18 05:45:20 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-18 05:45:20 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-18 05:45:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-18 05:45:20 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-18 05:45:20 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-18 05:45:20 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-18 05:45:20 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-18 05:45:19 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-18 05:45:19 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-18 05:45:19 ----A---- C:\Windows\system32\FntCache.dll
2009-11-18 05:45:19 ----A---- C:\Windows\system32\dxgi.dll
2009-11-18 05:45:19 ----A---- C:\Windows\system32\DWrite.dll
2009-11-18 05:45:19 ----A---- C:\Windows\system32\d3d11.dll
2009-11-18 05:45:19 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-18 05:45:19 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-18 05:45:19 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-18 05:45:18 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-18 05:45:18 ----A---- C:\Windows\system32\d3d10.dll
2009-11-18 05:44:46 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-18 05:44:46 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-18 05:44:46 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-18 05:44:40 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-18 05:44:35 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-18 05:44:35 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-18 05:44:34 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-18 05:44:34 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-18 05:44:34 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-18 05:44:34 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-18 05:44:34 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-18 05:44:34 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-18 05:44:34 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-18 05:44:34 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-18 05:44:34 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-18 05:42:10 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-18 05:42:09 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-18 05:42:09 ----A---- C:\Windows\system32\oleacc.dll
2009-11-15 11:44:41 ----D---- C:\Users\beatrice\AppData\Roaming\Thunderbird
2009-11-11 19:31:34 ----D---- C:\ProgramData\IM
2009-11-11 19:31:30 ----D---- C:\ProgramData\IncrediMail
2009-11-11 12:08:49 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-09 07:50:15 ----D---- C:\Program Files\Securitoo
2009-11-07 22:43:14 ----D---- C:\Users\beatrice\AppData\Roaming\GTek
2009-11-07 08:18:59 ----D---- C:\Users\beatrice\AppData\Roaming\Hoyle FaceCreator
2009-11-07 08:18:57 ----D---- C:\Users\beatrice\AppData\Roaming\Hoyle Casino
2009-11-07 08:17:30 ----D---- C:\ProgramData\Sony Online Entertainment
2009-11-06 19:34:40 ----D---- C:\ProgramData\Fugazo
2009-11-03 09:59:05 ----D---- C:\Program Files\iPod
2009-11-03 09:58:55 ----D---- C:\Program Files\iTunes
2009-11-01 10:07:51 ----D---- C:\ProgramData\SugarGames
2009-10-31 16:50:08 ----D---- C:\Users\beatrice\AppData\Roaming\Go Go Gourmet
2009-10-31 09:13:52 ----D---- C:\Program Files\Search Guard PlusU
2009-10-31 09:13:52 ----D---- C:\Program Files\Search Guard Plus
2009-10-31 09:13:50 ----D---- C:\Program Files\SGPSA
2009-10-31 09:13:39 ----D---- C:\Program Files\Fast Browser Search
2009-10-30 07:53:45 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-10-30 07:53:45 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-10-30 07:53:44 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-10-30 07:53:44 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-10-30 07:53:44 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-10-30 07:53:44 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-10-30 07:53:44 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-10-30 07:53:43 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-10-30 07:53:43 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-10-30 07:53:43 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-10-30 07:53:43 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-10-30 07:53:43 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-10-30 07:53:42 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-10-30 07:53:42 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-10-30 07:53:42 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-10-30 07:53:42 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-10-30 07:53:41 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-10-30 07:53:41 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-10-30 07:53:41 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-10-30 07:53:40 ----A---- C:\Windows\system32\XAudio2_1.dll
2009-10-30 07:53:40 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2009-10-30 07:53:40 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-10-30 07:53:37 ----A---- C:\Windows\system32\xactengine3_1.dll
2009-10-30 07:53:37 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2009-10-30 07:53:37 ----A---- C:\Windows\system32\d3dx10_38.dll
2009-10-30 07:53:37 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2009-10-30 07:53:34 ----A---- C:\Windows\system32\D3DX9_38.dll
2009-10-30 07:53:33 ----A---- C:\Windows\system32\XAudio2_0.dll
2009-10-30 07:53:33 ----A---- C:\Windows\system32\xactengine3_0.dll
2009-10-30 07:53:33 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2009-10-30 07:53:33 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-10-30 07:53:33 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-10-30 07:53:32 ----A---- C:\Windows\system32\xactengine2_10.dll
2009-10-30 07:53:32 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-10-30 07:53:32 ----A---- C:\Windows\system32\d3dx10_36.dll
2009-10-30 07:53:31 ----A---- C:\Windows\system32\d3dx9_36.dll
2009-10-30 07:53:31 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2009-10-30 07:53:30 ----A---- C:\Windows\system32\d3dx10_35.dll
2009-10-30 07:53:30 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2009-10-30 07:53:29 ----A---- C:\Windows\system32\xactengine2_8.dll
2009-10-30 07:53:29 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2009-10-30 07:53:29 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-10-30 07:53:29 ----A---- C:\Windows\system32\d3dx10_34.dll
2009-10-30 07:53:28 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2009-10-30 07:53:27 ----A---- C:\Windows\system32\xinput1_3.dll
2009-10-30 07:53:27 ----A---- C:\Windows\system32\d3dx9_34.dll
2009-10-30 07:53:26 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-10-30 07:53:26 ----A---- C:\Windows\system32\d3dx10_33.dll
2009-10-30 07:53:26 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2009-10-30 07:53:25 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-10-30 07:53:24 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-10-30 07:53:24 ----A---- C:\Windows\system32\d3dx10.dll
2009-10-30 07:53:23 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-10-30 07:53:23 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-10-30 07:53:22 ----A---- C:\Windows\system32\xinput1_2.dll
2009-10-30 07:53:22 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-10-30 07:53:22 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-10-30 07:53:21 ----A---- C:\Windows\system32\xinput1_1.dll
2009-10-30 07:53:21 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-10-30 07:53:21 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-10-30 07:52:55 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-10-30 07:52:54 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-10-30 07:52:54 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-10-30 07:52:54 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-10-30 07:52:51 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-10-30 07:52:49 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-10-30 07:52:48 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-10-30 07:52:48 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-10-30 07:52:47 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-10-28 10:51:56 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 10:51:52 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 10:51:49 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-27 17:35:25 ----D---- C:\ProgramData\Rumbic Studio
2009-10-26 20:00:39 ----A---- C:\Windows\system32\wups2.dll
2009-10-26 20:00:39 ----A---- C:\Windows\system32\wucltux.dll
2009-10-26 20:00:39 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-26 20:00:38 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-26 19:59:51 ----A---- C:\Windows\system32\wups.dll
2009-10-26 19:59:51 ----A---- C:\Windows\system32\wudriver.dll
2009-10-26 19:59:50 ----A---- C:\Windows\system32\wuapi.dll
2009-10-26 19:59:42 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-26 19:59:42 ----A---- C:\Windows\system32\wuapp.exe
2009-10-20 12:16:05 ----D---- C:\Users\beatrice\AppData\Roaming\Home Sweet Home Christmas
2009-10-20 11:54:50 ----D---- C:\ProgramData\Beanbag Studios
2009-10-19 19:47:56 ----D---- C:\Windows Sidebar
2009-10-18 10:38:58 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-10-18 09:30:55 ----D---- C:\Users\beatrice\AppData\Roaming\Fabulous Finds
2009-10-17 07:54:08 ----D---- C:\ProgramData\GameXzone
2009-10-16 09:31:47 ----D---- C:\ProgramData\Becky Brogan
2009-10-16 07:52:43 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-16 07:52:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-16 07:52:27 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-16 07:50:19 ----A---- C:\Windows\system32\msasn1.dll
2009-10-16 07:50:05 ----A---- C:\Windows\system32\WMSPDMOD.DLL

======List of files/folders modified in the last 3 months======

2010-01-15 17:51:33 ----D---- C:\Windows\Temp
2010-01-15 17:51:15 ----D---- C:\Windows\Prefetch
2010-01-15 17:35:24 ----D---- C:\Program Files
2010-01-15 17:10:22 ----D---- C:\Program Files\Mozilla Firefox
2010-01-15 17:06:01 ----D---- C:\Windows
2010-01-15 07:28:28 ----SHD---- C:\System Volume Information
2010-01-15 07:23:55 ----D---- C:\Windows\tracing
2010-01-14 08:12:42 ----D---- C:\Windows\winsxs
2010-01-13 20:11:19 ----D---- C:\Windows\System32
2010-01-13 20:11:12 ----SHD---- C:\Windows\Installer
2010-01-13 20:11:11 ----D---- C:\ProgramData\Microsoft Help
2010-01-13 20:10:32 ----D---- C:\Windows\system32\catroot
2010-01-13 20:10:25 ----D---- C:\Program Files\Windows Mail
2010-01-13 20:03:49 ----D---- C:\Windows\Debug
2010-01-13 08:33:18 ----D---- C:\Windows\system32\catroot2
2010-01-12 15:57:13 ----D---- C:\Windows\Tasks
2010-01-12 15:57:13 ----D---- C:\Windows\system32\Tasks
2010-01-12 15:41:13 ----D---- C:\Users\beatrice\AppData\Roaming\MysteryStudio
2010-01-12 15:37:53 ----AD---- C:\ProgramData\TEMP
2010-01-12 13:33:21 ----D---- C:\ProgramData\WildTangent
2010-01-12 09:54:19 ----HD---- C:\ProgramData
2010-01-07 11:48:15 ----D---- C:\Users\beatrice\AppData\Roaming\PoBros
2010-01-07 11:48:15 ----D---- C:\ProgramData\PoBros
2010-01-07 10:24:21 ----D---- C:\Program Files\HP Games
2010-01-06 07:47:42 ----D---- C:\Users\beatrice\AppData\Roaming\Zylom
2010-01-06 07:47:42 ----D---- C:\Users\beatrice\AppData\Roaming\Identities
2010-01-05 07:45:45 ----D---- C:\Users\beatrice\AppData\Roaming\Friday's games
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
2010-01-01 12:29:10 ----D---- C:\ProgramData\MumboJumbo
2009-12-31 10:20:23 ----D---- C:\Users\beatrice\AppData\Roaming\Playrix Entertainment
2009-12-30 14:36:00 ----RSD---- C:\Windows\assembly
2009-12-30 14:32:56 ----D---- C:\Program Files\Common Files
2009-12-30 11:33:29 ----D---- C:\ProgramData\JollyBear
2009-12-27 19:09:53 ----D---- C:\Windows\inf
2009-12-27 19:09:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-21 20:39:14 ----D---- C:\ProgramData\ObjPlay
2009-12-21 20:37:30 ----D---- C:\Program Files\Circle Developement
2009-12-21 20:37:29 ----D---- C:\Program Files\Messenger Plus! Live
2009-12-19 14:03:56 ----D---- C:\Users\beatrice\AppData\Roaming\PlayFirst
2009-12-19 14:03:56 ----D---- C:\ProgramData\PlayFirst
2009-12-19 10:22:31 ----D---- C:\Users\beatrice\AppData\Roaming\Merscom
2009-12-19 10:22:31 ----D---- C:\ProgramData\Merscom
2009-12-18 17:40:10 ----D---- C:\ProgramData\Alawar Stargaze
2009-12-15 10:43:05 ----D---- C:\Program Files\Oberon Media
2009-12-14 15:22:10 ----D---- C:\Users\beatrice\AppData\Roaming\Princess Isabella
2009-12-13 14:39:37 ----D---- C:\ProgramData\MythPeople
2009-12-11 16:58:20 ----D---- C:\Windows\system32\drivers
2009-12-11 14:46:37 ----SD---- C:\Windows\Downloaded Program Files
2009-12-10 08:38:55 ----D---- C:\Windows\rescache
2009-12-10 08:20:12 ----D---- C:\Windows\system32\migration
2009-12-10 08:20:12 ----D---- C:\Program Files\Internet Explorer
2009-12-10 08:20:11 ----D---- C:\Windows\system32\fr-FR
2009-12-07 19:43:31 ----D---- C:\Users\beatrice\AppData\Roaming\LimeWire
2009-11-29 14:28:34 ----D---- C:\Users\beatrice\AppData\Roaming\WildTangentv1002
2009-11-25 19:30:55 ----D---- C:\ProgramData\PopCap Games
2009-11-25 00:54:29 ----A---- C:\Windows\system32\aswBoot.exe
2009-11-18 06:14:01 ----D---- C:\Windows\system32\wbem
2009-11-18 06:13:55 ----D---- C:\Windows\system32\zh-HK
2009-11-18 06:13:55 ----D---- C:\Windows\system32\uk-UA
2009-11-18 06:13:55 ----D---- C:\Windows\system32\sl-SI
2009-11-18 06:13:55 ----D---- C:\Windows\system32\pt-PT
2009-11-18 06:13:55 ----D---- C:\Windows\system32\pt-BR
2009-11-18 06:13:55 ----D---- C:\Windows\system32\pl-PL
2009-11-18 06:13:55 ----D---- C:\Windows\system32\nl-NL
2009-11-18 06:13:55 ----D---- C:\Windows\system32\ko-KR
2009-11-18 06:13:55 ----D---- C:\Windows\system32\it-IT
2009-11-18 06:13:55 ----D---- C:\Windows\system32\hu-HU
2009-11-18 06:13:55 ----D---- C:\Windows\system32\hr-HR
2009-11-18 06:13:55 ----D---- C:\Windows\system32\he-IL
2009-11-18 06:13:55 ----D---- C:\Windows\system32\el-GR
2009-11-18 06:13:55 ----D---- C:\Windows\system32\bg-BG
2009-11-18 06:13:54 ----D---- C:\Windows\system32\zh-TW
2009-11-18 06:13:54 ----D---- C:\Windows\system32\zh-CN
2009-11-18 06:13:54 ----D---- C:\Windows\system32\tr-TR
2009-11-18 06:13:54 ----D---- C:\Windows\system32\th-TH
2009-11-18 06:13:54 ----D---- C:\Windows\system32\sv-SE
2009-11-18 06:13:54 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-18 06:13:54 ----D---- C:\Windows\system32\sk-SK
2009-11-18 06:13:54 ----D---- C:\Windows\system32\ru-RU
2009-11-18 06:13:54 ----D---- C:\Windows\system32\ro-RO
2009-11-18 06:13:54 ----D---- C:\Windows\system32\nb-NO
2009-11-18 06:13:54 ----D---- C:\Windows\system32\lv-LV
2009-11-18 06:13:54 ----D---- C:\Windows\system32\lt-LT
2009-11-18 06:13:54 ----D---- C:\Windows\system32\ja-JP
2009-11-18 06:13:54 ----D---- C:\Windows\system32\fi-FI
2009-11-18 06:13:54 ----D---- C:\Windows\system32\et-EE
2009-11-18 06:13:54 ----D---- C:\Windows\system32\es-ES
2009-11-18 06:13:54 ----D---- C:\Windows\system32\en-US
2009-11-18 06:13:54 ----D---- C:\Windows\system32\de-DE
2009-11-18 06:13:54 ----D---- C:\Windows\system32\da-DK
2009-11-18 06:13:54 ----D---- C:\Windows\system32\cs-CZ
2009-11-18 06:13:54 ----D---- C:\Windows\system32\ar-SA
2009-11-17 09:31:14 ----D---- C:\Program Files\Safari
2009-11-15 11:44:42 ----D---- C:\Users\beatrice\AppData\Roaming\Mozilla
2009-11-15 11:10:18 ----RSD---- C:\Windows\Fonts
2009-11-14 12:46:27 ----D---- C:\ProgramData\Meridian93
2009-11-14 12:46:00 ----D---- C:\Users\beatrice\AppData\Roaming\Meridian93
2009-11-10 13:45:36 ----D---- C:\Users\beatrice\AppData\Roaming\dvdcss
2009-11-03 09:59:04 ----D---- C:\Program Files\Common Files\Apple
2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-30 07:52:57 ----D---- C:\Windows\Microsoft.NET
2009-10-29 07:45:36 ----D---- C:\Program Files\Windows Media Player
2009-10-26 12:56:09 ----D---- C:\ProgramData\Google
2009-10-26 12:56:09 ----D---- C:\Program Files\Google
2009-10-26 07:34:56 ----D---- C:\ProgramData\GamesBar
2009-10-25 15:43:09 ----D---- C:\Program Files\GamesBar
2009-10-24 17:27:53 ----D---- C:\ProgramData\NOS
2009-10-22 09:12:29 ----D---- C:\Users\beatrice\AppData\Roaming\Flood Light Games
2009-10-22 09:12:29 ----D---- C:\ProgramData\Flood Light Games
2009-10-21 08:47:04 ----D---- C:\ProgramData\Adobe
2009-10-21 08:44:58 ----D---- C:\Program Files\Common Files\Adobe
2009-10-19 19:46:50 ----D---- C:\SWSETUP
2009-10-18 10:35:48 ----DC---- C:\Windows\system32\DRVSTORE
2009-10-18 10:33:00 ----D---- C:\Program Files\Windows Live
2009-10-17 02:29:27 ----D---- C:\Windows\ehome

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R2 CdaC15BA;CdaC15BA; \??\C:\Windows\system32\drivers\CdaC15BA.SYS [2009-07-11 12464]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-05-09 3552256]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-11 84240]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-04-15 378368]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\Windows\System32\DRIVERS\ASPI32.sys [2002-07-17 84832]
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-06-13 23040]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-06-13 507904]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-06-13 30208]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2008-09-02 15352]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 GT72NDISIPXP;GT 72 IP NDIS; C:\Windows\system32\DRIVERS\Gt51Ip.sys [2007-11-13 95744]
S3 GT72UBUS;GT 72 U BUS; C:\Windows\system32\DRIVERS\gt72ubus.sys [2007-11-13 51968]
S3 GTPTSER;GT PT SER; C:\Windows\system32\DRIVERS\gtptser.sys [2007-11-13 8064]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2009-02-03 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2009-02-03 27072]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-06-13 149504]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_9a642328\aestsrv.exe [2008-02-12 73728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-05-08 671744]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [2009-07-11 54784]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-23 1028432]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-08-22 73728]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-05-14 292248]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-05-14 116112]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-08-22 361808]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_9a642328\STacSV.exe [2008-04-15 221239]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2008-09-19 69120]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 GameConsoleService;GameConsoleService; C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe [2008-08-26 242424]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-04-29 322032]

-----------------EOF-----------------


et le fichier info.txt

<code>
info.txt logfile of random's system information tool 1.06 2010-01-15 17:52:03

======Uninstall list======

-->"C:\Program Files\HP Games\18 Wheels of Steel - American Long Haul\Uninstall.exe"
-->"C:\Program Files\HP Games\7 Wonders - Treasures of Seven\Uninstall.exe"
-->"C:\Program Files\HP Games\7 Wonders II\Uninstall.exe"
-->"C:\Program Files\HP Games\7 Wonders of the Ancient World\Uninstall.exe"
-->"C:\Program Files\HP Games\Adventure Chronicles\Uninstall.exe"
-->"C:\Program Files\HP Games\Adventures of Robinson Crusoe\Uninstall.exe"
-->"C:\Program Files\HP Games\Agatha Christie - Death on the Nile\Uninstall.exe"
-->"C:\Program Files\HP Games\Agatha Christie - Peril at End House\Uninstall.exe"
-->"C:\Program Files\HP Games\Age of Castles\Uninstall.exe"
-->"C:\Program Files\HP Games\Alabama Smith in Escape from Pompeii\Uninstall.exe"
-->"C:\Program Files\HP Games\Alchemist's Apprentice\Uninstall.exe"
-->"C:\Program Files\HP Games\Alice Greenfingers 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Amazing Adventures Around the World\Uninstall.exe"
-->"C:\Program Files\HP Games\Amazing Adventures Special Edition Bundle\Uninstall.exe"
-->"C:\Program Files\HP Games\Amazing Adventures The Lost Tomb\Uninstall.exe"
-->"C:\Program Files\HP Games\Amazing Finds\Uninstall.exe"
-->"C:\Program Files\HP Games\Amelie's Cafe\Uninstall.exe"
-->"C:\Program Files\HP Games\American Girl - Mia Goes For Great\Uninstall.exe"
-->"C:\Program Files\HP Games\Annabel\Uninstall.exe"
-->"C:\Program Files\HP Games\Annie's Millions\Uninstall.exe"
-->"C:\Program Files\HP Games\Are You Smarter than a 5th Grader - Make the Grade\Uninstall.exe"
-->"C:\Program Files\HP Games\Around the World in 80 Days\Uninstall.exe"
-->"C:\Program Files\HP Games\Artist Colony\Uninstall.exe"
-->"C:\Program Files\HP Games\Ashley Jones and The Heart of Egypt\Uninstall.exe"
-->"C:\Program Files\HP Games\Ashton's Family Resort\Uninstall.exe"
-->"C:\Program Files\HP Games\Astro Avenger\Uninstall.exe"
-->"C:\Program Files\HP Games\AstroPop Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Atlantis Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Azteca\Uninstall.exe"
-->"C:\Program Files\HP Games\Babysitting Mania\Uninstall.exe"
-->"C:\Program Files\HP Games\Beach Party Craze\Uninstall.exe"
-->"C:\Program Files\HP Games\Beebo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Bejeweled Twist\Uninstall.exe"
-->"C:\Program Files\HP Games\Bejeweled\Uninstall.exe"
-->"C:\Program Files\HP Games\Big City Adventure - San Francisco\Uninstall.exe"
-->"C:\Program Files\HP Games\Big City Adventure - Sydney\Uninstall.exe"
-->"C:\Program Files\HP Games\Big Island Blends\Uninstall.exe"
-->"C:\Program Files\HP Games\BloodTies\Uninstall.exe"
-->"C:\Program Files\HP Games\Bob the Builder - Can-Do Carnival\Uninstall.exe"
-->"C:\Program Files\HP Games\Bob the Builder Can-Do-Zoo\Uninstall.exe"
-->"C:\Program Files\HP Games\Bone Out from Boneville\Uninstall.exe"
-->"C:\Program Files\HP Games\Book of Legends\Uninstall.exe"
-->"C:\Program Files\HP Games\Boonka\Uninstall.exe"
-->"C:\Program Files\HP Games\Brain Challenge\Uninstall.exe"
-->"C:\Program Files\HP Games\Brain Training for Dummies\Uninstall.exe"
-->"C:\Program Files\HP Games\Bratz Super Babyz\Uninstall.exe"
-->"C:\Program Files\HP Games\Bubble Town\Uninstall.exe"
-->"C:\Program Files\HP Games\Build in Time\Uninstall.exe"
-->"C:\Program Files\HP Games\Build-a-lot 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Build-a-lot 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Burger Island 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Bus Driver\Uninstall.exe"
-->"C:\Program Files\HP Games\Cake Mania 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Call of Atlantis\Uninstall.exe"
-->"C:\Program Files\HP Games\Can You See What I See - Curfuffle's Collectibles\Uninstall.exe"
-->"C:\Program Files\HP Games\Candace Kane's Candy Factory\Uninstall.exe"
-->"C:\Program Files\HP Games\Cannon Blast\Uninstall.exe"
-->"C:\Program Files\HP Games\Carnival Mania\Uninstall.exe"
-->"C:\Program Files\HP Games\Carrie the Caregiver 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Carrie the Caregiver 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Carrie the Caregiver\Uninstall.exe"
-->"C:\Program Files\HP Games\Cate West - The Vanishing Files\Uninstall.exe"
-->"C:\Program Files\HP Games\Cate West - The Velvet Keys\Uninstall.exe"
-->"C:\Program Files\HP Games\Chocolatier - Decadence by Design\Uninstall.exe"
-->"C:\Program Files\HP Games\Christmasville\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Ciao Bella\Uninstall.exe"
-->"C:\Program Files\HP Games\CLUE Accusations and Alibis\Uninstall.exe"
-->"C:\Program Files\HP Games\Clueless\Uninstall.exe"
-->"C:\Program Files\HP Games\Color Up!\Uninstall.exe"
-->"C:\Program Files\HP Games\Continental Cafe\Uninstall.exe"
-->"C:\Program Files\HP Games\Cooking Academy 2 - World Cuisine\Uninstall.exe"
-->"C:\Program Files\HP Games\Cooking Academy\Uninstall.exe"
-->"C:\Program Files\HP Games\Cooking Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\County Fair\Uninstall.ex
A voir également:

23 réponses

Précédent
  • 1
  • 2
Réponse 21 / 23
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
d'accord

comment va le pc ?

relances RSIT et poste juste le rapport log
0
Réponse 22 / 23
knostra Messages postés 171 Statut Membre 3
 
Bonjour moment de grace,

C'est vrai je ne parle même pas du plus important, le pc va beaucoup mieux sa c'est sur plus de pop_up intempestive lors de la navigation sur le net, les logiciel s'ouvre sans trop de mal, la souris ne bloque plus pendant une heure pour rien.....

Pour résumer il c'est déjà refait une petite jeunesse grace à vous :)

Par contre dans c:// j'ai encore plusieurs fichiers qui ce nome install.res.1028.dll, install.res.1031.dll, install.res.1036.dll ect....

est-ce que je peux les supprimer?

rapport

Logfile of random's system information tool 1.06 (written by random/random)
Run by beatrice at 2010-01-17 08:47:33
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 8 GB (3%) free of 229 GB
Total RAM: 3069 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:47:46, on 17/01/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Users\beatrice\Desktop\desinfection\RSIT.exe
C:\Program Files\trend micro\beatrice.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\beatrice\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_9a642328\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\Windows\system32\drivers\CDAC11BA.EXE
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_9a642328\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
0
Réponse 23 / 23
moment de grace Messages postés 30049 Statut Contributeur sécurité 2 274
 
bon procédons par ordre

à supprimer manuellement

C:\Program Files\Search Guard Plus
C:\Windows\tasks\RegCure Program Check.job
C:\Windows\tasks\RegCure.job
C:\ProgramData\ObjPlay

(si tu ne les trouves pas, voir pour afficher les dossiers cachés un peu plus bas dans mon post)
...................
ensuite pour les dll , à priori ils sont légitimes

néanmoins on va en verifier quelques uns (les trois cités)

+ ceux là

C:\Windows Sidebar
C:\SWSETUP

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : C:\WINDOWS\system32\.........

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.

Si tu ne trouves pas le fichier alors

Affiche tous les fichiers et dossiers :

Pour cela :
Clique sur démarrer/panneau de configuration/option des dossiers/affichage

Cocher afficher les dossiers cachés

Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

Décocher masquer les extensions dont le type est connu

Puis fais «appliquer» pour valider les changements.

Et OK

..................

enfin

apres tout ca, je suspecte la présence de rookit peut être encore...mais si le pc réagit normalement, sans lenteur inexpliquée genre System drive C: has 8 GB (3%) free of 229 GB (disque trop plein)

alors on en restera là et on nettoiera

je m'en remets à tes observations...

0