Bibou Le Forum
Portail sur la sécurité
 
Portail BibouAccueilRechercherS'enregistrerMembresGroupesConnexion

Bibou le forum :: 
La sécurité
 :: Aide à la désinfection :: Sujets résolus ou anciens		Partager | 
 

 [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante

Voir le sujet précédent Voir le sujet suivant Aller en bas 
AuteurMessage
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mar 8 Déc 2009 - 18:58
bonjour jai un probleme avec mon imprimante epson stylus sx400 serie
a chaque foi que j'alume l'imprimante un message d'erreur aparait et il
par pas il fau apuyer plusieure foi sur annuler pour quil disparaise merci.
http://i14.servimg.com/u/f14/14/34/13/78/mess_e11.jpg
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages: 6534
Age: 34
Localisation: suisse
Date d'inscription: 14/03/2008

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mer 9 Déc 2009 - 12:24
Bonjour
ta imprimente est bien détecté par ton systeme ?
as tu tenté de réinstaller tes drivers ?

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
sena
Bibougeek
Bibougeek


Masculin
Nombre de messages: 121
Age: 32
Localisation: Lome - TOGO (Afrique de l'Ouest)
Date d'inscription: 25/05/2008

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mer 9 Déc 2009 - 15:46
message d'erreur
Citation:
WINDOWS - Pas de disque


mon opinion: "un programme" veut considérer ton imprimante comme clé USB et tente d'écrire dessus sans te demander ton avis... ce qui se solde par l'erreur qui s'affiche à l'écran.

Fais un tour dans les sujets de DESINFECTION DE VIRUS.
Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Jeu 10 Déc 2009 - 15:42
oui mon imprimante et detecté jai reinstaller le driver c'est parielle
Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Jeu 10 Déc 2009 - 15:45
esque sa peu venire d'un virus?
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages: 6534
Age: 34
Localisation: suisse
Date d'inscription: 14/03/2008

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Jeu 10 Déc 2009 - 15:49

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Jeu 10 Déc 2009 - 23:55
voila le rapport de malwarebytes

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1873
Windows 6.0.6001 Service Pack 1

10/12/2009 21:45:15
mbam-log-2009-12-10 (21-45-15).txt

Type de recherche: Examen complet (C:\|D:\|F:\|H:\|I:\|J:\|)
Eléments examinés: 186252
Temps écoulé: 1 hour(s), 39 minute(s), 9 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

gmer

GMER 1.0.15.15273 - http://www.gmer.net
Rootkit scan 2009-12-10 22:43:05
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\roman\AppData\Local\Temp\uglyrkob.sys


---- System - GMER 1.0.15 ----

SSDT 9BDDD3CC ZwCreateThread
SSDT 9BDDD3B8 ZwOpenProcess
SSDT 9BDDD3BD ZwOpenThread
SSDT 9BDDD3C7 ZwTerminateProcess
SSDT 9BDDD3C2 ZwWriteVirtualMemory

INT 0x52 ? 86CFCF00
INT 0x62 ? 86CFCF00
INT 0x72 ? 86CFCF00
INT 0x92 ? 859C9BF8
INT 0xA2 ? 859C9BF8
INT 0xB2 ? 859C9BF8
INT 0xB2 ? 859C9BF8
INT 0xB2 ? 86CFCF00
INT 0xB2 ? 859C9BF8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 221 820E7964 4 Bytes [CC, D3, DD, 9B] {INT 3 ; RCR EBP, CL; WAIT }
.text ntkrnlpa.exe!KeSetEvent + 3F1 820E7B34 4 Bytes [B8, D3, DD, 9B]
.text ntkrnlpa.exe!KeSetEvent + 40D 820E7B50 4 Bytes [BD, D3, DD, 9B]
.text ntkrnlpa.exe!KeSetEvent + 621 820E7D64 4 Bytes [C7, D3, DD, 9B]
.text ntkrnlpa.exe!KeSetEvent + 681 820E7DC4 4 Bytes [C2, D3, DD, 9B] {RET 0xddd3; WAIT }
? System32\Drivers\spwl.sys Le chemin d'accès spécifié est introuvable. !
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8EC03340, 0x3D7A87, 0xE8000020]
.text USBPORT.SYS!DllUnload 8B1D841B 5 Bytes JMP 86CFC4E0
.reloc C:\Windows\system32\drivers\acedrv11.sys section is executable [0x9ED85480, 0x306DD, 0xE0000060]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] kernel32.dll!FindResourceExA 77AE2575 7 Bytes JMP 28001D90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] kernel32.dll!FindResourceA 77AE2653 5 Bytes JMP 28001D00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] kernel32.dll!CreateEventA 77B044C0 5 Bytes JMP 28001850 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] kernel32.dll!LockResource 77B068DF 5 Bytes JMP 28001F60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] kernel32.dll!FindResourceExW 77B069FD 7 Bytes JMP 28001C70 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] kernel32.dll!LoadResource 77B06ADB 7 Bytes JMP 28001E30 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] kernel32.dll!FindResourceW 77B07FA1 5 Bytes JMP 28001BF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] kernel32.dll!SizeofResource 77B07FBF 7 Bytes JMP 28001EF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] ADVAPI32.dll!CryptDeriveKey 7647FCAE 7 Bytes JMP 28001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] ADVAPI32.dll!CryptDecrypt 7647FE91 7 Bytes JMP 28001060 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] USER32.dll!CreateDialogParamW 769772A2 5 Bytes JMP 28006110 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] USER32.dll!SetWindowPlacement 76977963 5 Bytes JMP 28005E90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] USER32.dll!SetWindowRgn 7697A221 7 Bytes JMP 28005FD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] USER32.dll!LoadImageW 7697C9E5 5 Bytes JMP 28006760 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] USER32.dll!LoadIconW 7697DA9F 5 Bytes JMP 28006950 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] USER32.dll!CreateWindowExW 76981305 5 Bytes JMP 28003CE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] USER32.dll!GetWindowLongW 7698F8BF 7 Bytes JMP 28006AF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] USER32.dll!PeekMessageW 7699045A 5 Bytes JMP 280046B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] USER32.dll!TrackPopupMenuEx 769A0CE7 5 Bytes JMP 28004F90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] USER32.dll!MessageBoxIndirectW 769CD5D3 5 Bytes JMP 28006300 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] WS2_32.dll!closesocket 76D1330C 5 Bytes JMP 2800B860 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] WS2_32.dll!recv 76D1343A 5 Bytes JMP 2800B080 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] WS2_32.dll!WSASend 76D14496 5 Bytes JMP 2800B620 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] WS2_32.dll!send 76D1659B 5 Bytes JMP 2800B440 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] WS2_32.dll!WSARecv 76D18400 5 Bytes JMP 2800B220 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] SHELL32.dll!Shell_NotifyIconW 76E78626 5 Bytes JMP 28003430 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] ole32.dll!CoRegisterClassObject 76A27DB6 5 Bytes JMP 28002370 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] ole32.dll!CoCreateInstance 76A69EA6 5 Bytes JMP 28002610 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] ole32.dll!CoInitializeEx 76A6AD63 5 Bytes JMP 28002270 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] WININET.dll!InternetReadFile 77EF654B 5 Bytes JMP 2800A0E0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] WININET.dll!InternetCloseHandle 77EF9088 5 Bytes JMP 2800A290 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] WININET.dll!HttpOpenRequestA 77EFD508 5 Bytes JMP 28009F50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[792] WININET.dll!HttpSendRequestA 77F0EE89 5 Bytes JMP 2800A1C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[5820] kernel32.dll!SetUnhandledExceptionFilter 77AEA84F 5 Bytes JMP 5FC75436 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [806946D2] \SystemRoot\System32\Drivers\spwl.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [80694040] \SystemRoot\System32\Drivers\spwl.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [806947FC] \SystemRoot\System32\Drivers\spwl.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [806940BE] \SystemRoot\System32\Drivers\spwl.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8069413C] \SystemRoot\System32\Drivers\spwl.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [806A4048] \SystemRoot\System32\Drivers\spwl.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74C07817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74C5A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74C0BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74BFF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74C075E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74BFE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74C38395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [74C0DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74BFFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74BFFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74BF71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74C8CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74C2C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74BFD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74BF6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74BF687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3312] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74C02AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 859CE1F8
Device \FileSystem\fastfat \FatCdrom 87D8A1F8
Device \FileSystem\udfs \UdfsCdRom 87DD21F8
Device \FileSystem\udfs \UdfsCdRom CLBUDF.SYS (UDF File System Driver (Windows2000)/CyberLink Corporation.)
Device \FileSystem\udfs \UdfsDisk 87DD21F8
Device \FileSystem\udfs \UdfsDisk CLBUDF.SYS (UDF File System Driver (Windows2000)/CyberLink Corporation.)
Device \Driver\volmgr \Device\VolMgrControl 859CB1F8
Device \Driver\usbuhci \Device\USBPDO-0 86F151F8
Device \Driver\usbuhci \Device\USBPDO-1 86F151F8
Device \Driver\usbuhci \Device\USBPDO-2 86F151F8
Device \Driver\usbuhci \Device\USBPDO-3 86F151F8
Device \Driver\usbehci \Device\USBPDO-4 86F671F8
Device \Driver\volmgr \Device\HarddiskVolume1 859CB1F8
Device \Driver\cdrom \Device\CdRom0 86FBD1F8
Device \Driver\volmgr \Device\HarddiskVolume2 859CB1F8
Device \Driver\cdrom \Device\CdRom1 86FBD1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 859CD1F8
Device \Driver\atapi \Device\Ide\IdePort0 859CD1F8
Device \Driver\atapi \Device\Ide\IdePort1 859CD1F8
Device \Driver\atapi \Device\Ide\IdePort2 859CD1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T1L0-7 859CD1F8
Device \Driver\atapi \Device\Ide\IdePort3 859CD1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T1L0-4 859CD1F8
Device \Driver\volmgr \Device\HarddiskVolume3 859CB1F8
Device \Driver\volmgr \Device\HarddiskVolume4 859CB1F8
Device \Driver\USBSTOR \Device\00000067 873501F8
Device \Driver\volmgr \Device\HarddiskVolume5 859CB1F8
Device \Driver\volmgr \Device\HarddiskVolume6 859CB1F8
Device \Driver\USBSTOR \Device\00000069 873501F8
Device \Driver\volmgr \Device\HarddiskVolume7 859CB1F8
Device \Driver\netbt \Device\NetBt_Wins_Export 8721E1F8
Device \Driver\volmgr \Device\HarddiskVolume8 859CB1F8
Device \Driver\Smb \Device\NetbiosSmb 8721D1F8
Device \Driver\iScsiPrt \Device\RaidPort0 86FB71F8
Device \Driver\USBSTOR \Device\0000006a 873501F8
Device \Driver\netbt \Device\NetBT_Tcpip_{697293E7-5C9E-4EFA-9727-13370298387C} 8721E1F8
Device \Driver\USBSTOR \Device\0000006b 873501F8
Device \Driver\usbuhci \Device\USBFDO-0 86F151F8
Device \Driver\USBSTOR \Device\0000006c 873501F8
Device \Driver\usbuhci \Device\USBFDO-1 86F151F8
Device \Driver\USBSTOR \Device\0000006d 873501F8
Device \Driver\usbuhci \Device\USBFDO-2 86F151F8
Device \Driver\USBSTOR \Device\0000006e 873501F8
Device \Driver\usbuhci \Device\USBFDO-3 86F151F8
Device \Driver\usbehci \Device\USBFDO-4 86F671F8
Device \FileSystem\fastfat \Fat 87D8A1F8

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Gestionnaire de filtres de système de fichiers Microsoft/Microsoft Corporation)

Device \FileSystem\cdfs \Cdfs 86D18500
Device \FileSystem\cdfs \Cdfs CLBUDF.SYS (UDF File System Driver (Windows2000)/CyberLink Corporation.)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA6 0x09 0xF8 0x63 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x3F 0xEF 0x27 0xAA ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x56 0x62 0xB3 0xAC ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x56 0x62 0xB3 0xAC ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA6 0x09 0xF8 0x63 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x3F 0xEF 0x27 0xAA ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x56 0x62 0xB3 0xAC ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x56 0x62 0xB3 0xAC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x71 0x3B 0x04 0x66 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x6B 0x65 0x49 0x6A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xF5 0x1D 0x4D 0x73 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x3D 0xCE 0xEA 0x26 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xF8 0x31 0x0F 0xA9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...

---- EOF - GMER 1.0.15 ----
Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Jeu 10 Déc 2009 - 23:56
et le dernier

Logfile of random's system information tool 1.06 (written by random/random)
Run by roman at 2009-12-10 22:06:07
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 51 GB (51%) free of 100 GB
Total RAM: 3326 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:06:19, on 10/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Lenovo\Lenovo Standard Keyboard Driver\SkDaemond.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Lenovo\MultiRecover\multitray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\CyberLink\InstantBurn\Win2K\IBurn.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Winsudate\gibusr.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Users\roman\Desktop\RSIT.exe
C:\Program Files\trend micro\roman.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SkDaemond] C:\Program Files\Lenovo\Lenovo Standard Keyboard Driver\SkDaemond.exe
O4 - HKLM\..\Run: [multitray] C:\Program Files\Lenovo\MultiRecover\loadtray.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InstantBurn] C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_S38A2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_SFA8B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SIMBAR={016CAD2E-DC2E-4101-A125-9F8A932A37C8}; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.21022; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618; Tablet PC 2.0; Orange 8.0)" -"http://www.funlabo.com/voiture/jeu-poursuite.htm"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Users\roman\AppData\Local\Temp\{6B2EF9BB-F437-4577-BDF0-BE53739A5F7E}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O4 - Startup: RollerCoaster Tycoon 3_ Wild Registration.lnk = C:\Users\roman\AppData\Local\Temp\{9C2FCD7F-8265-48C5-94DA-68E0DA4FA14A}\{45653847-497F-47BB-A878-46FBDE34A3E0}\ATR1.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.ibloks.com
O15 - Trusted Zone: http://www.orange.fr
O20 - AppInit_DLLs:
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: mulservice - Unknown owner - C:\PROGRA~1\LENOVO\MULTIR~1\mulservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OKAV Agent Service - Trend Micro Inc. - C:\Program Files\Trend Micro\OKAVAgent\OKAVAgent.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe

--
End of file - 10105 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll [2009-03-02 636216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-27 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-14 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-27 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-03 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-08-17 4702208]
"SkDaemond"=C:\Program Files\Lenovo\Lenovo Standard Keyboard Driver\SkDaemond.exe [2006-08-14 61440]
"multitray"=C:\Program Files\Lenovo\MultiRecover\loadtray.exe [2008-01-30 31264]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-08-16 65536]
"InstantBurn"=C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe [2006-09-13 737280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Ulead AutoDetector v2"=C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2006-11-29 90112]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"BitComet"=C:\Program Files\BitComet\BitComet.exe [2009-03-09 2564408]
"EPSON Stylus SX400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE [2007-12-17 188928]
"Power2GoExpress"= []
"EPSON Stylus SX400 Series (Copie 1)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE [2007-12-17 188928]
"WinUsr"=C:\Program Files\Winsudate\gibusr.exe [2009-11-20 88304]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-29 68856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE [2009-01-16 460216]

C:\Users\roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
RollerCoaster Tycoon 3 Registration.lnk - C:\Users\roman\AppData\Local\Temp\{6B2EF9BB-F437-4577-BDF0-BE53739A5F7E}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
RollerCoaster Tycoon 3_ Wild Registration.lnk - C:\Users\roman\AppData\Local\Temp\{9C2FCD7F-8265-48C5-94DA-68E0DA4FA14A}\{45653847-497F-47BB-A878-46FBDE34A3E0}\ATR1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
shell\AutoRun\command - K:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
shell\AutoRun\command - L:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\N]
shell\AutoRun\command - N:\Autorun.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-10 22:06:07 ----D---- C:\rsit
2009-12-10 21:57:29 ----D---- C:\Windows\system32\eu-ES
2009-12-10 21:57:29 ----D---- C:\Windows\system32\ca-ES
2009-12-10 21:57:28 ----D---- C:\Windows\system32\vi-VN
2009-12-10 21:46:42 ----D---- C:\Windows\system32\EventProviders
2009-12-10 03:01:36 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-10 03:01:35 ----A---- C:\Windows\system32\httpapi.dll
2009-12-09 05:28:33 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\wininet.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\urlmon.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\occache.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\iertutil.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\ieframe.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-09 05:28:31 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-09 05:28:31 ----A---- C:\Windows\system32\ieui.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\iesetup.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\iernonce.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\iepeers.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-09 04:40:36 ----A---- C:\Windows\system32\rastls.dll
2009-12-08 17:42:37 ----D---- C:\Program Files\epson
2009-11-26 03:00:28 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 03:18:23 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 03:18:23 ----A---- C:\Windows\system32\msxml3.dll
2009-11-20 11:15:48 ----D---- C:\Windows\Profiles
2009-11-20 11:13:46 ----D---- C:\Program Files\Winsudate
2009-11-11 00:45:22 ----A---- C:\Windows\system32\WSDApi.dll

======List of files/folders modified in the last 1 months======

2009-12-10 22:06:19 ----D---- C:\Windows\Prefetch
2009-12-10 22:06:19 ----D---- C:\Program Files\Trend Micro
2009-12-10 22:04:42 ----D---- C:\Windows\Microsoft.NET
2009-12-10 22:04:41 ----RSD---- C:\Windows\assembly
2009-12-10 22:03:43 ----D---- C:\Windows\Temp
2009-12-10 22:02:56 ----D---- C:\Windows\Tasks
2009-12-10 22:02:36 ----RD---- C:\Program Files
2009-12-10 22:02:36 ----D---- C:\Program Files\Windows Media Player
2009-12-10 22:02:24 ----D---- C:\Windows
2009-12-10 22:02:20 ----D---- C:\Windows\system32\catroot
2009-12-10 22:02:19 ----SHD---- C:\Boot
2009-12-10 22:02:13 ----D---- C:\Windows\inf
2009-12-10 21:59:29 ----D---- C:\Windows\System32
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Sidebar
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Photo Gallery
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Mail
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Journal
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Collaboration
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Calendar
2009-12-10 21:57:50 ----D---- C:\Program Files\Movie Maker
2009-12-10 21:57:50 ----D---- C:\Program Files\Internet Explorer
2009-12-10 21:57:50 ----D---- C:\Program Files\Common Files\System
2009-12-10 21:57:49 ----D---- C:\Windows\servicing
2009-12-10 21:57:49 ----D---- C:\Windows\ehome
2009-12-10 21:57:49 ----D---- C:\Program Files\Windows Defender
2009-12-10 21:57:45 ----D---- C:\Windows\system32\XPSViewer
2009-12-10 21:57:45 ----D---- C:\Windows\system32\sk-SK
2009-12-10 21:57:45 ----D---- C:\Windows\system32\oobe
2009-12-10 21:57:45 ----D---- C:\Windows\system32\migration
2009-12-10 21:57:45 ----D---- C:\Windows\system32\lv-LV
2009-12-10 21:57:45 ----D---- C:\Windows\system32\ko-KR
2009-12-10 21:57:45 ----D---- C:\Windows\system32\it-IT
2009-12-10 21:57:45 ----D---- C:\Windows\system32\hr-HR
2009-12-10 21:57:45 ----D---- C:\Windows\system32\fr
2009-12-10 21:57:45 ----D---- C:\Windows\system32\et-EE
2009-12-10 21:57:45 ----D---- C:\Windows\system32\en-US
2009-12-10 21:57:45 ----D---- C:\Windows\system32\el-GR
2009-12-10 21:57:45 ----D---- C:\Windows\system32\de-DE
2009-12-10 21:57:45 ----D---- C:\Windows\system32\da-DK
2009-12-10 21:57:45 ----D---- C:\Windows\IME
2009-12-10 21:57:44 ----D---- C:\Windows\system32\ru-RU
2009-12-10 21:57:44 ----D---- C:\Windows\system32\AdvancedInstallers
2009-12-10 21:57:43 ----D---- C:\Windows\system32\sv-SE
2009-12-10 21:57:43 ----D---- C:\Windows\system32\SLUI
2009-12-10 21:57:43 ----D---- C:\Windows\system32\setup
2009-12-10 21:57:43 ----D---- C:\Windows\system32\pt-PT
2009-12-10 21:57:43 ----D---- C:\Windows\system32\hu-HU
2009-12-10 21:57:43 ----D---- C:\Windows\system32\he-IL
2009-12-10 21:57:43 ----D---- C:\Windows\system32\fr-FR
2009-12-10 21:57:43 ----D---- C:\Windows\system32\fi-FI
2009-12-10 21:57:43 ----D---- C:\Windows\system32\cs-CZ
2009-12-10 21:57:42 ----D---- C:\Windows\system32\zh-TW
2009-12-10 21:57:42 ----D---- C:\Windows\system32\zh-CN
2009-12-10 21:57:42 ----D---- C:\Windows\system32\wbem
2009-12-10 21:57:42 ----D---- C:\Windows\system32\uk-UA
2009-12-10 21:57:42 ----D---- C:\Windows\system32\tr-TR
2009-12-10 21:57:42 ----D---- C:\Windows\system32\th-TH
2009-12-10 21:57:42 ----D---- C:\Windows\system32\sr-Latn-CS
2009-12-10 21:57:42 ----D---- C:\Windows\system32\sl-SI
2009-12-10 21:57:42 ----D---- C:\Windows\system32\ro-RO
2009-12-10 21:57:42 ----D---- C:\Windows\system32\pl-PL
2009-12-10 21:57:42 ----D---- C:\Windows\system32\manifeststore
2009-12-10 21:57:42 ----D---- C:\Windows\system32\ja-JP
2009-12-10 21:57:42 ----D---- C:\Windows\system32\es-ES
2009-12-10 21:57:42 ----D---- C:\Windows\system32\drivers
2009-12-10 21:57:42 ----D---- C:\Windows\system32\bg-BG
2009-12-10 21:57:41 ----D---- C:\Windows\system32\pt-BR
2009-12-10 21:57:41 ----D---- C:\Windows\system32\nl-NL
2009-12-10 21:57:41 ----D---- C:\Windows\system32\nb-NO
2009-12-10 21:57:41 ----D---- C:\Windows\system32\migwiz
2009-12-10 21:57:41 ----D---- C:\Windows\system32\lt-LT
2009-12-10 21:57:41 ----D---- C:\Windows\system32\ar-SA
2009-12-10 21:57:32 ----RSD---- C:\Windows\Fonts
2009-12-10 21:57:32 ----D---- C:\Windows\AppPatch
2009-12-10 21:57:28 ----D---- C:\Windows\system32\Boot
2009-12-10 21:56:07 ----D---- C:\Windows\system32\RTCOM
2009-12-10 21:53:25 ----D---- C:\Windows\winsxs
2009-12-10 21:44:19 ----D---- C:\Downloads
2009-12-10 20:52:14 ----D---- C:\ProgramData\Google Updater
2009-12-10 20:10:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-10 20:01:27 ----D---- C:\Windows\tracing
2009-12-10 14:43:56 ----HD---- C:\ProgramData
2009-12-10 03:01:50 ----D---- C:\Windows\system32\catroot2
2009-12-10 03:01:34 ----SHD---- C:\Windows\Installer
2009-12-10 03:01:33 ----D---- C:\ProgramData\Microsoft Help
2009-12-10 03:00:27 ----D---- C:\Windows\Debug
2009-12-09 16:15:19 ----D---- C:\ProgramData\Messenger Plus!
2009-12-08 20:45:15 ----D---- C:\Users\roman\AppData\Roaming\vlc
2009-12-07 19:36:24 ----D---- C:\Users\roman\AppData\Roaming\gtk-2.0
2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe
2009-12-01 12:52:32 ----D---- C:\ProgramData\SweetIM
2009-11-28 17:42:02 ----SD---- C:\Windows\Downloaded Program Files
2009-11-28 17:40:31 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-11-27 23:17:41 ----D---- C:\Program Files\Messenger Plus! Live
2009-11-26 03:32:38 ----D---- C:\Windows\rescache
2009-11-23 00:32:18 ----A---- C:\Windows\win.ini
2009-11-20 11:16:02 ----SHD---- C:\$Recycle.Bin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2009-05-27 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-05-27 75096]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2008-10-10 5632]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-05-04 6656]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2008-01-23 501560]
R2 CLBUDF;CyberLink UDF Filesystem; C:\Windows\system32\drivers\CLBUDF.sys [2006-09-13 184448]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2009-05-27 52056]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2007-03-14 165760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-08-22 1950552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-03 7444672]
R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 adipfusb;ADI USB RNDIS Compatible Network Device - AD6489; C:\Windows\system32\DRIVERS\adipfusb.sys [2005-05-12 28182]
S3 arfh5cxx;arfh5cxx; C:\Windows\system32\drivers\arfh5cxx.sys []
S3 bcm4sbxp;Pilote XP du contrôleur intégré Broadcom 440x 10/100; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
S3 BTKbFltr;BTKbFltr; \??\C:\Windows\System32\Drivers\BTKbFltr.sys [2009-02-20 27264]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2009-05-15 515584]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 VMC410;Vimicro Camera Service VMC410; C:\Windows\System32\Drivers\VMC410.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-03 118784]
R2 OKAV Agent Service;OKAV Agent Service; C:\Program Files\Trend Micro\OKAVAgent\OKAVAgent.exe [2008-02-01 66824]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TeamViewer;TeamViewer 3; C:\Program Files\TeamViewer3\TeamViewer_Host.exe [2008-07-16 181544]
R2 WinSvc;Gestionnaire de mise à jour Winsudate; C:\Program Files\Winsudate\gibsvc.exe [2009-11-20 70896]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S2 mulservice;mulservice; C:\PROGRA~1\LENOVO\MULTIR~1\mulservice.exe [2008-01-30 31264]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]

-----------------EOF-----------------
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages: 5549
Age: 31
Localisation: devant le pc
Date d'inscription: 18/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Lun 14 Déc 2009 - 8:55
Bonjour Tim8


Malwarebyte n'était pas à jour


Télécharge TFC (clique ici) (de Old Timer) sur le bureau

  • TFC va fermer toutes tes fenêtres, je te conseille d'enregistrer ton travail puis de les fermer par toi même pour éviter de perdre ton travail
  • Double clique sur TFC.exe pour le lancer
  • Clique sur le bouton Start et patiente quelques instants.
  • Une fois le nettoyage terminé, ton pc va redémarrer. S'il ne le fait pas, redémarre le toi même pour terminer le nettoyage






  • Lance Malwarebyte et mets à jour la base de définition en allant dans l'onglet "mise à jour" puis "recherche de mise à jour".
  • Choisi Exécuter un examen rapide puis Rechercher
  • Laisse l'analyse se faire (cela peut durer longtemps).
  • A la fin, vérifie que les éléments trouvés soient cochés (dans "Résultat de l'examen").
  • Puis clique sur Supprimer la sélection en bas.
  • Un redémarrage peut être nécessaire.

Un rapport va s'afficher, enregistre-le sur ton bureau. Sinon, après le démarrage, il se trouvera dans l'ongletRapports/logs

Et poste le rapport svp

Une aide à l'utilisation ici

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
sena
Bibougeek
Bibougeek


Masculin
Nombre de messages: 121
Age: 32
Localisation: Lome - TOGO (Afrique de l'Ouest)
Date d'inscription: 25/05/2008

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Lun 14 Déc 2009 - 14:50
Edit Admin Laddy :

Merci de ne pas réaliser ceci sans l'avis de ton helper GrosBébé.


en plein dans le mille Very Happy
Citation:
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe

j'avais raison, tu as aumoins une peste qui tourne en arriere plan

"TR/Agent.63216"

on va déja commencer par enlever celui-ci


Citation:

1) faites "CTRL+ALT+SUPPR" pour afficher le Gestionnaire des tâches
Allez dans l'onglet "Processus", et ici, chercher les processus qui sont dans votre dossier "winsudate" (gibusr.exe, gibsvc.exe, gibupt.exe)
Cliquez dessus et faites "Terminer le processus" et cliquez ensuite sur "Oui".
Une fois les processus désactivés, vous pourrez alors supprimer manuellement les dossiers "Winsudate", etc. dans "C:\Program Files":
C:\Program Files\Winletmin
C:\Program Files\Winsudate
C:\Program Files\Letmin
2)- ance'diteur de registre (Démarrer >exécuter >"Regedit"),
dans [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run], supprimer la valeur "WinUsr"

3)- Vérifier si présence de O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Unknown owner - C:\Program Files\Winsudate\gibsvc.exe (file missing)
Dans ce cas, clic sur "Démarrer" puis "Exécuter"; dans la zone de saisie, taper : SC delete WinSvc

redémarrer le PC.



Merci à Malekal_morte

Ensuite suis les étapes proposes par GrosBebe pour qu'on s'assure qu'il ne reste pas autre chose.
Bonne chance.
Revenir en haut Aller en bas
Laddy
Admin
Admin


Féminin
Nombre de messages: 6534
Age: 34
Localisation: suisse
Date d'inscription: 14/03/2008

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Lun 14 Déc 2009 - 14:59
Bonjour
Sena le membre est dans les mains d'un helper merci de ne pas interférer dans la désinfection du pc.
Le helper demande différentes choses et suit un plan bien défini.

Malwarebyte est capable de supprimer cette infection et tout les fichiers attachés à ce service faut il encore que le logiciel soit à jour.

__________________________________________________________________________________________________________________
Me faire un don paypal pour mes outils OneClick2RP, Report_Antivir, Report_CHKDsk, RescueUSBClic ici
[Dons = 6] un immense Merci à tous 6 Very Happy





Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mar 15 Déc 2009 - 0:12
rebonjour je peut pas supprimer le dossier winsudate je doit disposer d'une autorisation pour effectuer cette action
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages: 5549
Age: 31
Localisation: devant le pc
Date d'inscription: 18/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mar 15 Déc 2009 - 8:40
Bonjour

GrosBébé a écrit:
Malwarebyte n'était pas à jour


Télécharge TFC (clique ici) (de Old Timer) sur le bureau

  • TFC va fermer toutes tes fenêtres, je te conseille d'enregistrer ton travail puis de les fermer par toi même pour éviter de perdre ton travail
  • Double clique sur TFC.exe pour le lancer
  • Clique sur le bouton Start et patiente quelques instants.
  • Une fois le nettoyage terminé, ton pc va redémarrer. S'il ne le fait pas, redémarre le toi même pour terminer le nettoyage






  • Lance Malwarebyte et mets à jour la base de définition en allant dans l'onglet "mise à jour" puis "recherche de mise à jour".
  • Choisi Exécuter un examen rapide puis Rechercher
  • Laisse l'analyse se faire (cela peut durer longtemps).
  • A la fin, vérifie que les éléments trouvés soient cochés (dans "Résultat de l'examen").
  • Puis clique sur Supprimer la sélection en bas.
  • Un redémarrage peut être nécessaire.

Un rapport va s'afficher, enregistre-le sur ton bureau. Sinon, après le démarrage, il se trouvera dans l'ongletRapports/logs

Et poste le rapport svp

Une aide à l'utilisation ici


Wink

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mar 15 Déc 2009 - 21:17
Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3289
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

15/12/2009 20:16:27
mbam-log-2009-12-15 (20-16-27).txt

Type de recherche: Examen rapide
Eléments examinés: 93561
Temps écoulé: 4 minute(s), 0 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages: 5549
Age: 31
Localisation: devant le pc
Date d'inscription: 18/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mar 15 Déc 2009 - 22:32
Salut Tim8


Tu as supprimé le dossier winsudate ?

Relance RSIT et poste le rapport obtenu svp Smile

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
sena
Bibougeek
Bibougeek


Masculin
Nombre de messages: 121
Age: 32
Localisation: Lome - TOGO (Afrique de l'Ouest)
Date d'inscription: 25/05/2008

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mer 16 Déc 2009 - 5:03
@LADDY
Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mer 16 Déc 2009 - 13:33
oui une parti dans winsudate il reste un fichier gibsvc qui ve pas se supprimer mai reste et suppreimer
Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mer 16 Déc 2009 - 13:37
Logfile of random's system information tool 1.06 (written by random/random)
Run by roman at 2009-12-16 12:36:34
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 39 GB (39%) free of 100 GB
Total RAM: 3326 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:36:38, on 16/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Lenovo\Lenovo Standard Keyboard Driver\SkDaemond.exe
C:\Program Files\Lenovo\MultiRecover\multitray.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\CyberLink\InstantBurn\Win2K\IBurn.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SGPSA\ie3sh.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Downloads\RSIT.exe
C:\Program Files\trend micro\roman.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHelper Class - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} - C:\Program Files\SGPSA\mtwb3sh.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: BrowserHelper Class - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Fast Browser Search Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SkDaemond] C:\Program Files\Lenovo\Lenovo Standard Keyboard Driver\SkDaemond.exe
O4 - HKLM\..\Run: [multitray] C:\Program Files\Lenovo\MultiRecover\loadtray.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InstantBurn] C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_S38A2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_SFA8B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SIMBAR={016CAD2E-DC2E-4101-A125-9F8A932A37C8}; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.21022; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618; Tablet PC 2.0; Orange 8.0)" -"http://www.funlabo.com/voiture/jeu-poursuite.htm"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Users\roman\AppData\Local\Temp\{6B2EF9BB-F437-4577-BDF0-BE53739A5F7E}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O4 - Startup: RollerCoaster Tycoon 3_ Wild Registration.lnk = C:\Users\roman\AppData\Local\Temp\{9C2FCD7F-8265-48C5-94DA-68E0DA4FA14A}\{45653847-497F-47BB-A878-46FBDE34A3E0}\ATR1.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Tout télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Télécharger avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.ibloks.com
O15 - Trusted Zone: http://www.orange.fr
O20 - AppInit_DLLs:
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: mulservice - Unknown owner - C:\PROGRA~1\LENOVO\MULTIR~1\mulservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OKAV Agent Service - Trend Micro Inc. - C:\Program Files\Trend Micro\OKAVAgent\OKAVAgent.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe

--
End of file - 10767 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll [2009-03-02 636216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
BrowserHelper Class - C:\Program Files\SGPSA\SearchAssistant.dll [2009-10-15 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-27 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-14 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]
Search Assistant - C:\Program Files\SGPSA\BHO.dll [2009-11-10 292864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
Fast Browser Search Toolbar Helper - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll [2009-08-13 2602368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-27 263280]
{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - Fast Browser Search Toolbar - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll [2009-08-13 2602368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-04-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-04-03 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-08-17 4702208]
"SkDaemond"=C:\Program Files\Lenovo\Lenovo Standard Keyboard Driver\SkDaemond.exe [2006-08-14 61440]
"multitray"=C:\Program Files\Lenovo\MultiRecover\loadtray.exe [2008-01-30 31264]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-08-16 65536]
"InstantBurn"=C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe [2006-09-13 737280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Ulead AutoDetector v2"=C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2006-11-29 90112]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"FBSSA"=C:\Program Files\SGPSA\ie3sh.exe [2009-11-19 65344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"BitComet"=C:\Program Files\BitComet\BitComet.exe [2009-03-09 2564408]
"EPSON Stylus SX400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE [2007-12-17 188928]
"Power2GoExpress"= []
"EPSON Stylus SX400 Series (Copie 1)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE [2007-12-17 188928]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-29 68856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE [2009-01-16 460216]

C:\Users\roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
RollerCoaster Tycoon 3 Registration.lnk - C:\Users\roman\AppData\Local\Temp\{6B2EF9BB-F437-4577-BDF0-BE53739A5F7E}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
RollerCoaster Tycoon 3_ Wild Registration.lnk - C:\Users\roman\AppData\Local\Temp\{9C2FCD7F-8265-48C5-94DA-68E0DA4FA14A}\{45653847-497F-47BB-A878-46FBDE34A3E0}\ATR1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
shell\AutoRun\command - K:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
shell\AutoRun\command - L:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\N]
shell\AutoRun\command - N:\Autorun.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-14 17:58:11 ----D---- C:\Program Files\SGPSA
2009-12-14 17:58:11 ----D---- C:\Program Files\Search Guard PlusU
2009-12-14 17:58:11 ----D---- C:\Program Files\Search Guard Plus
2009-12-14 17:55:45 ----D---- C:\Program Files\Fast Browser Search
2009-12-14 04:34:12 ----D---- C:\Program Files\PC Inspector File Recovery
2009-12-13 01:11:25 ----D---- C:\Program Files\Lavalys
2009-12-12 03:17:29 ----D---- C:\Program Files\Windows Portable Devices
2009-12-12 03:01:35 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-12-12 03:01:35 ----A---- C:\Windows\system32\UIAnimation.dll
2009-12-12 03:01:34 ----A---- C:\Windows\system32\UIRibbon.dll
2009-12-12 03:01:18 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-12-12 03:01:18 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-12-12 03:01:18 ----A---- C:\Windows\system32\WMPhoto.dll
2009-12-12 03:01:18 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-12-12 03:01:18 ----A---- C:\Windows\system32\d3d10warp.dll
2009-12-12 03:01:18 ----A---- C:\Windows\system32\cdd.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\xpsservices.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\XpsPrint.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-12-12 03:01:17 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\OpcServices.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\FntCache.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\dxgi.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\dxdiagn.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\dxdiag.exe
2009-12-12 03:01:17 ----A---- C:\Windows\system32\DWrite.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\d3d11.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\d3d10level9.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\d3d10core.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\d3d10_1.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\d3d10.dll
2009-12-12 03:01:17 ----A---- C:\Windows\system32\d2d1.dll
2009-12-12 03:01:02 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-12-12 03:01:02 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-12-12 03:01:02 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-12-12 03:01:01 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-12-12 03:01:00 ----A---- C:\Windows\system32\WpdConns.dll
2009-12-12 03:00:59 ----A---- C:\Windows\system32\WPDSp.dll
2009-12-12 03:00:59 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-12-12 03:00:59 ----A---- C:\Windows\system32\wpdshext.dll
2009-12-12 03:00:59 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-12-12 03:00:59 ----A---- C:\Windows\system32\WpdMtp.dll
2009-12-12 03:00:59 ----A---- C:\Windows\system32\wpd_ci.dll
2009-12-12 03:00:59 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-12-12 03:00:59 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-12-12 03:00:59 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-12-12 03:00:59 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-12-12 03:00:28 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-12-12 03:00:28 ----A---- C:\Windows\system32\oleaccrc.dll
2009-12-12 03:00:28 ----A---- C:\Windows\system32\oleacc.dll
2009-12-10 22:06:07 ----D---- C:\rsit
2009-12-10 21:57:29 ----D---- C:\Windows\system32\eu-ES
2009-12-10 21:57:29 ----D---- C:\Windows\system32\ca-ES
2009-12-10 21:57:28 ----D---- C:\Windows\system32\vi-VN
2009-12-10 21:46:42 ----D---- C:\Windows\system32\EventProviders
2009-12-10 03:01:36 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-10 03:01:35 ----A---- C:\Windows\system32\httpapi.dll
2009-12-09 05:28:33 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\wininet.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\urlmon.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\occache.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\iertutil.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\ieframe.dll
2009-12-09 05:28:32 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-09 05:28:31 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-09 05:28:31 ----A---- C:\Windows\system32\ieui.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\iesetup.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\iernonce.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\iepeers.dll
2009-12-09 05:28:31 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-09 04:40:36 ----A---- C:\Windows\system32\rastls.dll
2009-12-08 17:42:37 ----D---- C:\Program Files\epson
2009-11-26 03:00:28 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 03:18:23 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 03:18:23 ----A---- C:\Windows\system32\msxml3.dll
2009-11-20 11:15:48 ----D---- C:\Windows\Profiles
2009-11-20 11:13:46 ----D---- C:\Program Files\Winsudate

======List of files/folders modified in the last 1 months======

2009-12-16 12:36:41 ----D---- C:\Windows\Prefetch
2009-12-16 12:36:36 ----D---- C:\Windows\Temp
2009-12-16 12:36:35 ----D---- C:\Program Files\Trend Micro
2009-12-16 12:34:45 ----D---- C:\Downloads
2009-12-16 12:31:36 ----RD---- C:\Program Files
2009-12-16 12:29:40 ----D---- C:\Windows\Tasks
2009-12-16 05:37:22 ----D---- C:\Windows\tracing
2009-12-16 01:57:12 ----D---- C:\ProgramData\Google Updater
2009-12-15 20:51:43 ----D---- C:\Windows\System32
2009-12-15 20:51:43 ----D---- C:\Windows\inf
2009-12-15 20:51:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-15 20:46:34 ----D---- C:\Users\roman\AppData\Roaming\vlc
2009-12-15 20:07:52 ----D---- C:\Windows
2009-12-15 20:04:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-15 20:03:14 ----D---- C:\Windows\system32\drivers
2009-12-14 23:02:21 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-12-14 17:58:12 ----D---- C:\Windows\system32\Tasks
2009-12-14 04:34:12 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-13 20:56:50 ----D---- C:\Users\roman\AppData\Roaming\gtk-2.0
2009-12-13 20:14:32 ----SHD---- C:\Windows\Installer
2009-12-12 03:34:36 ----D---- C:\Windows\rescache
2009-12-12 03:17:30 ----D---- C:\Windows\system32\fr-FR
2009-12-12 03:17:29 ----D---- C:\Windows\system32\wbem
2009-12-12 03:17:28 ----D---- C:\Windows\system32\zh-TW
2009-12-12 03:17:28 ----D---- C:\Windows\system32\zh-HK
2009-12-12 03:17:28 ----D---- C:\Windows\system32\zh-CN
2009-12-12 03:17:28 ----D---- C:\Windows\system32\uk-UA
2009-12-12 03:17:28 ----D---- C:\Windows\system32\tr-TR
2009-12-12 03:17:28 ----D---- C:\Windows\system32\th-TH
2009-12-12 03:17:28 ----D---- C:\Windows\system32\sv-SE
2009-12-12 03:17:28 ----D---- C:\Windows\system32\sr-Latn-CS
2009-12-12 03:17:28 ----D---- C:\Windows\system32\sl-SI
2009-12-12 03:17:28 ----D---- C:\Windows\system32\sk-SK
2009-12-12 03:17:28 ----D---- C:\Windows\system32\ru-RU
2009-12-12 03:17:28 ----D---- C:\Windows\system32\ro-RO
2009-12-12 03:17:28 ----D---- C:\Windows\system32\pt-PT
2009-12-12 03:17:28 ----D---- C:\Windows\system32\pt-BR
2009-12-12 03:17:28 ----D---- C:\Windows\system32\pl-PL
2009-12-12 03:17:28 ----D---- C:\Windows\system32\nl-NL
2009-12-12 03:17:28 ----D---- C:\Windows\system32\nb-NO
2009-12-12 03:17:28 ----D---- C:\Windows\system32\lv-LV
2009-12-12 03:17:28 ----D---- C:\Windows\system32\lt-LT
2009-12-12 03:17:28 ----D---- C:\Windows\system32\ko-KR
2009-12-12 03:17:28 ----D---- C:\Windows\system32\ja-JP
2009-12-12 03:17:28 ----D---- C:\Windows\system32\it-IT
2009-12-12 03:17:28 ----D---- C:\Windows\system32\hu-HU
2009-12-12 03:17:28 ----D---- C:\Windows\system32\hr-HR
2009-12-12 03:17:28 ----D---- C:\Windows\system32\he-IL
2009-12-12 03:17:28 ----D---- C:\Windows\system32\fi-FI
2009-12-12 03:17:28 ----D---- C:\Windows\system32\et-EE
2009-12-12 03:17:28 ----D---- C:\Windows\system32\es-ES
2009-12-12 03:17:28 ----D---- C:\Windows\system32\en-US
2009-12-12 03:17:28 ----D---- C:\Windows\system32\el-GR
2009-12-12 03:17:28 ----D---- C:\Windows\system32\de-DE
2009-12-12 03:17:28 ----D---- C:\Windows\system32\da-DK
2009-12-12 03:17:28 ----D---- C:\Windows\system32\cs-CZ
2009-12-12 03:17:28 ----D---- C:\Windows\system32\bg-BG
2009-12-12 03:17:28 ----D---- C:\Windows\system32\ar-SA
2009-12-12 03:06:35 ----D---- C:\Windows\Microsoft.NET
2009-12-12 03:06:27 ----RSD---- C:\Windows\assembly
2009-12-12 03:01:42 ----D---- C:\Windows\winsxs
2009-12-12 03:01:41 ----D---- C:\Windows\system32\catroot
2009-12-12 03:01:12 ----D---- C:\Windows\system32\catroot2
2009-12-11 11:15:07 ----D---- C:\Program Files\Windows Media Player
2009-12-10 22:44:44 ----HD---- C:\Windows\system32\GroupPolicy
2009-12-10 22:44:44 ----HD---- C:\ProgramData
2009-12-10 22:02:19 ----SHD---- C:\Boot
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Sidebar
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Photo Gallery
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Mail
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Journal
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Collaboration
2009-12-10 21:57:50 ----D---- C:\Program Files\Windows Calendar
2009-12-10 21:57:50 ----D---- C:\Program Files\Movie Maker
2009-12-10 21:57:50 ----D---- C:\Program Files\Internet Explorer
2009-12-10 21:57:50 ----D---- C:\Program Files\Common Files\System
2009-12-10 21:57:49 ----D---- C:\Windows\servicing
2009-12-10 21:57:49 ----D---- C:\Windows\ehome
2009-12-10 21:57:49 ----D---- C:\Program Files\Windows Defender
2009-12-10 21:57:45 ----D---- C:\Windows\system32\XPSViewer
2009-12-10 21:57:45 ----D---- C:\Windows\system32\oobe
2009-12-10 21:57:45 ----D---- C:\Windows\system32\migration
2009-12-10 21:57:45 ----D---- C:\Windows\system32\fr
2009-12-10 21:57:45 ----D---- C:\Windows\IME
2009-12-10 21:57:44 ----D---- C:\Windows\system32\AdvancedInstallers
2009-12-10 21:57:43 ----D---- C:\Windows\system32\SLUI
2009-12-10 21:57:43 ----D---- C:\Windows\system32\setup
2009-12-10 21:57:42 ----D---- C:\Windows\system32\manifeststore
2009-12-10 21:57:41 ----D---- C:\Windows\system32\migwiz
2009-12-10 21:57:32 ----RSD---- C:\Windows\Fonts
2009-12-10 21:57:32 ----D---- C:\Windows\AppPatch
2009-12-10 21:57:28 ----D---- C:\Windows\system32\Boot
2009-12-10 21:56:07 ----D---- C:\Windows\system32\RTCOM
2009-12-10 03:01:33 ----D---- C:\ProgramData\Microsoft Help
2009-12-10 03:00:27 ----D---- C:\Windows\Debug
2009-12-09 16:15:19 ----D---- C:\ProgramData\Messenger Plus!
2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe
2009-12-01 12:52:32 ----D---- C:\ProgramData\SweetIM
2009-11-28 17:42:02 ----SD---- C:\Windows\Downloaded Program Files
2009-11-27 23:17:41 ----D---- C:\Program Files\Messenger Plus! Live
2009-11-23 00:32:18 ----A---- C:\Windows\win.ini
2009-11-20 11:16:02 ----SHD---- C:\$Recycle.Bin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2009-05-27 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-05-27 75096]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2008-10-10 5632]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-05-04 6656]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2008-01-23 501560]
R2 CLBUDF;CyberLink UDF Filesystem; C:\Windows\system32\drivers\CLBUDF.sys [2006-09-13 184448]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2009-05-27 52056]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2007-03-14 165760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-08-22 1950552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-04-03 7444672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 adipfusb;ADI USB RNDIS Compatible Network Device - AD6489; C:\Windows\system32\DRIVERS\adipfusb.sys [2005-05-12 28182]
S3 asl2qbch;asl2qbch; C:\Windows\system32\drivers\asl2qbch.sys []
S3 bcm4sbxp;Pilote XP du contrôleur intégré Broadcom 440x 10/100; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
S3 BTKbFltr;BTKbFltr; \??\C:\Windows\System32\Drivers\BTKbFltr.sys [2009-02-20 27264]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2009-05-15 515584]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 VMC410;Vimicro Camera Service VMC410; C:\Windows\System32\Drivers\VMC410.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-04-03 118784]
R2 OKAV Agent Service;OKAV Agent Service; C:\Program Files\Trend Micro\OKAVAgent\OKAVAgent.exe [2008-02-01 66824]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 TeamViewer;TeamViewer 3; C:\Program Files\TeamViewer3\TeamViewer_Host.exe [2008-07-16 181544]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S2 mulservice;mulservice; C:\PROGRA~1\LENOVO\MULTIR~1\mulservice.exe [2008-01-30 31264]
S2 WinSvc;Gestionnaire de mise à jour Winsudate; C:\Program Files\Winsudate\gibsvc.exe [2009-11-20 70896]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLWriter;Enregistreur VSS SQL Server; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]

-----------------EOF-----------------
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages: 5549
Age: 31
Localisation: devant le pc
Date d'inscription: 18/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mer 16 Déc 2009 - 19:32
Salut Tim8


Tous les programmes que je vais te demander d'utiliser doivent être lancés via un clic droit sur l'icône du programme >> exécuter en tant qu'administrateur.



Etape 1

Alors ... au début, tu avais juste un petit programme à virer, mais tu viens d'installer ces programmes (qu'on va désinstaller) :
SGPSA
Search Guard PlusU
Search Guard Plus
Fast Browser Search
Désinstalle ces programmes si tu les trouves Smile et ne les réinstalle plus Wink



Etape 2

Je vais apporter quelques modifications au registre, donc je préfère qu'on en fasse une sauvegarde avant, au cas où.

Télécharge ERUNT.

  • Installe ERUNT en suivant les instructions suivantes :
    (Suis les directives d'installation par défaut, mais dis non quand on te demande d'ajouter ERUNT au startup folder (dossier start up), d'autant plus que si tu le souhaites tu pourras ajouter cette option ultérieurement)
    • Lance ERUNT soit en double-cliquant sur l'icône présente sur ton bureau soit en choisissant de lancer le programme en fin d'installation.
    • Choisis un emplacement pour la sauvegarde (L'emplacement par défaut est : C:\WINDOWS\ERDNT ce qui est acceptable).
    • Assure-toi que les deux premières cases suivantes soient bien cochées !!!
    • Clique sur OK.
    • Clique sur YES pour créer le dossier de sauvegarde.






Etape 3

  • Clique ici pour télécharger OTL (de Old Timer) sur ton bureau
  • Lance OTL
  • Dans le cadre Custom Scans/Fixes qui est en bas, colle le contenu du cadre ci dessous :

    Citation:
    :OTL
    PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

    :Services
    WinSvc

    :Reg
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{1BB22D38-A411-4B13-A746-C2A4F4EC7344}"=-
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "FBSSA"=-

    :Files
    C:\Program Files\SGPSA
    C:\Program Files\Search Guard PlusU
    C:\Program Files\Search Guard Plus
    C:\Program Files\Fast Browser Search
    C:\Program Files\Winsudate


    :Commands
    [purity]
    [emptytemp]
    [createrestorepoint]

    Puis clique sur le bouton Run Fix en haut.
  • Laisse OTL tourner, le pc va redémarrer.
  • Au redémarrage, un nouveau rapport va s'ouvrir, copie/colle son contenu ici svp



Bonne soirée Smile

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Jeu 17 Déc 2009 - 0:17
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Service WinSvc stopped successfully!
Service WinSvc deleted successfully!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91C18ED5-5E1C-4AE5-A148-A861DE8C8E16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FBSSA deleted successfully.
========== FILES ==========
C:\Program Files\SGPSA folder moved successfully.
C:\Program Files\Search Guard PlusU\Tmp folder moved successfully.
C:\Program Files\Search Guard PlusU folder moved successfully.
C:\Program Files\Search Guard Plus folder moved successfully.
C:\Program Files\Fast Browser Search\IE folder moved successfully.
C:\Program Files\Fast Browser Search folder moved successfully.
C:\Program Files\Winsudate folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: roman
->Temp folder emptied: 182765 bytes
->Temporary Internet Files folder emptied: 23721089 bytes
->Java cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 1266 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 22,80 mb



OTL by OldTimer - Version 3.1.17.0 log created on 12162009_231345

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages: 5549
Age: 31
Localisation: devant le pc
Date d'inscription: 18/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Jeu 17 Déc 2009 - 9:06
Salut Tim8


Ok, ça semble pas mal, voyons voir ce qui reste:

Relance OTL

  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
  • Coche Lop Check et Purity check
  • Sous Custom Scans (en bas), copie/colle ceci

    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.*
    %PROGRAMFILES%\*.
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


  • Clique sur le bouton Run Scan en haut à gauche puis patiente quelques instants.

    • A la fin du scan, deux rapports s'ouvriront (OTL.Txt et Extras.Txt). Copie/colle ici l'ensemble des rapports.

    PS : Les rapport sont aussi enregistrés sur le bureau



Au passage, comment fonctionne le pc ? Encore des messages d'erreur avec ton imprimante ?

Bonne journée

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Jeu 17 Déc 2009 - 17:48
Error: Unable to interpret <%SYSTEMDRIVE%\*.*> in the current context!
Error: Unable to interpret <%PROGRAMFILES%\*.*> in the current context!
Error: Unable to interpret <%PROGRAMFILES%\*.> in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret <%SYSTEMDRIVE%\*.exe> in the current context!
Error: Unable to interpret in the current context!

OTL by OldTimer - Version 3.1.17.0 log created on 12172009_164645

mon pc mache bien mai le message et pas parti
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages: 5549
Age: 31
Localisation: devant le pc
Date d'inscription: 18/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Ven 18 Déc 2009 - 0:26
Salut

Après avoir copié dans OTL, il faut cliquer sur "Run Scan" Wink


A mon avis, le message est dû à un souci avec Windows ou avec le pilote de l'imprimante.


Bonne soirée

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Ven 18 Déc 2009 - 2:54
dsl je me suis tromper jai appuiyer sur run fix. En cour de scanne jai ue ceci http://i14.servimg.com/u/f14/14/34/13/78/otl10.jpg
jai appuyer plusier foi sur annuler et c'est parti



OTL logfile created on: 18/12/2009 01:45:07 - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = D:\Downloads\logiciele
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 99,88% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): C:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,66 Gb Total Space | 37,69 Gb Free Space | 38,59% Space Free | Partition Type: NTFS
Drive D: | 350,05 Gb Total Space | 266,81 Gb Free Space | 76,22% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-ROMAN
Current User Name: roman
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/16 23:04:33 | 00,538,112 | ---- | M] (OldTimer Tools) -- D:\Downloads\logiciele\OTL.exe
PRC - [2009/07/25 04:23:22 | 00,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/11 07:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/09 10:32:34 | 02,564,408 | ---- | M] (www.BitComet.com) -- C:\Program Files\BitComet\BitComet.exe
PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008/10/15 13:31:53 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008/10/15 13:30:02 | 00,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2008/07/16 12:50:30 | 00,181,544 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer3\TeamViewer_Host.exe
PRC - [2008/06/12 13:28:45 | 00,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008/04/03 05:56:00 | 00,118,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2008/02/01 14:27:36 | 00,066,824 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OKAVAgent\OKAVAgent.exe
PRC - [2008/01/30 12:32:54 | 00,129,568 | ---- | M] () -- C:\Program Files\Lenovo\MultiRecover\multitray.exe
PRC - [2008/01/21 03:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/01/21 03:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008/01/21 03:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/21 03:23:32 | 00,319,544 | ---- | M] (Microsoft Corporation) -- c:\program files\windows defender\MpCmdRun.exe
PRC - [2007/09/19 16:18:04 | 00,376,832 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
PRC - [2007/08/17 06:27:00 | 04,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/02/04 11:02:14 | 00,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2007/01/09 03:25:30 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2006/11/29 10:58:14 | 00,090,112 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
PRC - [2006/09/13 13:20:48 | 00,737,280 | ---- | M] (CyberLink Corporation.) -- C:\Program Files\CyberLink\InstantBurn\Win2K\IBurn.exe
PRC - [2006/08/16 21:47:20 | 00,065,536 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2006/08/14 10:10:30 | 00,061,440 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Standard Keyboard Driver\SkDaemond.exe


========== Modules (SafeList) ==========

MOD - [2009/12/16 23:04:33 | 00,538,112 | ---- | M] (OldTimer Tools) -- D:\Downloads\logiciele\OTL.exe
MOD - [2009/04/11 07:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/09/25 02:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/05 21:48:42 | 00,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/03/24 16:17:21 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/15 13:31:53 | 00,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008/10/15 13:30:02 | 00,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008/07/16 12:50:30 | 00,181,544 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer3\TeamViewer_Host.exe -- (TeamViewer)
SRV - [2008/04/03 05:56:00 | 00,118,784 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2008/02/01 14:27:36 | 00,066,824 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\OKAVAgent\OKAVAgent.exe -- (OKAV Agent Service)
SRV - [2008/01/30 12:32:52 | 00,031,264 | ---- | M] () [Auto | Stopped] -- C:\PROGRA~1\LENOVO\MULTIR~1\mulservice.exe -- (mulservice)
SRV - [2008/01/21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/01/09 03:25:30 | 00,272,024 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2006/12/14 17:00:00 | 00,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/04/14 09:04:54 | 00,087,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2005/11/17 15:18:52 | 01,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV - [2009/08/05 21:48:42 | 00,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/05/27 21:08:38 | 00,075,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/05/27 21:08:32 | 00,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2009/05/27 21:08:29 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2009/05/15 10:26:04 | 00,515,584 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/02/21 13:19:53 | 00,000,000 | ---D | M] [Kernel | On_Demand | Stopped] -- C:\Windows\VMC410 -- (VMC410)
DRV - [2009/02/20 13:54:42 | 00,027,264 | ---- | M] (Anuj Infotech, India) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BTKbFltr.sys -- (BTKbFltr)
DRV - [2008/10/10 11:30:26 | 00,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/08/21 21:07:20 | 00,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/04/03 05:56:00 | 07,444,672 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/01/23 09:19:44 | 00,501,560 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV11.sys -- (acedrv11)
DRV - [2008/01/21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:22 | 00,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/12/08 09:20:20 | 00,025,104 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ntdisk.sys -- (ntdisk)
DRV - [2007/11/17 10:08:52 | 00,016,912 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\System32\drivers\safnt.sys -- (safnt)
DRV - [2007/08/22 11:44:18 | 01,950,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/03/14 03:30:32 | 00,165,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e100b325.sys -- (E100B) Intel(R)
DRV - [2007/03/01 09:34:22 | 00,028,352 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2006/11/28 20:46:22 | 00,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCAMp50.sys -- (PCAMp50)
DRV - [2006/11/28 20:46:20 | 00,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2006/11/02 15:57:04 | 00,036,624 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:36:43 | 02,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 08:30:53 | 00,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/09/13 09:48:28 | 00,010,368 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\CLBStor.sys -- (CLBStor)
DRV - [2006/09/13 09:48:26 | 00,184,448 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\CLBUDF.sys -- (CLBUDF)
DRV - [2006/05/04 09:21:50 | 00,006,656 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
DRV - [2005/08/17 07:45:00 | 00,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2005/05/12 22:56:00 | 00,028,182 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adipfusb.sys -- (adipfusb)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: (736 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [InstantBurn] C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe (CyberLink Corporation.)
O4 - HKLM..\Run: [multitray] C:\Program Files\Lenovo\MultiRecover\loadtray.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SkDaemond] C:\Program Files\Lenovo\Lenovo Standard Keyboard Driver\SkDaemond.exe ()
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BitComet] C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKCU..\Run: [EPSON Stylus SX400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPSON Stylus SX400 Series (Copie 1)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Power2GoExpress] File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident\4.0; File not found
O4 - Startup: C:\Users\roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Users\roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = C:\Users\roman\AppData\Local\Temp\{6B2EF9BB-F437-4577-BDF0-BE53739A5F7E}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe File not found
O4 - Startup: C:\Users\roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3_ Wild Registration.lnk = C:\Users\roman\AppData\Local\Temp\{9C2FCD7F-8265-48C5-94DA-68E0DA4FA14A}\{45653847-497F-47BB-A878-46FBDE34A3E0}\ATR1.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 00 00 00 02 [binary data]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O8 - Extra context menu item: Télécharger avec BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Tout télécharger avec BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: ibloks.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: ibloks.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: orange.fr ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\Autorun.exe -- File not found
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\Autorun.exe -- File not found
O33 - MountPoints2\N\Shell - "" = AutoRun
O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/01/21 03:34:27 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.clmp3enc - C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.CSCD - C:\Windows\System32\camcodec.dll (RenderSoft Software)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

========== Files/Folders - Created Within 30 Days ==========

[2009/12/17 22:17:31 | 00,000,000 | ---D | C] -- C:\Users\roman\Desktop\video marrente
[2009/12/16 23:13:45 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/12/16 23:12:30 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/12/16 23:10:39 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/14 22:42:33 | 00,000,000 | R--D | C] -- C:\Users\roman\Documents\Notes
[2009/12/14 04:34:12 | 00,000,000 | ---D | C] -- C:\Program Files\PC Inspector File Recovery
[2009/12/13 01:11:25 | 00,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2009/12/12 03:17:29 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2009/12/12 03:01:35 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2009/12/12 03:01:35 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2009/12/12 03:01:34 | 03,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2009/12/12 03:01:18 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2009/12/12 03:01:18 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2009/12/12 03:01:18 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2009/12/12 03:01:18 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2009/12/12 03:01:18 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2009/12/12 03:01:18 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/12/12 03:01:17 | 01,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2009/12/12 03:01:17 | 01,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2009/12/12 03:01:17 | 01,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2009/12/12 03:01:17 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2009/12/12 03:01:17 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2009/12/12 03:01:17 | 00,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2009/12/12 03:01:17 | 00,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2009/12/12 03:01:17 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/12/12 03:01:17 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2009/12/12 03:01:17 | 00,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2009/12/12 03:01:17 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2009/12/12 03:01:17 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2009/12/12 03:01:17 | 00,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2009/12/12 03:01:17 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2009/12/12 03:01:17 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2009/12/12 03:01:17 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2009/12/12 03:01:17 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2009/12/12 03:01:17 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2009/12/12 03:01:17 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2009/12/12 03:01:02 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2009/12/12 03:01:02 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2009/12/12 03:01:01 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2009/12/12 03:01:00 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2009/12/12 03:00:59 | 00,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2009/12/12 03:00:59 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2009/12/12 03:00:59 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2009/12/12 03:00:59 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2009/12/12 03:00:59 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2009/12/12 03:00:59 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2009/12/12 03:00:59 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2009/12/12 03:00:59 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2009/12/12 03:00:28 | 00,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2009/12/12 03:00:28 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2009/12/10 22:06:07 | 00,000,000 | ---D | C] -- C:\rsit
[2009/12/10 21:57:29 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2009/12/10 21:57:29 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2009/12/10 21:57:28 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2009/12/10 21:46:42 | 00,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2009/12/10 03:01:36 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2009/12/10 03:01:35 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2009/12/09 05:28:32 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/12/09 05:28:32 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/12/09 05:28:31 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/12/09 05:28:31 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/12/09 05:28:31 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/12/09 05:28:31 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/12/09 05:28:31 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/12/09 05:28:31 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/12/09 05:28:31 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/12/09 05:28:31 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/12/09 05:28:31 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/12/09 05:28:31 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/12/09 05:28:31 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/12/09 05:28:31 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/12/09 04:40:36 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2009/12/08 17:42:37 | 00,000,000 | ---D | C] -- C:\Program Files\epson
[2009/11/26 03:00:28 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/11/25 03:18:20 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/11/20 11:15:48 | 00,000,000 | ---D | C] -- C:\Windows\Profiles

========== Files - Modified Within 30 Days ==========
Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Ven 18 Déc 2009 - 2:55
[2009/12/18 01:46:35 | 07,602,176 | -HS- | M] () -- C:\Users\roman\NTUSER.DAT
[2009/12/18 01:46:32 | 00,283,883 | ---- | M] () -- C:\Users\roman\Desktop\otl.jpg
[2009/12/18 01:16:35 | 00,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/12/18 01:15:03 | 00,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/18 01:15:03 | 00,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/17 22:54:17 | 00,029,696 | ---- | M] () -- C:\Users\roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/17 21:29:08 | 02,065,352 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/17 21:29:08 | 01,490,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/17 21:29:08 | 00,078,290 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/17 21:29:08 | 00,071,738 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/12/17 21:29:08 | 00,020,396 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/12/16 23:15:18 | 00,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2009/12/16 23:15:08 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/16 23:15:07 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/16 23:14:10 | 00,065,536 | -HS- | M] () -- C:\Users\roman\NTUSER.DAT{b53f5fdb-5d76-11dd-88b6-001e90ae69d5}.TM.blf
[2009/12/16 23:14:09 | 00,524,288 | -HS- | M] () -- C:\Users\roman\NTUSER.DAT{b53f5fdb-5d76-11dd-88b6-001e90ae69d5}.TMContainer00000000000000000001.regtrans-ms
[2009/12/16 23:10:39 | 00,000,733 | ---- | M] () -- C:\Users\roman\Documents\NTREGOPT.lnk
[2009/12/16 23:10:39 | 00,000,714 | ---- | M] () -- C:\Users\roman\Desktop\ERUNT.lnk
[2009/12/15 20:03:23 | 03,593,617 | -H-- | M] () -- C:\Users\roman\AppData\Local\IconCache.db
[2009/12/14 04:34:12 | 00,001,643 | ---- | M] () -- C:\Users\Public\Desktop\PC Inspector File Recovery.lnk
[2009/12/13 20:56:50 | 00,007,644 | ---- | M] () -- C:\Users\roman\.recently-used.xbel
[2009/12/13 01:11:27 | 00,000,907 | ---- | M] () -- C:\Users\roman\Desktop\EVEREST Home Edition.lnk
[2009/12/12 03:17:25 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/12/12 03:16:50 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/12/10 22:44:44 | 00,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2009/12/10 22:00:18 | 00,391,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/12/10 19:58:56 | 00,002,687 | ---- | M] () -- C:\Users\roman\Desktop\Microsoft Office Word 2007.lnk
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/11/30 15:10:56 | 00,014,172 | ---- | M] () -- C:\Users\roman\Documents\Melle karen Jourdan.docx
[2009/11/28 17:55:20 | 00,000,370 | ---- | M] () -- C:\Users\roman\Documents\Images - Raccourci.lnk
[2009/11/23 00:32:18 | 00,000,218 | ---- | M] () -- C:\Windows\win.ini
[2009/11/21 21:06:45 | 00,002,617 | ---- | M] () -- C:\Users\roman\Desktop\Microsoft Office PowerPoint 2007.lnk
[2009/11/21 20:50:19 | 00,001,853 | ---- | M] () -- C:\Users\roman\Desktop\Lenovo Media Studio.lnk
[2009/11/21 07:35:38 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/11/21 07:35:38 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/11/21 07:34:58 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/11/21 07:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/11/21 07:34:39 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/11/21 07:34:39 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/11/21 07:34:39 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/11/21 07:34:38 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/11/21 07:34:38 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/11/21 07:34:33 | 00,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/11/21 05:59:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/11/21 05:59:52 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/11/21 05:59:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/11/21 05:58:54 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

========== Files Created - No Company Name ==========

[2009/12/18 01:46:32 | 00,283,883 | ---- | C] () -- C:\Users\roman\Desktop\otl.jpg
[2009/12/16 23:10:39 | 00,000,733 | ---- | C] () -- C:\Users\roman\Documents\NTREGOPT.lnk
[2009/12/16 23:10:39 | 00,000,714 | ---- | C] () -- C:\Users\roman\Desktop\ERUNT.lnk
[2009/12/14 04:34:12 | 00,006,200 | ---- | C] () -- C:\Windows\System32\INT13EXT.VXD
[2009/12/14 04:34:12 | 00,001,643 | ---- | C] () -- C:\Users\Public\Desktop\PC Inspector File Recovery.lnk
[2009/12/13 20:56:50 | 00,007,644 | ---- | C] () -- C:\Users\roman\.recently-used.xbel
[2009/12/13 01:11:27 | 00,000,907 | ---- | C] () -- C:\Users\roman\Desktop\EVEREST Home Edition.lnk
[2009/12/12 03:17:25 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/12/12 03:16:50 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/12/10 22:44:44 | 00,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/11/28 17:55:20 | 00,000,370 | ---- | C] () -- C:\Users\roman\Documents\Images - Raccourci.lnk
[2009/10/20 07:16:55 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/07/09 11:58:38 | 00,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/07/09 11:58:38 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/07/09 11:58:37 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/07/09 11:58:37 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/07/09 11:58:36 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009/07/09 11:58:35 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/07/09 11:58:35 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009/06/22 22:21:58 | 00,000,045 | ---- | C] () -- C:\Windows\adidsl.ini
[2009/04/20 15:33:50 | 00,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/04/20 15:29:15 | 00,000,025 | ---- | C] () -- C:\Windows\CDE SX400DEFGIPS.ini
[2009/04/19 22:31:36 | 00,027,443 | ---- | C] () -- C:\Users\roman\AppData\Roaming\UserTile.png
[2009/03/17 23:12:12 | 00,000,680 | ---- | C] () -- C:\Users\roman\AppData\Local\d3d9caps.dat
[2009/02/21 13:27:32 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/02/14 19:53:53 | 00,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2009/02/14 19:49:10 | 00,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009/02/14 12:57:43 | 00,000,000 | ---- | C] () -- C:\Windows\ringtonemaker.INI
[2009/02/14 12:50:04 | 00,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2009/02/14 12:49:51 | 00,000,024 | ---- | C] () -- C:\Windows\magix.ini
[2009/02/14 12:49:50 | 00,007,023 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008/12/13 00:42:19 | 00,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2008/12/13 00:42:19 | 00,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2008/10/10 11:30:35 | 00,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008/10/10 11:23:43 | 00,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008/09/05 18:02:35 | 00,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2008/08/21 21:07:20 | 00,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008/07/25 21:21:21 | 00,029,696 | ---- | C] () -- C:\Users\roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/25 20:53:06 | 00,000,051 | ---- | C] () -- C:\ProgramData\lxdi
[2008/07/25 20:49:30 | 00,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL
[2008/07/25 20:49:30 | 00,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL
[2008/07/25 20:49:10 | 00,036,864 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll
[2008/07/25 20:49:10 | 00,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL
[2008/06/05 09:15:23 | 01,560,576 | ---- | C] () -- C:\Windows\System32\MainOp.dll
[2008/06/05 09:15:23 | 01,327,104 | ---- | C] () -- C:\Windows\System32\ImageReog.dll
[2008/06/05 09:15:23 | 00,622,592 | ---- | C] () -- C:\Windows\System32\PicNotify.dll
[2008/06/05 09:15:23 | 00,491,520 | ---- | C] () -- C:\Windows\System32\picn.dll
[2008/06/05 09:15:23 | 00,208,896 | ---- | C] () -- C:\Windows\System32\Image.dll
[2008/06/05 09:15:23 | 00,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll
[2008/06/05 09:15:23 | 00,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll
[2008/06/05 09:15:23 | 00,094,208 | ---- | C] () -- C:\Windows\System32\ApBlend.dll
[2008/06/05 09:15:23 | 00,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll
[2008/06/05 09:12:01 | 00,025,104 | ---- | C] () -- C:\Windows\System32\drivers\ntdisk.sys
[2008/06/05 09:12:01 | 00,016,912 | ---- | C] () -- C:\Windows\System32\drivers\safnt.sys
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:25:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003/08/07 20:01:50 | 00,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2002/03/17 01:00:00 | 00,007,420 | ---- | C] () -- C:\Windows\UA000079.DLL

========== LOP Check ==========

[2009/02/04 15:07:34 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Atari
[2008/08/17 16:27:19 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Blender Foundation
[2009/04/20 15:28:06 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Canon
[2009/02/04 15:32:43 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\DAEMON Tools
[2009/02/04 15:32:43 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\DAEMON Tools Lite
[2009/02/04 15:32:43 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\DAEMON Tools Pro
[2009/04/23 18:40:05 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\EPSON
[2008/12/30 16:27:05 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\FileZilla
[2008/12/30 11:51:15 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Gencontrol
[2009/12/13 20:56:50 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\gtk-2.0
[2008/08/18 13:27:55 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\iBloks
[2009/07/30 16:01:48 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Icones
[2008/07/26 10:10:42 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\InterVideo
[2009/10/13 16:34:07 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Kingston
[2008/08/22 13:34:04 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Leadertech
[2008/07/25 20:56:14 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Lexmark Productivity Studio
[2009/03/10 20:28:16 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\LimeWire
[2009/11/01 16:10:30 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\MAGIX
[2009/02/14 19:55:11 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\ProtectDisc
[2009/02/26 17:05:43 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Samsung
[2008/09/05 18:02:29 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\ScanSoft
[2008/07/29 15:17:50 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Seven Zip
[2008/08/17 15:18:50 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\TeamViewer
[2009/03/02 20:30:22 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Twins Software
[2009/06/26 14:02:05 | 00,000,000 | ---D | M] -- C:\Users\roman\AppData\Roaming\Ulead Systems
[2009/12/16 23:14:06 | 00,032,526 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/12/17 01:42:48 | 00,000,000 | ---- | M] () -- C:\asoutput.log
[2006/09/18 22:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 07:36:36 | 00,333,257 | RHS- | M] () -- C:\bootmgr
[2008/03/14 23:02:19 | 00,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 22:43:37 | 00,000,010 | ---- | M] () -- C:\config.sys
[2008/12/11 15:10:06 | 12,479,7650 | ---- | M] () -- C:\FaceProv.log
[2008/11/23 08:42:22 | 00,217,076 | ---- | M] () -- C:\HeadVideo.log
[2008/06/05 08:56:15 | 00,000,000 | ---- | M] () -- C:\hpa.flag
[2008/06/05 09:29:40 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/05/06 15:53:07 | 00,000,177 | ---- | M] () -- C:\ITB.log
[2008/09/05 17:47:46 | 00,000,078 | ---- | M] () -- C:\lxdi.log
[2008/06/05 09:29:40 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/07/26 03:27:25 | 00,000,238 | ---- | M] () -- C:\okav_win.cfg
[2009/12/16 23:15:03 | 38,025,42080 | -HS- | M] () -- C:\pagefile.sys
[2008/06/05 09:00:21 | 00,000,426 | ---- | M] () -- C:\RHDSetup.log
[2009/07/30 10:00:40 | 00,000,087 | ---- | M] () -- C:\Setup.log
[2008/06/05 09:13:44 | 00,390,602 | ---- | M] () -- C:\vcredist_x86.log

< %PROGRAMFILES%\*.* >
[2008/01/21 03:43:21 | 00,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %PROGRAMFILES%\*. >
[2009/06/22 23:55:03 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe
[2008/07/29 15:17:41 | 00,000,000 | ---D | M] -- C:\Program Files\AudioEdit Deluxe
[2008/12/03 21:08:00 | 00,000,000 | ---D | M] -- C:\Program Files\Avira
[2008/07/29 13:36:20 | 00,000,000 | ---D | M] -- C:\Program Files\Avira(368)
[2009/02/17 21:26:51 | 00,000,000 | ---D | M] -- C:\Program Files\AVS4YOU
[2009/07/30 19:21:58 | 00,000,000 | ---D | M] -- C:\Program Files\BitComet
[2009/12/17 01:15:46 | 00,000,000 | ---D | M] -- C:\Program Files\CamStudio
[2009/05/04 11:37:54 | 00,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2009/09/09 11:53:30 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/03/20 17:22:32 | 00,000,000 | ---D | M] -- C:\Program Files\COMODO
[2009/03/19 20:51:18 | 00,000,000 | ---D | M] -- C:\Program Files\Conduit
[2009/05/06 15:53:06 | 00,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2009/04/15 16:10:22 | 00,000,000 | ---D | M] -- C:\Program Files\DebugMode
[2009/01/15 22:55:56 | 00,000,000 | ---D | M] -- C:\Program Files\directx
[2009/12/08 17:42:37 | 00,000,000 | ---D | M] -- C:\Program Files\epson
[2009/12/16 23:11:09 | 00,000,000 | ---D | M] -- C:\Program Files\ERUNT
[2009/01/07 14:40:15 | 00,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2009/07/08 22:29:22 | 00,000,000 | ---D | M] -- C:\Program Files\Google
[2008/08/18 13:27:55 | 00,000,000 | ---D | M] -- C:\Program Files\iBloks
[2009/02/14 14:28:19 | 00,000,000 | ---D | M] -- C:\Program Files\Image-Line
[2009/12/14 04:34:12 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2008/06/05 08:59:19 | 00,000,000 | ---D | M] -- C:\Program Files\Intel
[2009/12/10 21:57:50 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/09/06 10:07:02 | 00,000,000 | ---D | M] -- C:\Program Files\Java
[2009/07/09 11:59:11 | 00,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
[2009/12/13 01:11:25 | 00,000,000 | ---D | M] -- C:\Program Files\Lavalys
[2009/09/06 10:05:39 | 00,000,000 | ---D | M] -- C:\Program Files\Lenovo
[2009/03/27 18:28:08 | 00,000,000 | ---D | M] -- C:\Program Files\MAGIX
[2009/12/15 20:04:12 | 00,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/27 23:17:41 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger Plus! Live
[2009/03/03 19:11:18 | 00,000,000 | ---D | M] -- C:\Program Files\Micro Application
[2009/03/18 15:07:22 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2008/09/12 22:02:14 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2008/07/29 15:59:54 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2008/09/05 17:47:56 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office(458)
[2008/07/25 22:55:46 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office(94)
[2009/09/10 02:07:41 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2008/07/29 11:45:07 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Small Business
[2008/06/05 09:10:12 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2009/03/18 15:05:58 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/03/18 15:06:40 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2009/07/15 14:57:48 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2008/07/29 15:17:48 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2009/12/10 21:57:50 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/11/13 02:42:28 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/02/14 14:05:25 | 00,000,000 | ---D | M] -- C:\Program Files\Outsim
[2009/12/14 04:34:12 | 00,000,000 | ---D | M] -- C:\Program Files\PC Inspector File Recovery
[2009/03/27 18:28:40 | 00,000,000 | ---D | M] -- C:\Program Files\ProtectDisc Driver Installer
[2008/10/21 21:21:12 | 00,000,000 | ---D | M] -- C:\Program Files\Pure Motion
[2008/06/05 08:59:48 | 00,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/03/19 20:51:18 | 00,000,000 | ---D | M] -- C:\Program Files\Reganam
[2009/07/30 09:58:16 | 00,000,000 | ---D | M] -- C:\Program Files\SAGEM
[2008/09/05 18:02:09 | 00,000,000 | ---D | M] -- C:\Program Files\ScanSoft
[2009/07/30 09:57:32 | 00,000,000 | ---D | M] -- C:\Program Files\Securitoo
[2008/10/21 21:21:11 | 00,000,000 | ---D | M] -- C:\Program Files\Sonic Foundry
[2009/07/15 21:00:20 | 00,000,000 | ---D | M] -- C:\Program Files\Sony
[2009/03/18 19:59:06 | 00,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2008/08/09 18:36:03 | 00,000,000 | ---D | M] -- C:\Program Files\TeamViewer3
[2009/06/06 13:17:22 | 00,000,000 | ---D | M] -- C:\Program Files\Trefach Astronomy Centre
[2009/12/16 12:36:35 | 00,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2008/12/30 17:15:30 | 00,000,000 | ---D | M] -- C:\Program Files\Trlokom
[2009/01/30 14:35:02 | 00,000,000 | ---D | M] -- C:\Program Files\TurnTool
[2009/01/04 14:22:10 | 00,000,000 | ---D | M] -- C:\Program Files\Ubisoft
[2009/06/26 13:55:51 | 00,000,000 | ---D | M] -- C:\Program Files\Ulead Systems
[2009/07/16 20:58:56 | 00,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/02/14 14:27:29 | 00,000,000 | ---D | M] -- C:\Program Files\VstPlugins
[2009/12/10 21:57:50 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/12/10 21:57:50 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/12/10 21:57:49 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/12/10 21:57:50 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/10/17 20:04:20 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2008/08/09 18:31:42 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live Safety Center
[2009/03/18 15:04:43 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2009/03/18 15:06:59 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2009/12/10 21:57:50 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2008/08/19 11:30:43 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2009/12/11 11:15:07 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/09/05 17:47:57 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/12/10 21:57:50 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/12/12 03:17:29 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/12/10 21:57:50 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2009/01/11 01:16:30 | 00,000,000 | ---D | M] -- C:\Program Files\WinRAR

< %SYSTEMDRIVE%\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2009-12-17 19:07:06

< >
< End of report >
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages: 5549
Age: 31
Localisation: devant le pc
Date d'inscription: 18/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Ven 18 Déc 2009 - 8:39
Salut, ça m'a l'air pas mal.



Petites suppressions, puis scan en ligne pour m'assurer que rien ne traine.

Relance OTL

  • Dans le cadre Custom Scans/Fixes qui est en bas, colle le contenu du cadre ci dessous :

    Citation:
    :OTL
    O33 - MountPoints2\K\Shell - "" = AutoRun
    O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\Autorun.exe -- File not found
    O33 - MountPoints2\L\Shell - "" = AutoRun
    O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\Autorun.exe -- File not found
    O33 - MountPoints2\N\Shell - "" = AutoRun
    O33 - MountPoints2\N\Shell\AutoRun\command - "" = N:\Autorun.exe -- File not found
    [2002/03/17 01:00:00 | 00,007,420 | ---- | C] () -- C:\Windows\UA000079.DLL

    :Commands
    [emptytemp]

    Puis clique sur le bouton Run Fix en haut.
  • Laisse OTL tourner, le pc va redémarrer.
  • Au redémarrage, un nouveau rapport va s'ouvrir, copie/colle son contenu ici svp




La version de Java qui est installée n'est pas à jour :
Télécharge JavaRa.zip sur ton bureau.

    * Décompresse le fichier sur ton bureau (clic droit > Extraire tout)
    * Double-clique sur le répertoire JavaRa obtenu
    * Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher)
    * Choisis dans le menu déroulante : French
    * Clique sur Recherche de mise à jour s
    * Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher
    * Autorise le processus à se connecter s'il te le demande, clique sur Installer et suis les instructions d'installation. Cela prendra quelques minutes.
    * Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Effacer les anciennes versions
    * Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
    * Ferme l'application




Rends toi sur kaspersky online scanner (clique ici)
  • Clique sur Accept en bas pour installer le programme.
  • Ferme toutes tes fenêtres et désactive tes logiciels de sécurité.
  • Clique sur exécuter pour lancer le programme.
    Patiente le temps de la mise à jour ...
  • Clique sur my computer sous scan (à gauche)
    Patiente le temps du scan.
  • Dès que c'est fini, clique sur Report... à gauche, puis clique sur save report...


Sauvegarde le rapport sous le nom kaspersky.txt et copie/colle son contenu ici svp.
Réactive ton antivirus.

ps : n'utilise pas ton pc le temps du scan.

Une aide en image ici



Bonne journée Smile

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
tim8
Bibouactif
Bibouactif


Masculin
Nombre de messages: 63
Age: 17
Localisation: ici
Humeur: content
Date d'inscription: 30/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Ven 18 Déc 2009 - 16:55
All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\ not found.
File K:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L\ not found.
File L:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\N\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\N\ not found.
File N:\Autorun.exe not found.
C:\Windows\UA000079.DLL moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: roman
->Temp folder emptied: 264381 bytes
->Temporary Internet Files folder emptied: 11535981 bytes
->Java cache emptied: 13690431 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 6884 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 24,32 mb


OTL by OldTimer - Version 3.1.17.0 log created on 12182009_155252

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages: 5549
Age: 31
Localisation: devant le pc
Date d'inscription: 18/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Ven 18 Déc 2009 - 16:57
Re


Ok, il ne reste que Kaspersky Smile

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages: 5549
Age: 31
Localisation: devant le pc
Date d'inscription: 18/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Ven 1 Jan 2010 - 22:05
salut tim8

Toujours besoin d'aide ?

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
sena
Bibougeek
Bibougeek


Masculin
Nombre de messages: 121
Age: 32
Localisation: Lome - TOGO (Afrique de l'Ouest)
Date d'inscription: 25/05/2008

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Dim 3 Jan 2010 - 2:51
Bonjour, j'entre et je sors Wink
Citation:
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_S38A2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_SFA8B.tmp" /EF "HKCU"
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages: 5549
Age: 31
Localisation: devant le pc
Date d'inscription: 18/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mer 6 Jan 2010 - 0:58
Salut Sena

Et bien, je crois qu'on va s'arrêter là.

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
GrosBébé
Moderateurs (trices)
Moderateurs (trices)


Masculin
Nombre de messages: 5549
Age: 31
Localisation: devant le pc
Date d'inscription: 18/12/2007

MessageSujet: Re: [Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante   Mer 6 Jan 2010 - 0:58
Sujet fermé en raison de l'inactivité. Si vous souhaitez réouvrir ce sujet, faites en la demande par MP en indiquant la raison et le lien vers ce sujet. Cela ne s'applique qu'à tim8. Pour les autres, créez votre propre sujet.

__________________________________________________________________________________________________________________
Revenir en haut Aller en bas
 

[Fermé] SGPSA, Search Guard PlusU, Search Guard Plus, Fast Browser Search, Winsudate -- message erreur imprimante

Voir le sujet précédent Voir le sujet suivant Revenir en haut 
Page 1 sur 1

 Sujets similaires

-
» Filezilla Server : Erreur 425
» Installation d'une imprimante virtuelle PDF (Bullzip)
» Mon forum a été Fermé , Mais je n'ai rien fait
» Obsolescence programmée imprimante Canon: plus une fatalité
» La ferme marine de Campomoro - L'usina di i pesci di Campumoru

Permission de ce forum:Vous ne pouvez pas répondre aux sujets dans ce forum
Bibou le forum :: 
La sécurité
 :: Aide à la désinfection :: Sujets résolus ou anciens		-