Problème Iexplorer

donbenitos le 11 octobre 2009 à 00h52

Bonsoir à tous,

Voila j'ai un petit problème avec la page de démarrage d'Iexplorer impossible de mettre ma page d'acceuil google, j'imagine que je suis infecté par quelque chose j'ai utilisé déjà smitfraud fix, spyboth,toolbar-sd,Malwarebyte. Impossible d'enlever le problème toujours cette page de démarrage MSN qui me rend dingue.

Merci pour votre aide. :hello:

répondre

donbenitos le 11 octobre 2009 à 00h55

Oupssss j'avais oublié

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:55:05, on 11/10/2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

EDITION MODERATEUR : Règle du forum à respecter :

Pas de rapport avant qu'il n'en soit demandé un !

Veuillez lire l'article suivant :
http://forum.telecharger.01net.com/telecharger/securite_virus_et_assimiles/a_(...)

Merci d'en prendre connaissance.

-->Message édité par totoftotof le 11/10/2009 05:22:44<--

répondre

donbenitos le 11 octobre 2009 à 02h53

Personne pour m'aider? :jap:

répondre

totoftotof le 11 octobre 2009 à 05h20

bonjour

un peu de patience vous avez posté votre sujet y'a à peine 2h

répondre

donbenitos le 11 octobre 2009 à 14h05

Bonjour à tous

Voila suis toujours avec ma page internet de démarrage msn. j'ai encore essayé un coup de smitfraudfix, navlog et rien à fair!!!!! pffff

A l'aide.

-->Message édité par donbenitos le 11/10/2009 14:07:25<--

répondre

dédétraqué le 11 octobre 2009 à 16h14

Salut donbenitos

On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit

@++

répondre

donbenitos le 11 octobre 2009 à 17h46

Bonsoir à toi dédétraqué

Voici le rapport demandé:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:45:31, on 11/10/2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Donbenitos\Desktop\RSIT.exe
C:\Windows\system32\DllHost.exe
C:\Users\Donbenitos\Desktop\Donbenitos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/webhp?sourceid=navclient&hl=fr&ie=UTF-8
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par IE 8 FOURNI PAR 01NET.COM
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_C5284CC30AB3000E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_803138DCE93649E4.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_5_3_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_C5284CC30AB3000E.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Partition Suite\oss_reinstall_svc.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Micro Star SCM - Unknown owner - C:\Program Files\System Control Manager\MSIService.exe

--
End of file - 6681 bytes
:super:

répondre

dédétraqué le 11 octobre 2009 à 17h58

Salut donbenitos

Télécharge ST_Fix (de Batch_Man) sur le bureau :

http://batchdhelus.open-web.fr/programme/ST_Fix.bat

Important : Ferme tous les navigateurs

Double clique sur ST_Fix Beta.bat pour lancer le logiciel
- Dans la nouvelle fenêtre choisi l’option 3 et tape Enter
- Après sera demandé la nouvelle page de démarrage, tape google.fr et Enter pour débuter la désinfection.

Copie/colle le contenue du rapport

@++

répondre

donbenitos le 11 octobre 2009 à 18h12

Voici le rapport par contre je n'ai pas eu une autre fenêtre pour fair la désinfection?? dois je attendre encore après le rapport??

ST_Fix v.2.05 par Batch_Man
# Mise à jour le 06/08/2009
# Début a 18:09 le dim. 11/10/2009
# Système d'exploitation: Windows 7 Ultimate
# Mode de boot: Normal
# Lancé de C:\Users\Donbenitos\Desktop\ST_Fix.bat
#
################################ Suppression ###############################
#
# SUPPRIMÉ - HKEY_USERS\S-1-5-21-1765709351-3253548250-1826066461-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts
#
################################## Terminé ################################

Merci

-->Message édité par donbenitos le 11/10/2009 18:13:45<--

répondre

dédétraqué le 11 octobre 2009 à 18h42

Salut donbenitos

Et puis la page de démarrage?

@++

répondre

donbenitos le 11 octobre 2009 à 19h06

Non toujours cette page de démarrage MSN!!

répondre

dédétraqué le 11 octobre 2009 à 19h34

Salut donbenitos

Télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit

@++

répondre

donbenitos le 11 octobre 2009 à 20h02

Voici:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Donbenitos at 2009-10-11 20:00:43
Microsoft Windows 7 Édition Intégrale Service Pack 3
System drive C: has 118 GB (39%) free of 305 GB
Total RAM: 2047 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:00:47, on 11/10/2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Donbenitos\Desktop\Soft désinfection\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Donbenitos\Desktop\Donbenitos.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/webhp?sourceid=navclient&hl=fr&ie=UTF-8
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_C5284CC30AB3000E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_803138DCE93649E4.dll/cmsidewiki.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_5_3_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_C5284CC30AB3000E.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Partition Suite\oss_reinstall_svc.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Micro Star SCM - Unknown owner - C:\Program Files\System Control Manager\MSIService.exe

--
End of file - 6995 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-10 258160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-14 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_C5284CC30AB3000E.dll [2009-10-10 462832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-10 258160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-04-09 2029640]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2008-09-24 6335008]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-10-10 122880]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [2009-08-08 2980800]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-22 1174016]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-09-29 289072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON BX300F Series]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE [2008-01-22 188928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-10-10 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Donbenitos\AppData\Local\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MGSysCtrl]
C:\Program Files\System Control Manager\MGSysCtrl.exe [2008-09-22 708608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-06-11 96264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\svchost64.exe]
c:\windows\system32\svchost64.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-28 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Donbenitos^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Ghost Recon Advanced Warfighter.LNK]
[]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"UacDisableNotify"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=255
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-10-11 19:31:28 ----D---- C:\Windows\BDOSCAN8
2009-10-11 18:56:58 ----RASHD---- C:\autorun.inf
2009-10-11 18:53:45 ----A---- C:\UsbFix.txt
2009-10-11 18:50:16 ----D---- C:\UsbFix
2009-10-11 18:46:04 ----D---- C:\_OTM
2009-10-11 18:04:09 ----D---- C:\ST_Fix
2009-10-11 16:11:34 ----A---- C:\Windows\WORDPAD.INI
2009-10-11 14:55:06 ----D---- C:\VundoFix Backups
2009-10-11 14:55:06 ----A---- C:\VundoFix.txt
2009-10-11 14:52:56 ----D---- C:\rsit
2009-10-11 13:53:39 ----D---- C:\ToolBar SD
2009-10-11 03:02:48 ----A---- C:\Windows\system32\tempBatFile.bat
2009-10-11 02:52:04 ----D---- C:\Windows\Temp
2009-10-11 01:11:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-11 00:38:47 ----D---- C:\Program Files\Trend Micro
2009-10-11 00:11:42 ----A---- C:\Windows\_MSRSTRT.EXE
2009-10-11 00:10:17 ----A---- C:\TCleaner.txt
2009-10-10 23:39:26 ----D---- C:\Program Files\a-squared Anti-Malware
2009-10-10 22:22:52 ----D---- C:\Program Files\Power IE
2009-10-10 21:53:38 ----A---- C:\Users\Donbenitos\AppData\Roaming\SetValue.bat
2009-10-10 21:53:38 ----A---- C:\Users\Donbenitos\AppData\Roaming\GetValue.vbs
2009-10-10 18:16:23 ----D---- C:\32788R22FWJFW
2009-10-10 17:16:28 ----D---- C:\Users\Donbenitos\AppData\Roaming\Malwarebytes
2009-10-10 17:16:23 ----D---- C:\ProgramData\Malwarebytes
2009-10-10 00:24:55 ----A---- C:\Windows\system32\cmd.execf
2009-10-09 22:58:09 ----D---- C:\Program Files\Anti Trojan Elite
2009-10-09 22:16:57 ----D---- C:\ProgramData\Simply Super Software
2009-10-09 22:16:57 ----D---- C:\Program Files\Trojan Remover
2009-10-09 17:13:52 ----A---- C:\Windows\system32\fservice.exe.bat
2009-10-09 16:45:38 ----D---- C:\Windows\system32\language
2009-10-09 16:45:38 ----D---- C:\Windows\system32\Images
2009-10-09 16:45:38 ----D---- C:\Windows\system32\Download
2009-10-09 16:00:44 ----D---- C:\ProgramData\F-Secure
2009-10-09 14:17:24 ----D---- C:\Windows\system32\RTCOM
2009-10-09 14:16:30 ----A---- C:\Windows\DIFxAPI.dll
2009-10-09 14:16:26 ----A---- C:\Windows\system32\RtkHDMI.dll
2009-10-09 14:16:26 ----A---- C:\Windows\RtkUpd.exe
2009-10-09 14:16:25 ----A---- C:\Windows\system32\RHDMIExt.dll
2009-10-09 14:16:25 ----A---- C:\Windows\system32\RHCoInst.dll
2009-10-09 14:16:21 ----A---- C:\Windows\system32\WavesLib.dll
2009-10-09 14:16:21 ----A---- C:\Windows\system32\ppChain.dll
2009-10-09 14:16:21 ----A---- C:\Windows\system32\ctppld.dll
2009-10-09 14:16:19 ----A---- C:\Windows\system32\SRSWOW.dll
2009-10-09 14:16:19 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-10-09 14:16:19 ----A---- C:\Windows\system32\SRSTSHD.dll
2009-10-09 14:16:19 ----A---- C:\Windows\system32\SRSHP360.dll
2009-10-09 14:16:18 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-10-09 14:16:18 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-10-09 14:16:17 ----A---- C:\Windows\system32\RtkApoApi.dll
2009-10-09 14:16:17 ----A---- C:\Windows\system32\RtkAPO.dll
2009-10-09 14:16:11 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2009-10-09 14:16:11 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2009-10-09 14:16:11 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2009-10-09 14:16:10 ----A---- C:\Windows\system32\FMAPO.dll
2009-10-09 14:16:09 ----A---- C:\Windows\system32\DaisyWrp.dll
2009-10-09 14:16:09 ----A---- C:\Windows\system32\CTAPO32.dll
2009-10-09 14:16:09 ----A---- C:\Windows\system32\AERTARen.dll
2009-10-09 14:16:09 ----A---- C:\Windows\system32\AERTACap.dll
2009-10-09 14:16:05 ----HD---- C:\Program Files\Temp
2009-10-09 14:16:04 ----R---- C:\Windows\RtlExUpd.dll
2009-10-07 23:58:33 ----D---- C:\ProgramData\ashampoo
2009-10-07 23:54:26 ----D---- C:\Users\Donbenitos\AppData\Roaming\Ashampoo
2009-10-07 23:53:19 ----D---- C:\Program Files\Ashampoo
2009-10-06 23:55:50 ----D---- C:\Program Files\SuperScan
2009-10-04 18:45:04 ----D---- C:\Program Files\KONAMI
2009-10-03 13:04:10 ----A---- C:\Windows\Start.INI
2009-10-03 12:27:49 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-10-03 12:26:22 ----D---- C:\Program Files\Microsoft
2009-10-02 22:21:51 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-02 00:45:55 ----D---- C:\Program Files\Street Fighter IV
2009-10-01 23:03:44 ----HDC---- C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2009-09-29 22:19:48 ----D---- C:\ProgramData\ATI
2009-09-28 18:52:19 ----D---- C:\Program Files\Acronis
2009-09-28 18:52:18 ----D---- C:\Program Files\Common Files\Acronis
2009-09-27 21:09:10 ----D---- C:\Program Files\Lionhead Studios
2009-09-23 23:54:36 ----A---- C:\Windows\PROTOCOL.INI
2009-09-23 23:53:49 ----A---- C:\Windows\uninst.exe
2009-09-23 23:48:11 ----D---- C:\Program Files\Black Isle
2009-09-19 22:44:39 ----D---- C:\Users\Donbenitos\AppData\Roaming\Leadertech
2009-09-19 16:49:01 ----D---- C:\Program Files\Bohemia Interactive
2009-09-19 16:29:05 ----D---- C:\Program Files\OpenAL
2009-09-19 16:29:05 ----A---- C:\Windows\system32\wrap_oal.dll
2009-09-19 16:29:05 ----A---- C:\Windows\system32\OpenAL32.dll
2009-09-14 22:54:17 ----A---- C:\BmStartApp.exe
2009-09-14 22:35:18 ----D---- C:\Program Files\Eidos
2009-09-14 22:27:41 ----D---- C:\CloneDVDTemp
2009-09-14 22:18:10 ----D---- C:\Program Files\Elaborate Bytes
2009-09-14 22:02:03 ----D---- C:\ProgramData\SlySoft
2009-09-14 21:54:27 ----D---- C:\Program Files\SlySoft
2009-09-12 19:56:35 ----D---- C:\Program Files\Larousse
2009-09-12 19:56:34 ----D---- C:\Program Files\directx
2009-09-12 18:33:32 ----D---- C:\ProgramData\RTMI2_DemoFull
2009-09-12 18:27:14 ----D---- C:\ProgramData\Tages
2009-09-12 18:23:25 ----D---- C:\ProgramData\Kheops Studio
2009-09-12 17:41:22 ----D---- C:\Program Files\SEGA

======List of files/folders modified in the last 1 months======

2009-10-11 20:00:34 ----D---- C:\Windows\Prefetch
2009-10-11 19:32:05 ----D---- C:\Users\Donbenitos\AppData\Roaming\uTorrent
2009-10-11 19:31:30 ----D---- C:\Windows\Downloaded Program Files
2009-10-11 19:31:29 ----AD---- C:\Windows
2009-10-11 19:26:04 ----D---- C:\Windows\system32\config
2009-10-11 19:11:18 ----AD---- C:\Windows\System32
2009-10-11 18:54:54 ----SHD---- C:\$Recycle.Bin
2009-10-11 18:46:07 ----D---- C:\Program Files
2009-10-11 03:04:30 ----D---- C:\Program Files\Internet Explorer
2009-10-11 02:41:12 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-10-11 01:28:19 ----SHD---- C:\Windows\Installer
2009-10-11 01:27:42 ----D---- C:\Program Files\Windows Live
2009-10-11 01:11:12 ----D---- C:\Windows\system32\drivers
2009-10-11 00:05:01 ----HD---- C:\ProgramData
2009-10-11 00:03:30 ----D---- C:\Program Files\ElcomSoft
2009-10-10 23:39:31 ----SHD---- C:\System Volume Information
2009-10-10 22:23:48 ----D---- C:\Windows\Web
2009-10-10 20:19:00 ----D---- C:\Windows\system32\catroot2
2009-10-10 20:02:11 ----D---- C:\Windows\system32\Tasks
2009-10-10 18:25:13 ----D---- C:\Program Files\Ubisoft
2009-10-10 17:05:00 ----D---- C:\Windows\Minidump
2009-10-09 22:19:17 ----AD---- C:\ProgramData\TEMP
2009-10-09 17:21:59 ----D---- C:\Windows\system
2009-10-09 16:37:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-09 16:37:32 ----D---- C:\Windows\inf
2009-10-09 14:19:00 ----D---- C:\Windows\system32\catroot
2009-10-09 14:18:59 ----D---- C:\Windows\system32\DriverStore
2009-10-09 14:16:09 ----D---- C:\Program Files\Realtek
2009-10-09 14:16:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-07 22:32:11 ----SD---- C:\Users\Donbenitos\AppData\Roaming\Microsoft
2009-10-07 01:48:28 ----D---- C:\Windows\system32\NDF
2009-10-03 12:27:52 ----RSD---- C:\Windows\assembly
2009-10-01 23:03:57 ----D---- C:\Program Files\Uniblue
2009-10-01 21:34:58 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-09-29 22:19:22 ----D---- C:\Program Files\ATI Technologies
2009-09-29 22:09:21 ----D---- C:\ProgramData\ma-config.com
2009-09-29 22:09:21 ----D---- C:\Program Files\ma-config.com
2009-09-29 19:49:17 ----D---- C:\Windows\system32\fr-FR
2009-09-29 19:40:21 ----D---- C:\Windows\Tasks
2009-09-29 19:40:21 ----D---- C:\Windows\system32\wfp
2009-09-29 19:40:20 ----D---- C:\Windows\system32\CodeIntegrity
2009-09-29 19:40:14 ----D---- C:\Program Files\uTorrent
2009-09-29 19:40:13 ----D---- C:\Program Files\Common Files
2009-09-29 19:40:11 ----D---- C:\Windows\registration
2009-09-27 19:38:26 ----D---- C:\Program Files\Atari
2009-09-27 19:38:25 ----D---- C:\ProgramData\Media Center Programs
2009-09-27 19:29:18 ----A---- C:\Windows\BlendSettings.ini
2009-09-27 01:59:31 ----D---- C:\Windows\ModemLogs
2009-09-23 18:39:10 ----D---- C:\Program Files\Common Files\InstallShield
2009-09-23 14:44:16 ----D---- C:\Users\Donbenitos\AppData\Roaming\Camfrog
2009-09-19 16:29:07 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-19 09:45:15 ----D---- C:\Program Files\Mozilla Firefox
2009-09-14 22:21:52 ----D---- C:\Users\Donbenitos\AppData\Roaming\Microsoft Games
2009-09-14 22:21:52 ----D---- C:\ProgramData\Microsoft Games
2009-09-12 19:56:47 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [2009-04-22 35328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-04-22 387584]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2009-04-22 78336]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-04-22 32768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2009-02-10 82320]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2009-04-22 16896]
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys [2009-04-22 6656]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-04-22 7168]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-04-22 74240]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2008-09-26 129824]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2008-09-26 32048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-04-22 48128]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2009-04-22 63488]
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-04-22 9728]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-08-08 281760]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-04-09 113960]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-04-09 133000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-04-09 38240]
R2 ithsgt;ithsgt; C:\Windows\system32\DRIVERS\ithsgt.sys [2009-08-29 162432]
R2 lilsgt;lilsgt; C:\Windows\system32\DRIVERS\lilsgt.sys [2009-08-29 12032]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-08-08 25888]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2009-04-22 48128]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2009-04-22 86528]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2009-04-22 586752]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2009-04-22 60928]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-04-22 34816]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-04-22 1035776]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2009-08-05 104512]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2009-04-22 69632]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-04-22 14080]
R3 CompositeBus;Pilote de l’énumérateur de bus composite; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-04-22 31232]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2009-04-22 720384]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-04-09 33096]
R3 HDAudBus;Pilote de bus UAA Microsoft pour High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2009-04-22 108544]
R3 HidUsb;Pilote de classe HID Microsoft; C:\Windows\system32\DRIVERS\hidusb.sys [2009-04-22 24064]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-24 2171672]
R3 intelppm;Pilote de processeur Intel; C:\Windows\system32\DRIVERS\intelppm.sys [2009-04-22 53760]
R3 monitor;Service Pilote de fonction de classe Moniteur Microsoft; C:\Windows\system32\DRIVERS\monitor.sys [2009-04-22 23552]
R3 mouhid;Pilote HID de souris; C:\Windows\system32\DRIVERS\mouhid.sys [2009-04-22 26112]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2009-04-22 60416]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2009-04-22 220672]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2009-04-22 94720]
R3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys [2009-04-22 267264]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2009-08-04 616960]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-05-28 47360]
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-04-22 49152]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-04-22 74752]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-04-22 18432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-08-26 150560]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2009-04-22 306176]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2009-04-22 113664]
R3 tunnel;Pilote de carte miniport Microsoft Tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [2009-04-22 108032]
R3 umbus;Pilote d’énumérateur UMBus; C:\Windows\system32\DRIVERS\umbus.sys [2009-05-01 39936]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\Windows\system32\DRIVERS\usbehci.sys [2009-04-22 40960]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\Windows\system32\DRIVERS\usbhub.sys [2009-05-01 258048]
R3 USBSTOR;Pilote de stockage de masse USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-04-22 74240]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\Windows\system32\DRIVERS\usbuhci.sys [2009-04-22 24064]
R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys [2009-04-22 19968]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-06-05 22792]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-04-22 11264]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-06-05 65544]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-04-22 93184]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-04-22 162816]
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-04-22 9728]
S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [2009-04-22 422992]
S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [2009-04-22 297552]
S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [2009-04-22 146512]
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys [2009-04-22 53328]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-04-22 53328]
S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys [2009-04-22 14928]
S3 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\DRIVERS\amdk8.sys [2009-04-22 55296]
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-04-22 52736]
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-04-22 77904]
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-04-22 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-04-22 50176]
S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys [2009-04-22 76368]
S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [2009-04-22 86608]
S3 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440]
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-04-22 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-04-22 229888]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys [2009-04-22 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys [2009-04-22 5248]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys [2009-04-22 272128]
S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys [2009-04-22 62336]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys [2009-04-22 12160]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys [2009-04-22 11904]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-22 34816]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\Windows\system32\DRIVERS\bthmodem.sys [2009-04-22 56320]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2009-04-22 93696]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-22 392704]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-22 58880]
S3 catchme;catchme; \??\C:\Users\DONBEN~1\AppData\Local\Temp\catchme.sys []
S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys [2009-04-22 37888]
S3 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x32.sys [2009-03-27 12672]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-23 14336]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-04-22 3100160]
S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [2009-04-22 453712]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-04-22 7168]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-04-22 141824]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2009-04-22 28160]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-04-22 45648]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys [2009-04-22 57936]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-04-22 26624]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-22 304128]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-04-22 21504]
S3 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\DRIVERS\hidbth.sys [2009-04-22 91136]
S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys [2009-04-22 37888]
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-04-22 67152]
S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [2009-04-22 332368]
S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [2009-04-22 41040]
S3 intelide;intelide; C:\Windows\system32\DRIVERS\intelide.sys [2009-04-22 15440]
S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [2009-04-22 65536]
S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [2009-04-22 46672]
S3 iScsiPrt;iScsiPort Driver; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-04-22 186960]
S3 kbdhid;Pilote HID de clavier; C:\Windows\system32\DRIVERS\kbdhid.sys [2009-04-22 28160]
S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [2009-04-22 95824]
S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [2009-04-22 89168]
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-04-22 54864]
S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [2009-04-22 96848]
S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys [2009-04-22 30800]
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-04-22 236112]
S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys [2009-04-22 130640]
S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [2009-04-22 115792]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-04-22 4096]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-04-22 162896]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2009-04-22 6144]
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-04-22 12288]
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-04-22 27136]
S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [2009-04-22 44624]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys [2009-04-22 105040]
S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [2009-04-22 117328]
S3 nvstor;nvstor; C:\Windows\system32\DRIVERS\nvstor.sys [2009-04-22 142416]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys [2009-04-22 62464]
S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [2009-04-22 1383504]
S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [2009-04-22 105552]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2009-04-22 31744]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-22 129536]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-06-23 62464]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-04-22 5632]
S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [2009-04-22 85584]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-04-22 26624]
S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys [2009-04-22 19968]
S3 sffdisk;SFF Storage Class Driver; C:\Windows\system32\DRIVERS\sffdisk.sys [2009-04-22 11264]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys [2009-04-22 12288]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys [2009-04-22 12800]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-04-22 52304]
S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [2009-04-22 40016]
S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [2009-04-22 77904]
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-04-22 71168]
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-04-22 21072]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-04-22 28240]
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2009-05-13 1267288]
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys [2009-04-22 30208]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys [2009-04-22 55888]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys [2009-04-22 57424]
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-04-22 8192]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\Windows\system32\DRIVERS\usbccgp.sys [2009-04-22 75264]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys [2009-04-22 86016]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\Windows\system32\DRIVERS\usbohci.sys [2009-04-22 20480]
S3 usbprint;Classe d’imprimantes USB Microsoft; C:\Windows\system32\DRIVERS\usbprint.sys [2009-04-22 19968]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-04-22 35840]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2009-04-22 146176]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-03-02 29184]
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2009-04-22 26112]
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-04-22 158288]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-04-22 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-04-22 52736]
S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2009-04-22 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-04-22 17920]
S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [2009-04-22 141904]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-04-22 14336]
S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys [2009-04-22 21632]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\Windows\system32\DRIVERS\wceusbsh.sys [2003-09-01 104064]
S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys [2009-04-22 19024]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-04-22 19024]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-04-22 34944]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-06-05 35208]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-06-05 14984]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-04-22 132224]
S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys [2009-04-22 22096]
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys [2009-04-22 16384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-04-09 731840]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files\System Control Manager\MSIService.exe [2008-08-26 159744]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2009-04-22 1124352]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2009-05-13 429568]
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-04-22 22528]
R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files\Common Files\Acronis\Partition Suite\oss_reinstall_svc.exe []
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-04-22 3179520]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-04-04 67424]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-04-22 22528]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2009-04-22 556544]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-04-22 94720]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-04-09 20680]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-04-22 522752]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-04-04 43888]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-28 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-04-04 879456]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2009-04-22 12800]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-04-22 204800]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2009-04-22 35840]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-04-22 22528]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-04-22 452608]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-22 1203200]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S4 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe []
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-04-04 129896]
S4 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
S4 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService []

-----------------EOF-----------------

répondre

dédétraqué le 11 octobre 2009 à 20h15

Salut donbenitos

Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

Déconnecte-toi et ferme toutes applications en cours [:blue_fire:9]

Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).

Double-clique sur l'icône AD-Remover située sur ton Bureau.

Au menu principal, choisis l'option L.

Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

Aide : http://commentcestfait.forumactif.net/tutos-securite-f31/tutorielad-remover-t(...)

@++

répondre

donbenitos le 11 octobre 2009 à 20h38

voici:

.
======= RAPPORT D'AD-REMOVER 1.1.4.5_Y | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 11.10.2009 à 13:06
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 20:26:10, dim. 11/10/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Seven™ Ultimate Service Pack 3 v6.1.7100
Nom du PC: DONBENITOS-PC | Utilisateur actuel: Donbenitos
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

HKCU\Software\AppDataLow\AskBarDis
HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
HKLM\Software\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\Software\Classes\CLSID\{622fd888-4e91-4d68-84d4-7262fd0811bf}
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
.
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest.dev
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf.bak
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome\ajtoolbar.jar
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.gif
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.src
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat.bak
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\contents.rdf
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\snipit.js
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\manifest.mf
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.rsa
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.sf
C:\Users\DONBEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8clv2rh7.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version [Impossible d'obtenir la version] *
.
Nom du profil: 8clv2rh7.default (Donbenitos)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Gdark");
(Prefs.js) user_pref("browser.search.selectedEngine", "DAEMON Search");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://be.gdark.com/search.php?cx=partner-pub-7902900401080901%3Apzdklxcrglo&cof=FORID%3A10&ie=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://be.gdark.com");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.3");
.
.
* Internet Explorer Version 8.0.7100.0 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: NARY b49155bee6dec901
Start Page Redirect Cache AcceptLangs: fr
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
First Home Page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Advanced Archive Password Recovery Pro v4.50+Patch Francais+Serial.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Alcohol 120% 1.9.8.7117[MULTI][KEYGEN].rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Alcohol 120% v1.9.8.7117 Retail+Serials+Activator [h33t]MasterUploader.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Anti-Trojan Elite v4.4.8.I & Crack.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Anti-Trojan.Elite.v4.4.8.Incl.Crack-CRD [h33t][MAMBO04].torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Batman AA Updated Crack.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Batman Arkham Asylum Patch 1,1.zip.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Bioshock Crack+Serial.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Bioshock Fr+Crack.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Bioshock v1.1 No-CD Crack.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\BioShock.CRACK.WORK.ONLY.PLUS.MINI.IMAGE.PLUS.INFO.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\CloneDVD v2.9.2.2 + KeyGen By ChattChitto.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Crack Windows 7 Finale.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\cracker un jeu sans crack.txt.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Empire Total War Patch Et Crack .rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Eset NOD32 Anti-Virus & Smart Security 3.0.669 Pre-Cracked for 67 years [h33t][deepstatus].torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\F.E.A.R. 2 AutoInstaller Patch v1.0-to-1.03 And Steam by pass App+Support files.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\FarCry + Patch1.4 + Crack.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Fear 2 patch 1.04.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\FIFA 09 Crack.7z.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\FR_2100_2103_Patch.exe.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\GetDataBack v3.66 (FAT-NTFS) + keygen.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Magic dvd ripper and keygen.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Medal Of Honor Airborne + Patch +Crack Et Serial.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\MicroBest Cracklock 3.8.4.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Nero 9.4.13.2 Multilangages + Keygen [Espa¤ol].1.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Nero 9.4.13.2 Multilangages + Keygen [Espa¤ol].torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Nero.9.0.9.4b.Ultra.Edition+Serials.Vista.Xp.FROM (19oLe85).torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\RegDoctor 2.12 [Serial].rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Sony Sound Forge Pro v10 (SoundForge 2009) + Keygen (CLEAN).rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Stalker french + crack.iso.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Steam Crack.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\The Witcher Enhanced Edtion [ESP-ENG-FR-IT-GER] + Crack -.1.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\The Witcher Enhanced Edtion [ESP-ENG-FR-IT-GER] + Crack -.2.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\The Witcher Enhanced Edtion [ESP-ENG-FR-IT-GER] + Crack -.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Theme.Park.World.Crack-NoCD.+ patch.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Transformers - La Revanche + Crack & Cl‚ CD.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Transformers Le Jeu + Crack + bonus.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\UltraISO Premium v9.3.3.2685 [Multilingual] - Mr1000 + Serial.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\UltraISO v9.3.3.2685 Install & Portable + serial [Multilanguage] m99m.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\usenext client crack.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Virtua.Tennis.2009.CRACK.ONLY [www.HispaTorrents.net].torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Virtua.Tennis.2009.Crack.Only-Razor1911.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\Virtua.Tennis.2009.Crack.rar.torrent
C:\Users\Donbenitos\AppData\Roaming\uTorrent\WinRAR.v3.90.Final.(x86.x64).Incl.Keygen.torrent
C:\Users\Donbenitos\Downloads\F.E.A.R. 2 AutoInstaller Patch v1.0-to-1.03 And Steam by pass App+Support files.rar
C:\Users\Donbenitos\Downloads\Sony Sound Forge Pro v10 (SoundForge 2009) + Keygen (CLEAN).rar
C:\Users\Donbenitos\Downloads\Anti-Trojan Elite v4.4.8.I & Crack\Anti trojan Elite 4.4.8 setup.exe
C:\Users\Donbenitos\Downloads\Anti-Trojan Elite v4.4.8.I & Crack\Crack.rar
C:\Users\Donbenitos\Downloads\Anti-Trojan.Elite.v4.4.8.Incl.Crack-CRD [h33t][MAMBO04]\Crack.rar
C:\Users\Donbenitos\Downloads\Anti-Trojan.Elite.v4.4.8.Incl.Crack-CRD [h33t][MAMBO04]\rtesetup.exe
C:\Users\Donbenitos\Downloads\FarCry + Patch1.4 + Crack\CRACK\FarCry.exe
C:\Users\Donbenitos\Downloads\FarCry + Patch1.4 + Crack\Patch\far_cry_patch_1_4_full.exe
C:\Users\Donbenitos\Downloads\Fifa 2010\patch fr fifa 10 (Commentaires).rar
C:\Users\Donbenitos\Downloads\Fifa 2010\patch fr fifa 10 (MENU).rar
C:\Users\Donbenitos\Downloads\Risen\Patch fr Risen .rar
C:\Users\Donbenitos\Downloads\The Witcher Enhanced Edtion [ESP-ENG-FR-IT-GER] + Crack -\vcredist_x86.exe
C:\Users\Donbenitos\Downloads\The Witcher Enhanced Edtion [ESP-ENG-FR-IT-GER] + Crack -\CRACK\LISEZ MOI by big..nfo
C:\Users\Donbenitos\Downloads\The Witcher Enhanced Edtion [ESP-ENG-FR-IT-GER] + Crack -\CRACK\witcher.exe
C:\Users\Donbenitos\Downloads\The Witcher Enhanced Edtion [ESP-ENG-FR-IT-GER] + Crack -\directx\DXSETUP.exe
C:\Users\Donbenitos\Downloads\The Witcher Enhanced Edtion [ESP-ENG-FR-IT-GER] + Crack -\System\djinni!.exe
C:\Users\Donbenitos\Downloads\The Witcher Enhanced Edtion [ESP-ENG-FR-IT-GER] + Crack -\System\witcher.exe
.
===================================
.
11750 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
10 Fichier(s) - C:\Users\DONBEN~1\AppData\Local\Temp
0 Fichier(s) - C:\Windows\Temp
.
18 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
8 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 20:37:13 | dim. 11/10/2009 - CLEAN[1]
.
============== E.O.F ==============
.
Merciiii :):)

répondre

dédétraqué le 11 octobre 2009 à 20h55

Salut donbenitos

Télécharge Toolbar-S&D (de la Team IDN) sur ton Bureau.

http://eric.71.mespages.googlepages.com/ToolBarSD.exe

- Double clique l’icône ToolBar S&D sur le bureau
- Choisi F pour français et valide
- Au menu principal de ToolBar S&D choisi l’option 1 (Recherche)
- Le menu Démarrer et les icônes vont disparaîtrent, c'est normal
- La recherche s'effectue, cela peut prendre plusieurs minutes, ne touche à rien.
- Une fois l'analyse terminée, le rapport de recherche s'ouvre dans le Bloc-Note. (Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\TB.txt)

Copier/coller le rapport dans ton prochain poste

@++

répondre

donbenitos le 11 octobre 2009 à 20h59

bonsoir Dédétraqué

En fait cette outil que j'ai dejà essayé ne fonctionne pas sous win7 malheureusement d'autre personne on le même problème que moi avec cet outil!!! Aurais tu autres chose pour m'aider!!

Merci à toi

-->Message édité par donbenitos le 11/10/2009 21:01:46<--

répondre

dédétraqué le 11 octobre 2009 à 21h05

Salut donbenitos

On va faire manuellement alors, supprime ce dossier C:\rsit

Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit

@++

répondre

donbenitos le 11 octobre 2009 à 21h19

Voici le rapport RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Donbenitos at 2009-10-11 21:16:49
Microsoft Windows 7 Édition Intégrale Service Pack 3
System drive C: has 123 GB (40%) free of 305 GB
Total RAM: 2047 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:16:53, on 11/10/2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Donbenitos\Desktop\Soft désinfection\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Donbenitos\Desktop\Donbenitos.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/webhp?sourceid=navclient&hl=fr&ie=UTF-8
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_C5284CC30AB3000E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_803138DCE93649E4.dll/cmsidewiki.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_3_5_3_0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_C5284CC30AB3000E.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Partition Suite\oss_reinstall_svc.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Micro Star SCM - Unknown owner - C:\Program Files\System Control Manager\MSIService.exe

--
End of file - 6721 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-10 258160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-14 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_C5284CC30AB3000E.dll [2009-10-10 462832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-10 258160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-04-09 2029640]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2008-09-24 6335008]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-10-10 122880]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [2009-08-08 2980800]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-22 1174016]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-09-29 289072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON BX300F Series]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE [2008-01-22 188928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-10-10 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Donbenitos\AppData\Local\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MGSysCtrl]
C:\Program Files\System Control Manager\MGSysCtrl.exe [2008-09-22 708608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-06-11 96264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\svchost64.exe]
c:\windows\system32\svchost64.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-28 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Donbenitos^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Registration Ghost Recon Advanced Warfighter.LNK]
[]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"UacDisableNotify"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=255
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-10-11 21:12:59 ----D---- C:\rsit
2009-10-11 20:23:12 ----D---- C:\Program Files\Ad-Remover
2009-10-11 19:31:28 ----D---- C:\Windows\BDOSCAN8
2009-10-11 18:56:58 ----RASHD---- C:\autorun.inf
2009-10-11 18:50:16 ----D---- C:\UsbFix
2009-10-11 18:46:04 ----D---- C:\_OTM
2009-10-11 18:04:09 ----D---- C:\ST_Fix
2009-10-11 16:11:34 ----A---- C:\Windows\WORDPAD.INI
2009-10-11 14:55:06 ----D---- C:\VundoFix Backups
2009-10-11 13:53:39 ----D---- C:\ToolBar SD
2009-10-11 03:02:48 ----A---- C:\Windows\system32\tempBatFile.bat
2009-10-11 02:52:04 ----D---- C:\Windows\Temp
2009-10-11 01:11:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-11 00:38:47 ----D---- C:\Program Files\Trend Micro
2009-10-11 00:11:42 ----A---- C:\Windows\_MSRSTRT.EXE
2009-10-10 23:39:26 ----D---- C:\Program Files\a-squared Anti-Malware
2009-10-10 22:22:52 ----D---- C:\Program Files\Power IE
2009-10-10 21:53:38 ----A---- C:\Users\Donbenitos\AppData\Roaming\SetValue.bat
2009-10-10 21:53:38 ----A---- C:\Users\Donbenitos\AppData\Roaming\GetValue.vbs
2009-10-10 17:16:28 ----D---- C:\Users\Donbenitos\AppData\Roaming\Malwarebytes
2009-10-10 17:16:23 ----D---- C:\ProgramData\Malwarebytes
2009-10-10 00:24:55 ----A---- C:\Windows\system32\cmd.execf
2009-10-09 22:58:09 ----D---- C:\Program Files\Anti Trojan Elite
2009-10-09 22:16:57 ----D---- C:\ProgramData\Simply Super Software
2009-10-09 22:16:57 ----D---- C:\Program Files\Trojan Remover
2009-10-09 17:13:52 ----A---- C:\Windows\system32\fservice.exe.bat
2009-10-09 16:45:38 ----D---- C:\Windows\system32\language
2009-10-09 16:45:38 ----D---- C:\Windows\system32\Images
2009-10-09 16:45:38 ----D---- C:\Windows\system32\Download
2009-10-09 16:00:44 ----D---- C:\ProgramData\F-Secure
2009-10-09 14:17:24 ----D---- C:\Windows\system32\RTCOM
2009-10-09 14:16:30 ----A---- C:\Windows\DIFxAPI.dll
2009-10-09 14:16:26 ----A---- C:\Windows\system32\RtkHDMI.dll
2009-10-09 14:16:26 ----A---- C:\Windows\RtkUpd.exe
2009-10-09 14:16:25 ----A---- C:\Windows\system32\RHDMIExt.dll
2009-10-09 14:16:25 ----A---- C:\Windows\system32\RHCoInst.dll
2009-10-09 14:16:21 ----A---- C:\Windows\system32\WavesLib.dll
2009-10-09 14:16:21 ----A---- C:\Windows\system32\ppChain.dll
2009-10-09 14:16:21 ----A---- C:\Windows\system32\ctppld.dll
2009-10-09 14:16:19 ----A---- C:\Windows\system32\SRSWOW.dll
2009-10-09 14:16:19 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-10-09 14:16:19 ----A---- C:\Windows\system32\SRSTSHD.dll
2009-10-09 14:16:19 ----A---- C:\Windows\system32\SRSHP360.dll
2009-10-09 14:16:18 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-10-09 14:16:18 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-10-09 14:16:17 ----A---- C:\Windows\system32\RtkApoApi.dll
2009-10-09 14:16:17 ----A---- C:\Windows\system32\RtkAPO.dll
2009-10-09 14:16:11 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2009-10-09 14:16:11 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2009-10-09 14:16:11 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2009-10-09 14:16:10 ----A---- C:\Windows\system32\FMAPO.dll
2009-10-09 14:16:09 ----A---- C:\Windows\system32\DaisyWrp.dll
2009-10-09 14:16:09 ----A---- C:\Windows\system32\CTAPO32.dll
2009-10-09 14:16:09 ----A---- C:\Windows\system32\AERTARen.dll
2009-10-09 14:16:09 ----A---- C:\Windows\system32\AERTACap.dll
2009-10-09 14:16:05 ----HD---- C:\Program Files\Temp
2009-10-09 14:16:04 ----R---- C:\Windows\RtlExUpd.dll
2009-10-07 23:58:33 ----D---- C:\ProgramData\ashampoo
2009-10-07 23:54:26 ----D---- C:\Users\Donbenitos\AppData\Roaming\Ashampoo
2009-10-07 23:53:19 ----D---- C:\Program Files\Ashampoo
2009-10-06 23:55:50 ----D---- C:\Program Files\SuperScan
2009-10-04 18:45:04 ----D---- C:\Program Files\KONAMI
2009-10-03 13:04:10 ----A---- C:\Windows\Start.INI
2009-10-03 12:27:49 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-10-03 12:26:22 ----D---- C:\Program Files\Microsoft
2009-10-02 22:21:51 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-02 00:45:55 ----D---- C:\Program Files\Street Fighter IV
2009-10-01 23:03:44 ----HDC---- C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2009-09-29 22:19:48 ----D---- C:\ProgramData\ATI
2009-09-28 18:52:19 ----D---- C:\Program Files\Acronis
2009-09-28 18:52:18 ----D---- C:\Program Files\Common Files\Acronis
2009-09-27 21:09:10 ----D---- C:\Program Files\Lionhead Studios
2009-09-23 23:54:36 ----A---- C:\Windows\PROTOCOL.INI
2009-09-23 23:53:49 ----A---- C:\Windows\uninst.exe
2009-09-23 23:48:11 ----D---- C:\Program Files\Black Isle
2009-09-19 22:44:39 ----D---- C:\Users\Donbenitos\AppData\Roaming\Leadertech
2009-09-19 16:49:01 ----D---- C:\Program Files\Bohemia Interactive
2009-09-19 16:29:05 ----D---- C:\Program Files\OpenAL
2009-09-19 16:29:05 ----A---- C:\Windows\system32\wrap_oal.dll
2009-09-19 16:29:05 ----A---- C:\Windows\system32\OpenAL32.dll
2009-09-14 22:54:17 ----A---- C:\BmStartApp.exe
2009-09-14 22:35:18 ----D---- C:\Program Files\Eidos
2009-09-14 22:27:41 ----D---- C:\CloneDVDTemp
2009-09-14 22:18:10 ----D---- C:\Program Files\Elaborate Bytes
2009-09-14 22:02:03 ----D---- C:\ProgramData\SlySoft
2009-09-14 21:54:27 ----D---- C:\Program Files\SlySoft
2009-09-12 19:56:35 ----D---- C:\Program Files\Larousse
2009-09-12 19:56:34 ----D---- C:\Program Files\directx
2009-09-12 18:33:32 ----D---- C:\ProgramData\RTMI2_DemoFull
2009-09-12 18:27:14 ----D---- C:\ProgramData\Tages
2009-09-12 18:23:25 ----D---- C:\ProgramData\Kheops Studio
2009-09-12 17:41:22 ----D---- C:\Program Files\SEGA

======List of files/folders modified in the last 1 months======

2009-10-11 21:16:39 ----D---- C:\Windows\Prefetch
2009-10-11 21:15:58 ----D---- C:\Windows\system32\config
2009-10-11 21:14:17 ----D---- C:\Users\Donbenitos\AppData\Roaming\uTorrent
2009-10-11 21:12:34 ----AD---- C:\Windows
2009-10-11 21:10:37 ----AD---- C:\Windows\System32
2009-10-11 20:26:29 ----SHD---- C:\System Volume Information
2009-10-11 20:23:12 ----D---- C:\Program Files
2009-10-11 19:31:30 ----D---- C:\Windows\Downloaded Program Files
2009-10-11 18:54:54 ----SHD---- C:\$Recycle.Bin
2009-10-11 03:04:30 ----D---- C:\Program Files\Internet Explorer
2009-10-11 02:41:12 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-10-11 01:28:19 ----SHD---- C:\Windows\Installer
2009-10-11 01:27:42 ----D---- C:\Program Files\Windows Live
2009-10-11 01:11:12 ----D---- C:\Windows\system32\drivers
2009-10-11 00:05:01 ----HD---- C:\ProgramData
2009-10-11 00:03:30 ----D---- C:\Program Files\ElcomSoft
2009-10-10 22:23:48 ----D---- C:\Windows\Web
2009-10-10 20:19:00 ----D---- C:\Windows\system32\catroot2
2009-10-10 20:02:11 ----D---- C:\Windows\system32\Tasks
2009-10-10 18:25:13 ----D---- C:\Program Files\Ubisoft
2009-10-10 17:05:00 ----D---- C:\Windows\Minidump
2009-10-09 22:19:17 ----AD---- C:\ProgramData\TEMP
2009-10-09 17:21:59 ----D---- C:\Windows\system
2009-10-09 16:37:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-09 16:37:32 ----D---- C:\Windows\inf
2009-10-09 14:19:00 ----D---- C:\Windows\system32\catroot
2009-10-09 14:18:59 ----D---- C:\Windows\system32\DriverStore
2009-10-09 14:16:09 ----D---- C:\Program Files\Realtek
2009-10-09 14:16:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-07 22:32:11 ----SD---- C:\Users\Donbenitos\AppData\Roaming\Microsoft
2009-10-07 01:48:28 ----D---- C:\Windows\system32\NDF
2009-10-03 12:27:52 ----RSD---- C:\Windows\assembly
2009-10-01 23:03:57 ----D---- C:\Program Files\Uniblue
2009-10-01 21:34:58 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-09-29 22:19:22 ----D---- C:\Program Files\ATI Technologies
2009-09-29 22:09:21 ----D---- C:\ProgramData\ma-config.com
2009-09-29 22:09:21 ----D---- C:\Program Files\ma-config.com
2009-09-29 19:49:17 ----D---- C:\Windows\system32\fr-FR
2009-09-29 19:40:21 ----D---- C:\Windows\Tasks
2009-09-29 19:40:21 ----D---- C:\Windows\system32\wfp
2009-09-29 19:40:20 ----D---- C:\Windows\system32\CodeIntegrity
2009-09-29 19:40:14 ----D---- C:\Program Files\uTorrent
2009-09-29 19:40:13 ----D---- C:\Program Files\Common Files
2009-09-29 19:40:11 ----D---- C:\Windows\registration
2009-09-27 19:38:26 ----D---- C:\Program Files\Atari
2009-09-27 19:38:25 ----D---- C:\ProgramData\Media Center Programs
2009-09-27 19:29:18 ----A---- C:\Windows\BlendSettings.ini
2009-09-27 01:59:31 ----D---- C:\Windows\ModemLogs
2009-09-23 18:39:10 ----D---- C:\Program Files\Common Files\InstallShield
2009-09-23 14:44:16 ----D---- C:\Users\Donbenitos\AppData\Roaming\Camfrog
2009-09-19 16:29:07 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-19 09:45:15 ----D---- C:\Program Files\Mozilla Firefox
2009-09-14 22:21:52 ----D---- C:\Users\Donbenitos\AppData\Roaming\Microsoft Games
2009-09-14 22:21:52 ----D---- C:\ProgramData\Microsoft Games
2009-09-12 19:56:47 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [2009-04-22 35328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-04-22 387584]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2009-04-22 78336]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-04-22 32768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2009-02-10 82320]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2009-04-22 16896]
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys [2009-04-22 6656]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-04-22 7168]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-04-22 74240]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2008-09-26 129824]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2008-09-26 32048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-04-22 48128]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2009-04-22 63488]
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-04-22 9728]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-08-08 281760]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-04-09 113960]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-04-09 133000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-04-09 38240]
R2 ithsgt;ithsgt; C:\Windows\system32\DRIVERS\ithsgt.sys [2009-08-29 162432]
R2 lilsgt;lilsgt; C:\Windows\system32\DRIVERS\lilsgt.sys [2009-08-29 12032]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-08-08 25888]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2009-04-22 48128]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2009-04-22 86528]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2009-04-22 586752]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2009-04-22 60928]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-04-22 34816]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-04-22 1035776]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2009-08-05 104512]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2009-04-22 69632]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-04-22 14080]
R3 CompositeBus;Pilote de l’énumérateur de bus composite; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-04-22 31232]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2009-04-22 720384]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-04-09 33096]
R3 HDAudBus;Pilote de bus UAA Microsoft pour High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2009-04-22 108544]
R3 HidUsb;Pilote de classe HID Microsoft; C:\Windows\system32\DRIVERS\hidusb.sys [2009-04-22 24064]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-24 2171672]
R3 intelppm;Pilote de processeur Intel; C:\Windows\system32\DRIVERS\intelppm.sys [2009-04-22 53760]
R3 monitor;Service Pilote de fonction de classe Moniteur Microsoft; C:\Windows\system32\DRIVERS\monitor.sys [2009-04-22 23552]
R3 mouhid;Pilote HID de souris; C:\Windows\system32\DRIVERS\mouhid.sys [2009-04-22 26112]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2009-04-22 60416]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2009-04-22 220672]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2009-04-22 94720]
R3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys [2009-04-22 267264]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2009-08-04 616960]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-05-28 47360]
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-04-22 49152]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-04-22 74752]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-04-22 18432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-08-26 150560]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2009-04-22 306176]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2009-04-22 113664]
R3 tunnel;Pilote de carte miniport Microsoft Tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [2009-04-22 108032]
R3 umbus;Pilote d’énumérateur UMBus; C:\Windows\system32\DRIVERS\umbus.sys [2009-05-01 39936]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\Windows\system32\DRIVERS\usbehci.sys [2009-04-22 40960]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\Windows\system32\DRIVERS\usbhub.sys [2009-05-01 258048]
R3 USBSTOR;Pilote de stockage de masse USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-04-22 74240]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\Windows\system32\DRIVERS\usbuhci.sys [2009-04-22 24064]
R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys [2009-04-22 19968]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-06-05 22792]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-04-22 11264]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-06-05 65544]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-04-22 93184]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-04-22 162816]
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-04-22 9728]
S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [2009-04-22 422992]
S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [2009-04-22 297552]
S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [2009-04-22 146512]
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys [2009-04-22 53328]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-04-22 53328]
S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys [2009-04-22 14928]
S3 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\DRIVERS\amdk8.sys [2009-04-22 55296]
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-04-22 52736]
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-04-22 77904]
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-04-22 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-04-22 50176]
S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys [2009-04-22 76368]
S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [2009-04-22 86608]
S3 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440]
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-04-22 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-04-22 229888]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys [2009-04-22 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys [2009-04-22 5248]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys [2009-04-22 272128]
S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys [2009-04-22 62336]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys [2009-04-22 12160]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys [2009-04-22 11904]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-22 34816]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\Windows\system32\DRIVERS\bthmodem.sys [2009-04-22 56320]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2009-04-22 93696]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-22 392704]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-22 58880]
S3 catchme;catchme; \??\C:\Users\DONBEN~1\AppData\Local\Temp\catchme.sys []
S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys [2009-04-22 37888]
S3 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x32.sys [2009-03-27 12672]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-23 14336]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-04-22 3100160]
S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [2009-04-22 453712]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-04-22 7168]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-04-22 141824]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2009-04-22 28160]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-04-22 45648]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys [2009-04-22 57936]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-04-22 26624]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-22 304128]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-04-22 21504]
S3 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\DRIVERS\hidbth.sys [2009-04-22 91136]
S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys [2009-04-22 37888]
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-04-22 67152]
S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [2009-04-22 332368]
S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [2009-04-22 41040]
S3 intelide;intelide; C:\Windows\system32\DRIVERS\intelide.sys [2009-04-22 15440]
S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [2009-04-22 65536]
S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [2009-04-22 46672]
S3 iScsiPrt;iScsiPort Driver; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-04-22 186960]
S3 kbdhid;Pilote HID de clavier; C:\Windows\system32\DRIVERS\kbdhid.sys [2009-04-22 28160]
S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [2009-04-22 95824]
S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [2009-04-22 89168]
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-04-22 54864]
S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [2009-04-22 96848]
S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys [2009-04-22 30800]
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-04-22 236112]
S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys [2009-04-22 130640]
S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [2009-04-22 115792]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-04-22 4096]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-04-22 162896]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2009-04-22 6144]
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-04-22 12288]
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-04-22 27136]
S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [2009-04-22 44624]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys [2009-04-22 105040]
S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [2009-04-22 117328]
S3 nvstor;nvstor; C:\Windows\system32\DRIVERS\nvstor.sys [2009-04-22 142416]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys [2009-04-22 62464]
S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [2009-04-22 1383504]
S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [2009-04-22 105552]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2009-04-22 31744]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-22 129536]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-06-23 62464]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-04-22 5632]
S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [2009-04-22 85584]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-04-22 26624]
S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys [2009-04-22 19968]
S3 sffdisk;SFF Storage Class Driver; C:\Windows\system32\DRIVERS\sffdisk.sys [2009-04-22 11264]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys [2009-04-22 12288]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys [2009-04-22 12800]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-04-22 52304]
S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [2009-04-22 40016]
S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [2009-04-22 77904]
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-04-22 71168]
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-04-22 21072]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-04-22 28240]
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2009-05-13 1267288]
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys [2009-04-22 30208]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys [2009-04-22 55888]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys [2009-04-22 57424]
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-04-22 8192]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\Windows\system32\DRIVERS\usbccgp.sys [2009-04-22 75264]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys [2009-04-22 86016]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\Windows\system32\DRIVERS\usbohci.sys [2009-04-22 20480]
S3 usbprint;Classe d’imprimantes USB Microsoft; C:\Windows\system32\DRIVERS\usbprint.sys [2009-04-22 19968]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-04-22 35840]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2009-04-22 146176]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-03-02 29184]
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2009-04-22 26112]
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-04-22 158288]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-04-22 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-04-22 52736]
S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2009-04-22 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-04-22 17920]
S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [2009-04-22 141904]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-04-22 14336]
S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys [2009-04-22 21632]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\Windows\system32\DRIVERS\wceusbsh.sys [2003-09-01 104064]
S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys [2009-04-22 19024]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-04-22 19024]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-04-22 34944]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-06-05 35208]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-06-05 14984]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-04-22 132224]
S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys [2009-04-22 22096]
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys [2009-04-22 16384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-04-09 731840]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files\System Control Manager\MSIService.exe [2008-08-26 159744]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-04-22 3179520]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2009-04-22 1124352]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2009-05-13 429568]
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-04-22 22528]
R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-04-22 20992]
R3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-04-22 204800]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files\Common Files\Acronis\Partition Suite\oss_reinstall_svc.exe []
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-04-04 67424]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-04-22 22528]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2009-04-22 556544]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-04-22 94720]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-04-09 20680]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-04-22 522752]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-04-04 43888]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-28 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-04-04 879456]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2009-04-22 12800]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2009-04-22 35840]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-04-22 22528]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-04-22 452608]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-22 1203200]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S4 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe []
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-04-04 129896]
S4 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
S4 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService []

-----------------EOF-----------------

-----------

info.txt logfile of random's system information tool 1.06 2009-10-11 21:13:17

======Uninstall list======

-->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043}
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Ad-Remover By C_XX-->"C:\Program Files\Ad-Remover\Uninstall ADR.exe"
ANNO 1404-->"C:\Program Files\InstallShield Installation Information\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}\setup.exe" -runfromtemp -l0x040c -removeonly
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ashampoo Burning Studio 9.12-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 9\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI MCE Encoder-->MsiExec.exe /X{3EC4E3B7-0555-7FF7-FDA9-1FFAE3E81F49}
ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
Batman: Arkham Asylum-->"C:\Program Files\InstallShield Installation Information\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}\setup.exe" -runfromtemp -l0x040c -removeonly
Black & White® 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}\setup.exe" -l0x40c -removeonly
Camfrog Video Chat 5.3-->"C:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{CF929EEB-CE39-4F06-B1BF-F51FC617A2B2}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
ConvertXtoDVD 3.7.3.190b-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
CPUID HWMonitor 1.14-->"C:\Program Files\CPUID\HWMonitor\unins000.exe"
Désinstaller l'imprimante EPSON BX300F Series-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSEJE.EXE /R /APD /P:"EPSON BX300F Series"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_B8026B92987A22B1.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Hercules QuickAccess-->C:\Program Files\InstallShield Installation Information\{423B756C-AD60-4A42-A5A3-D3B1A2473540}\setup.exe -runfromtemp -l0x040c -removeonly
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Control Center-->C:\Program Files\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Logitech Gaming Software 5.06-->MsiExec.exe /X{032D6557-A996-4BD2-BB70-A524D2B7FFEC}
Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F112F66E-25CA-42DD-983C-6118EB38F606}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package

-->Message édité par donbenitos le 11/10/2009 21:56:04<--

répondre

donbenitos le 11 octobre 2009 à 22h07

Suis je infecté?????

répondre

dédétraqué le 11 octobre 2009 à 22h28

Salut donbenitos

Télécharge combofix.exe (de sUBs) sur le bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm

==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\ Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

@++

répondre

donbenitos le 11 octobre 2009 à 22h42

Voila je lance combofix il se charge jusqu à la fin de la barre verte ensuite erreur "Windows ne trouve pas 'Nircmdb.exe'.Vérifiez que vous avez entré le nom correct, puis réessayez.

:super:

répondre

dédétraqué le 11 octobre 2009 à 23h49

Salut donbenitos

Télécharge Gmer et enregistre-le sur ton bureau.

Note : l'application portera un nom aléatoire. Indique-le moi dans ton prochain message.

- Déconnecte toi d'internet si possible et ferme tous les programmes, puis lance l'outil.
- Clique sur le bouton "Scan" sur la droite.

- Lorsque le scan est terminé, clic sur "Copy".
- Ouvre le bloc-note et clic sur le Menu Edition / Coller
- Le rapport doit alors apparaître.

- Enregistre le fichier sur ton bureau et copie/colle le contenu ici.

@++

répondre

donbenitos le 12 octobre 2009 à 00h15

Voici le rapport Gmer demandé.

GMER 1.0.15.15125 - http://www.gmer.net
Rootkit scan 2009-10-12 00:13:50
Windows 6.1.7100
Running: i7ceont0.exe; Driver: C:\Users\DONBEN~1\AppData\Local\Temp\kxdorfog.sys

---- System - GMER 1.0.15 ----

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A21AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A21104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A213F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A0A2D8
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A09898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A211DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A21958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A216F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A21F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A221A8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13B1 83A76549 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 83A966B2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? System32\Drivers\spjy.sys Le chemin d’accès spécifié est introuvable. !
.text USBPORT.SYS!DllUnload 8EF4FC85 5 Bytes JMP 876AE1D8
.text aq0glqk4.SYS 9051F000 12 Bytes [44, C8, A0, 83, EE, C6, A0, ...]
.text aq0glqk4.SYS 9051F00D 9 Bytes [A7, A0, 83, 48, CB, A0, 83, ...] {CMPSD ; MOV AL, [0xa0cb4883]; ADD DWORD [EAX], 0x0}
.text aq0glqk4.SYS 9051F017 157 Bytes [00, DE, 57, 9A, 89, E6, 55, ...]
.text aq0glqk4.SYS 9051F0B5 12 Bytes [A8, A9, 83, D0, 14, A7, 83, ...]
.text aq0glqk4.SYS 9051F0C3 8 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text ...
.text peauth.sys 99225C9E 27 Bytes [AB, 77, F0, A0, 55, 44, A2, ...]
.text peauth.sys 99225CC2 27 Bytes [AB, 77, F0, A0, 55, 44, A2, ...]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[1704] kernel32.dll!SetUnhandledExceptionFilter 776830AA 4 Bytes [C2, 04, 00, 00]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8989B042] \SystemRoot\System32\Drivers\spjy.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8989B6D6] \SystemRoot\System32\Drivers\spjy.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8989B800] \SystemRoot\System32\Drivers\spjy.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8989B13E] \SystemRoot\System32\Drivers\spjy.sys
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortNotification] 00147880
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortQuerySystemTime] 78800C75
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortReadPortUchar] 06750015
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortStallExecution] C25DC033
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortWritePortUchar] 458B0008
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortWritePortUlong] 6A006A08
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 50056A24
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 005AB7E8
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortGetScatterGatherList] 0001B800
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortGetParentBusType] C25D0000
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortRequestCallback] CCCC0008
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortWritePortBufferUshort] CCCCCCCC
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortGetUnCachedExtension] CCCCCCCC
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortCompleteRequest] CCCCCCCC
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortCopyMemory] 53EC8B55
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortEtwTraceLog] 800C5D8B
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 7500117B
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 127B806A
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 80647500
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 7500137B
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortInitialize] 157B805E
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortGetDeviceBase] 56587500
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortDeviceStateChange] 8008758B

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\system32\msiexec.exe[2176] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75A04A2D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[2176] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75A04A2D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[2176] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75A04A2D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[2176] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75A04A2D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[2176] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75A04A2D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 85A7B1F8

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)

Device \Driver\volmgr \Device\VolMgrControl 85A751F8
Device \Driver\usbuhci \Device\USBPDO-0 876B41F8
Device \Driver\usbuhci \Device\USBPDO-1 876B41F8
Device \Driver\usbuhci \Device\USBPDO-2 876B41F8
Device \Driver\usbehci \Device\USBPDO-3 8769C500
Device \Driver\ACPI_HAL \Device\00000060 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-4 876B41F8
Device \Driver\usbuhci \Device\USBPDO-5 876B41F8
Device \Driver\usbuhci \Device\USBPDO-6 876B41F8
Device \Driver\volmgr \Device\HarddiskVolume1 85A751F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\usbehci \Device\USBPDO-7 8769C500
Device \Driver\volmgr \Device\HarddiskVolume2 85A751F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\cdrom \Device\CdRom0 874FE388
Device \Driver\volmgr \Device\HarddiskVolume3 85A751F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\NetBT \Device\NetBT_Tcpip_{C75C92BA-84B3-46C1-B7A0-AD767621E47F} 875B91F8
Device \Driver\iaStor \Device\Ide\iaStor0 [89AC5360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section]
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [89AC5360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section]
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-1 [89AC5360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section]
Device \Driver\cdrom \Device\CdRom1 874FE388
Device \Driver\cdrom \Device\CdRom2 874FE388
Device \Driver\PCI_PNP8428 \Device\00000069 spjy.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export 875B91F8
Device \Driver\USBSTOR \Device\00000091 881431F8
Device \Driver\USBSTOR \Device\00000092 881431F8
Device \Driver\USBSTOR \Device\00000094 881431F8
Device \Driver\USBSTOR \Device\00000095 881431F8
Device \Driver\sptd \Device\156902429 spjy.sys
Device \Driver\usbuhci \Device\USBFDO-0 876B41F8
Device \Driver\usbuhci \Device\USBFDO-1 876B41F8
Device \Driver\usbuhci \Device\USBFDO-2 876B41F8
Device \Driver\usbehci \Device\USBFDO-3 8769C500
Device \Driver\usbuhci \Device\USBFDO-4 876B41F8
Device \Driver\usbuhci \Device\USBFDO-5 876B41F8
Device \Driver\usbuhci \Device\USBFDO-6 876B41F8
Device \Driver\usbehci \Device\USBFDO-7 8769C500
Device \Driver\aq0glqk4 \Device\Scsi\aq0glqk41Port1Path0Target0Lun0 87741500
Device \Driver\aq0glqk4 \Device\Scsi\aq0glqk41 87741500

---- Threads - GMER 1.0.15 ----

Thread System [4:264] 875D2930

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\0021857ce24f (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\0021857ce24f@001ee152f25e 0xBD 0x50 0xF6 0x43 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xA5 0x49 0x05 0xE7 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x44 0x63 0xB3 0x02 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x15 0x4A 0x18 0x34 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xE9 0x89 0xD5 0xE1 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0021857ce24f
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0021857ce24f@001ee152f25e 0xBD 0x50 0xF6 0x43 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xA5 0x49 0x05 0xE7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x43 0x93 0xB3 0x39 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x15 0x4A 0x18 0x34 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x50 0xE9 0x4A 0x62 ...
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\0021857ce24f (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\0021857ce24f@001ee152f25e 0xBD 0x50 0xF6 0x43 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xA5 0x49 0x05 0xE7 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x43 0x93 0xB3 0x39 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x15 0x4A 0x18 0x34 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x50 0xE9 0x4A 0x62 ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Donbenitos\Downloads\CloneDVD\x2122 2\SetupCloneDVD2922Slysoft.exe 1

---- EOF - GMER 1.0.15 ----

cool!! :jap:

répondre

donbenitos le 12 octobre 2009 à 00h15

Voici le rapport Gmer demandé. (fichié: i7ceont0.exe)

GMER 1.0.15.15125 - http://www.gmer.net
Rootkit scan 2009-10-12 00:13:50
Windows 6.1.7100
Running: i7ceont0.exe; Driver: C:\Users\DONBEN~1\AppData\Local\Temp\kxdorfog.sys

---- System - GMER 1.0.15 ----

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A21AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A21104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A213F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A0A2D8
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A09898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A211DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A21958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A216F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A21F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83A221A8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13B1 83A76549 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 83A966B2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? System32\Drivers\spjy.sys Le chemin d’accès spécifié est introuvable. !
.text USBPORT.SYS!DllUnload 8EF4FC85 5 Bytes JMP 876AE1D8
.text aq0glqk4.SYS 9051F000 12 Bytes [44, C8, A0, 83, EE, C6, A0, ...]
.text aq0glqk4.SYS 9051F00D 9 Bytes [A7, A0, 83, 48, CB, A0, 83, ...] {CMPSD ; MOV AL, [0xa0cb4883]; ADD DWORD [EAX], 0x0}
.text aq0glqk4.SYS 9051F017 157 Bytes [00, DE, 57, 9A, 89, E6, 55, ...]
.text aq0glqk4.SYS 9051F0B5 12 Bytes [A8, A9, 83, D0, 14, A7, 83, ...]
.text aq0glqk4.SYS 9051F0C3 8 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text ...
.text peauth.sys 99225C9E 27 Bytes [AB, 77, F0, A0, 55, 44, A2, ...]
.text peauth.sys 99225CC2 27 Bytes [AB, 77, F0, A0, 55, 44, A2, ...]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[1704] kernel32.dll!SetUnhandledExceptionFilter 776830AA 4 Bytes [C2, 04, 00, 00]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8989B042] \SystemRoot\System32\Drivers\spjy.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8989B6D6] \SystemRoot\System32\Drivers\spjy.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8989B800] \SystemRoot\System32\Drivers\spjy.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8989B13E] \SystemRoot\System32\Drivers\spjy.sys
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortNotification] 00147880
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortQuerySystemTime] 78800C75
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortReadPortUchar] 06750015
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortStallExecution] C25DC033
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortWritePortUchar] 458B0008
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortWritePortUlong] 6A006A08
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 50056A24
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 005AB7E8
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortGetScatterGatherList] 0001B800
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortGetParentBusType] C25D0000
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortRequestCallback] CCCC0008
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortWritePortBufferUshort] CCCCCCCC
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortGetUnCachedExtension] CCCCCCCC
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortCompleteRequest] CCCCCCCC
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortCopyMemory] 53EC8B55
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortEtwTraceLog] 800C5D8B
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 7500117B
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 127B806A
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 80647500
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 7500137B
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortInitialize] 157B805E
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortGetDeviceBase] 56587500
IAT \SystemRoot\System32\Drivers\aq0glqk4.SYS[ataport.SYS!AtaPortDeviceStateChange] 8008758B

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\system32\msiexec.exe[2176] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75A04A2D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[2176] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75A04A2D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[2176] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75A04A2D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[2176] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75A04A2D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[2176] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75A04A2D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 85A7B1F8

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)

Device \Driver\volmgr \Device\VolMgrControl 85A751F8
Device \Driver\usbuhci \Device\USBPDO-0 876B41F8
Device \Driver\usbuhci \Device\USBPDO-1 876B41F8
Device \Driver\usbuhci \Device\USBPDO-2 876B41F8
Device \Driver\usbehci \Device\USBPDO-3 8769C500
Device \Driver\ACPI_HAL \Device\00000060 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-4 876B41F8
Device \Driver\usbuhci \Device\USBPDO-5 876B41F8
Device \Driver\usbuhci \Device\USBPDO-6 876B41F8
Device \Driver\volmgr \Device\HarddiskVolume1 85A751F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\usbehci \Device\USBPDO-7 8769C500
Device \Driver\volmgr \Device\HarddiskVolume2 85A751F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\cdrom \Device\CdRom0 874FE388
Device \Driver\volmgr \Device\HarddiskVolume3 85A751F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\NetBT \Device\NetBT_Tcpip_{C75C92BA-84B3-46C1-B7A0-AD767621E47F} 875B91F8
Device \Driver\iaStor \Device\Ide\iaStor0 [89AC5360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section]
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [89AC5360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section]
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-1 [89AC5360] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section]
Device \Driver\cdrom \Device\CdRom1 874FE388
Device \Driver\cdrom \Device\CdRom2 874FE388
Device \Driver\PCI_PNP8428 \Device\00000069 spjy.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export 875B91F8
Device \Driver\USBSTOR \Device\00000091 881431F8
Device \Driver\USBSTOR \Device\00000092 881431F8
Device \Driver\USBSTOR \Device\00000094 881431F8
Device \Driver\USBSTOR \Device\00000095 881431F8
Device \Driver\sptd \Device\156902429 spjy.sys
Device \Driver\usbuhci \Device\USBFDO-0 876B41F8
Device \Driver\usbuhci \Device\USBFDO-1 876B41F8
Device \Driver\usbuhci \Device\USBFDO-2 876B41F8
Device \Driver\usbehci \Device\USBFDO-3 8769C500
Device \Driver\usbuhci \Device\USBFDO-4 876B41F8
Device \Driver\usbuhci \Device\USBFDO-5 876B41F8
Device \Driver\usbuhci \Device\USBFDO-6 876B41F8
Device \Driver\usbehci \Device\USBFDO-7 8769C500
Device \Driver\aq0glqk4 \Device\Scsi\aq0glqk41Port1Path0Target0Lun0 87741500
Device \Driver\aq0glqk4 \Device\Scsi\aq0glqk41 87741500

---- Threads - GMER 1.0.15 ----

Thread System [4:264] 875D2930

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\0021857ce24f (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\0021857ce24f@001ee152f25e 0xBD 0x50 0xF6 0x43 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xA5 0x49 0x05 0xE7 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x44 0x63 0xB3 0x02 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x15 0x4A 0x18 0x34 ...
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xE9 0x89 0xD5 0xE1 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0021857ce24f
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0021857ce24f@001ee152f25e 0xBD 0x50 0xF6 0x43 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xA5 0x49 0x05 0xE7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x43 0x93 0xB3 0x39 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x15 0x4A 0x18 0x34 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x50 0xE9 0x4A 0x62 ...
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\0021857ce24f (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\0021857ce24f@001ee152f25e 0xBD 0x50 0xF6 0x43 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xA5 0x49 0x05 0xE7 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x43 0x93 0xB3 0x39 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x15 0x4A 0x18 0x34 ...
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x50 0xE9 0x4A 0x62 ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Donbenitos\Downloads\CloneDVD\x2122 2\SetupCloneDVD2922Slysoft.exe 1

---- EOF - GMER 1.0.15 ----

cool!! :jap:

-->Message édité par donbenitos le 12/10/2009 00:18:36<--

répondre

PRODUITS

TÉLÉCHARGER - LOGICIELS

JEUX VIDÉOS

LOISIRS

01NET PRO

AVIS ET COMMENTAIRES

A PROPOS DE 01NET

		> Promotion : Web to Date 5 Profitez de -50% jusqu'au 15 novembre !