windows 7 très lent à l'ouverture [Résolu]

[PLAYWINE]

Bonjour,
Depuis quelque temps, mon portable sous windows 7 met un temps infini à s'ouvrir ...
J'ai fait passer WAW puis POWER SUITE et CCLEANER mais aucun résultat notable ...
Il faut environ 10/15 mn pour qu'il s'ouvre ... et ensuite j'ai de temps en temps des blocages de quelques secondes avec le sablier en train de s'écouler .....
Merci de votre aide afin de résoudre celà ....

[nardino]

Bonjour,

Télécharge et installe Malwarebytes Anti-Malware de RubbeR DuckY

Double-clique sur le fichier mbam-setup-1.46.exe (sous Vista et 7 autorise les modifications)
A la fin de l'installation, veille à ce que les options suivantes soient cochées

• -Mettre à jour Malwarebytes' Anti-Malware
  -Exécuter Malwarebytes' Anti-Malware

Clique sur Terminer
Une fenêtre Mise à jour de Malwarebytes' Anti-Malware va s'ouvrir avec une barre de progression.
Puis une autre annonçant le succès de la mise à jour de la base de données. Clique sur OK.
Le programme s'ouvre sur l'onglet Recherche.
Coche Exécuter un examen rapide, clique sur le bouton

A la fin du scan, sélectionne tout et clique sur Supprimer la sélection

Poste le rapport qui s'ouvre après cette suppression.
Redémarre le pc si cela est demandé
Tu peux retrouver le rapport dans l'onglet Rapports/Logs avec la date et l'heure d'exécution.

Télécharge RSIT de random/random, sur le Bureau *

Double-clique sur RSIT.exe afin de lancer l'outil, il ne nécessite pas d'installation.*
Clique Continue à l'écran Disclaimer si tu acceptes les conditions.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et accepte la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
[/img] Poste le contenu de log.txt, celui qui va s'ouvrir et ferme info.txt qui est réduit dans la Barre des tâches.
Il ne sera demandé qu'en cas de nécessité.
Ces rapports sont enregistrés dans le dossier C:\rsit


*Sous Vista
Clique droit sur l'icône et dans le menu sur "Exécuter en tant qu'administrateur"

*Sous Sept
Il faut mettre le fichier RSIT.exe sur le bureau, faire un clic droit dessus et dans Propriétés, onglet Compatibilité, cocher la case "Exécuter ce programme en mode compatibilité pour" et dans le menu choisir Viste SP2 et la case dans Niveau de privilège.
Valide par Appliquer.

Rappel pour faire un copier-coller.

• Appuie sur les touches CTRL+A pour sélectionner tout le rapport, puis sur CTRL+C pour tout copier dans le presse-papier.
  Dans ta réponse tu appuies sur CTRL+V pour coller le contenu du presse-papier.
  Tu renouvelles pour chaque rapport demandé.

Selon l'analyse des deux rapports, nous établirons une procédure pour la désinfection ou bien nous compléterons les recherches avec d'autres outils.

@+

[PLAYWINE]

mERCI je fais le nécessaire ......
et vous envoie celà dès que possible

[PLAYWINE]

Voici si je ne me suis pas trompé les 3 rapports ci-dessous ... Je fais faire 2 envois c'est trop long !!!!
Merci



info.txt logfile of random's system information tool 1.08 2010-09-11 14:12:50

======Uninstall list======

-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Reader 9.3.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
Apple Mobile Device Support-->MsiExec.exe /I{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}
ATI Catalyst Install Manager-->msiexec /q/x{B15A87DC-46AC-D726-E2F5-06A3D5F35C06} REBOOT=ReallySuppress
ATI Catalyst Registration-->MsiExec.exe /X{72736F5F-520D-472A-88CC-7B02872FD34E}
Avanquest update-->"C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x040c -removeonly
avast! Internet Security-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}
BuyObaB-->"C:\Program Files\ReducBarre\bt-uninst.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Conseiller de mise à niveau vers Windows 7-->MsiExec.exe /I{9D10CB57-B085-44c3-B435-2D193BA153F0}
CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall
CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall
Duplicate Cleaner 1.4.5-->"C:\Program Files\Duplicate Cleaner\unins000.exe"
EASEUS Partition Master 4.0 Professional Edition Demo-->"C:\Program Files\EASEUS\EASEUS Partition Master 4.0 Professional Edition Demo\unins000.exe"
EBP Btrieve 8.6-->"C:\ProgramData\{B33CBE2B-A739-401D-A5E0-041195C4A17B}\EBP_Btrieve8.6_SETUP.exe" REMOVE=TRUE MODIFY=FALSE
EBP Btrieve 8.6-->C:\ProgramData\{B33CBE2B-A739-401D-A5E0-041195C4A17B}\EBP_Btrieve8.6_SETUP.exe
EBP Business Plan 2008 5.0 Edition PME-->"C:\ProgramData\{EF8899D2-B74E-4F22-BB4D-E83068AE38B7}\EBP.exe" REMOVE=TRUE MODIFY=FALSE
EBP Business Plan 2008 5.0 Edition PME-->C:\ProgramData\{EF8899D2-B74E-4F22-BB4D-E83068AE38B7}\EBP.exe
EBP Communication Entreprise Expert-->"C:\ProgramData\{4BF46BDD-EE8B-40BF-93B9-350B05268195}\setup.exe" REMOVE=TRUE MODIFY=FALSE
EBP Communication Entreprise Expert-->C:\ProgramData\{4BF46BDD-EE8B-40BF-93B9-350B05268195}\setup.exe
EBP Compta 14.1-->"C:\ProgramData\{5C2C5191-7A08-458F-BB1C-BF0EA7965F8C}\setup.exe" REMOVE=TRUE MODIFY=FALSE
EBP Compta 14.1-->C:\ProgramData\{5C2C5191-7A08-458F-BB1C-BF0EA7965F8C}\setup.exe
EBP Etats Financiers 12.0-->"C:\ProgramData\{036C111E-A058-4ED7-8526-95D677652E52}\EBP_EtatsFinanciers.exe" REMOVE=TRUE MODIFY=FALSE
EBP Etats Financiers 12.0-->C:\ProgramData\{036C111E-A058-4ED7-8526-95D677652E52}\EBP_EtatsFinanciers.exe
EBP Gestion Commerciale 14.1-->"C:\ProgramData\{1F9C5717-BEC4-4363-A550-3F98C367E24C}\setup.exe" REMOVE=TRUE MODIFY=FALSE
EBP Gestion Commerciale 14.1-->C:\ProgramData\{1F9C5717-BEC4-4363-A550-3F98C367E24C}\setup.exe
EBP Paye 14.0-->"C:\ProgramData\{C5520C05-8621-44CF-8807-E06139F8A358}\setup.exe" REMOVE=TRUE MODIFY=FALSE
EBP Paye 14.0-->C:\ProgramData\{C5520C05-8621-44CF-8807-E06139F8A358}\setup.exe
EBP Utilitaire d'échanges 1.1-->"C:\ProgramData\{8E9A6C91-00BF-48DB-A30C-77D57628D2A7}\setup.exe" REMOVE=TRUE MODIFY=FALSE
EBP Utilitaire d'échanges 1.1-->C:\ProgramData\{8E9A6C91-00BF-48DB-A30C-77D57628D2A7}\setup.exe
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
Epson Stylus SX510W_TX550W Manuel-->C:\Program Files\EPSON\TPMANUAL\ESSX510W_TX550W\FRA\USE_G\DOCUNINS.EXE
EPSON SX510W Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSFIE.EXE /R /APD /P:"EPSON SX510W Series"
eReg-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
FIXIO PC Cleaner-->MsiExec.exe /X{1C415213-C4A7-4CB0-A982-AC236879B14A}
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Foxit Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\6.0.472.55\Installer\setup.exe" --uninstall --system-level
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HiYo -->MsiExec.exe /X{00E1E235-AB45-4695-A156-073118949ED4} ARPVAL="UnInst" /qf /L*V "%temp%\HiYoUninstallLog.log"
HiYo-->MsiExec.exe /X{00E1E235-AB45-4695-A156-073118949ED4}
HomePlayer 1.5.9-->C:\Program Files\HomePlayer\uninst.exe
HP Customer Participation Program 13.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Imaging Device Functions 13.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Print Diagnostic Utility-->MsiExec.exe /I{209DF55F-5E5C-48A3-BC3D-A7CB1224458C}
HP Smart Web Printing 4.60-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
Identity Card-->C:\Program Files\Packard Bell\Identity Card\Uninstall.exe
IncrediMail 2.0-->C:\Program Files\IncrediMail\Bin\ImSetup.exe /uninstallProduct /addon:incredimail
IncrediMail JunkFilter Plus-->C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:JunkFilterPlus
IncrediMail-->MsiExec.exe /X{5E97F3BD-CDDC-4188-9D98-532E14FABB5D}
InfoCentre-->C:\Program Files\Packard Bell\InfoCentre\Uninstall.exe
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel(R) Rapid Storage Technology-->C:\Program Files\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Internet Explorer (Enable DEP)-->%windir%\system32\sdbinst.exe -u "C:\Windows\AppPatch\Custom\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb"
iTunes-->MsiExec.exe /I{350FB27C-CF62-4EF3-AF9D-70FF313FE221}
IZArc 4.1-->"C:\Program Files\IZArc\unins000.exe"
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Kit Internet Mobile Bouygues Telecom-->"C:\Program Files\InstallShield Installation Information\{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}\setup.exe" -runfromtemp -l0x040c -removeonly
Launch Manager-->C:\Windows\UnInst32.exe LManager.UNI
Logiciel Intel(R) PROSet/Wireless WiFi-->MsiExec.exe /I{B90E5EBE-DF18-44D5-9D18-689ADEE9DA6C}
Logitech SetPoint 6.15-->C:\Program Files\Common Files\LogiShrd\SP6_Uninstall\setup.exe
Ma-Config.com-->MsiExec.exe /X{B301DCED-AA7B-4EE5-8EB6-967DA385714A}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MetaBoli-->"C:\Program Files\InstallShield Installation Information\{709817E4-5439-4206-8738-796B34B623BD}\setup.exe" -runfromtemp -l0x040c -removeonly
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Fix it Center-->MsiExec.exe /X{B7588D45-AFDC-4C93-9E2E-A100F3554B64}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Access MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-0015-040C-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-0016-040C-0000-0000000FF1CE}
Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professionnel 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (French) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010 (Beta)-->MsiExec.exe /X{20140000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2010 (Beta)-->MsiExec.exe /X{20140000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-006E-040C-0000-0000000FF1CE}
Microsoft Office Single Image 2010 (Beta)-->MsiExec.exe /X{20140000-003D-0000-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2010 (Beta)-->MsiExec.exe /X{20140000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.6.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 8 Essentials-->MsiExec.exe /X{5C1BF3AC-B19D-4C26-B0A0-90833A521036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043}
OCR Software by I.R.I.S. 13.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
ODS-->C:\Program Files\ODS\Uninstal.exe
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OLYMPUS Raw Codec-->MsiExec.exe /I{5EA05D7F-5645-4068-A60F-0DCF8FBFD267}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)-->C:\PROGRA~1\DIFX\270581~1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\mbtmdm.inf_x86_neutral_e20f836d82e93ab4\mbtmdm.inf
Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581~1\DPInst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
Packard Bell Customer Registration-->C:\Program Files\Packard Bell\Packard Bell Customer Registration\Uninstall.exe
Packard Bell PowerSave Solution-->"C:\Program Files\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x040c -removeonly
PackardBell ScreenSaver-->C:\Windows\Screensavers\PackardBell\Uninstall.exe
Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
pdfforge Toolbar v1.1.2-->MsiExec.exe /X{5791B7D3-8B34-4218-9750-6A8E45D0AD32}
PhotoMail Maker-->MsiExec.exe /X{75AE8014-1184-4BC0-B279-C879540719EE}
PhotoMail Maker-->MsiExec.exe /X{75AE8014-1184-4BC0-B279-C879540719EE} ARPVAL="UnInst" /qf /L*V "%temp%\PhotoMailUninstallLog.log"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PrimoPDF -- by Nitro PDF Software-->"C:\Program Files\Nitro PDF\PrimoPDF\uninstaller.exe"
QuickTime-->MsiExec.exe /I{EB900AF8-CC61-4E15-871B-98D1EA3E8025}
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709
RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}
Scrabble™ Interactive 2009 Edition-->"C:\Program Files\Ubisoft\Scrabble2009\unins000.exe"
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for Microsoft Office 2010 File Validation - Beta (KB976133)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{20140000-003D-0000-0000-0000000FF1CE}" "{701D1499-1FE5-4E8E-9E09-562423116373}" "1036" "0"
Security Update for Microsoft Office 2010 File Validation - Beta (KB976133)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{20140000-003D-0000-0000-0000000FF1CE}" "{76CB26F9-C8AD-403B-8461-168B18C2FE31}" "1036" "0"
Security Update for Microsoft Office 2010 File Validation - Beta (KB976133)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{20140000-003D-0000-0000-0000000FF1CE}" "{7CDAA76C-5DB2-431F-A921-14A106BD8FA3}" "1036" "0"
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
SetUpMyPC-->C:\Program Files\Packard Bell\SetUpMyPC\Uninstall.exe
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Super Finder XT 1.6.2.1-->"C:\Program Files\FSL\SuperFinder\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
SyncBack-->"C:\Program Files\2BrightSparks\SyncBack\unins000.exe"
TomTom HOME 2.7.6.2056-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Uniblue DriverScanner-->"C:\Program Files\Uniblue\DriverScanner\unins000.exe"
Uniblue PowerSuite-->"C:\Program Files\Uniblue\PowerSuite\unins000.exe"
Uniblue RegistryBooster-->"C:\Program Files\Uniblue\RegistryBooster\unins000.exe"
Uniblue SpeedUpMyPC-->"C:\Program Files\Uniblue\SpeedUpMyPC\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}
Updator-->C:\Program Files\Packard Bell\Updator\Uninstall.exe
Upgrade Kit-->"C:\Program Files\InstallShield Installation Information\{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}\setup.exe" -runfromtemp -l0x040c -removeonly
Utilitaire de configuration iPhone-->MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1}
WebCam 5.00-->"C:\Program Files\WebCam\unins000.exe"
Windows Driver Package - Intel (NETw5v32) net (05/14/2009 12.4.1.11)-->C:\PROGRA~1\DIFX\BBC37C1CF4CB84C6\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\netw5v32.inf_x86_neutral_cfe633459864c39c\netw5v32.inf
Windows Driver Package - Intel System (01/21/2009 9.1.1.1013)-->C:\PROGRA~1\DIFX\BBC37C1CF4CB84C6\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\ich9core.inf_x86_neutral_456ca5fcb352a6d0\ich9core.inf
Windows Driver Package - Intel System (02/02/2009 9.1.0.1012)-->C:\PROGRA~1\DIFX\BBC37C1CF4CB84C6\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\2008s4el.inf_x86_neutral_743fc96fa8857a1a\2008s4el.inf
Windows Driver Package - Intel System (05/18/2007 8.3.1.1005)-->C:\PROGRA~1\DIFX\BBC37C1CF4CB84C6\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\945gm.inf_x86_neutral_356fae0a67873540\945gm.inf
Windows Driver Package - Intel System (06/28/2008 9.1.0.1003)-->C:\PROGRA~1\DIFX\BBC37C1CF4CB84C6\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\pm45gm45.inf_x86_neutral_a032f4a8fc522d64\pm45gm45.inf
Windows Driver Package - Intel System (11/07/2008 7.0.1.1011)-->C:\PROGRA~1\DIFX\BBC37C1CF4CB84C6\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\dmi_pci.inf_x86_neutral_90caa4ee8dd2d086\dmi_pci.inf
Windows Driver Package - Intel USB (12/03/2008 8.3.1.1011)-->C:\PROGRA~1\DIFX\BBC37C1CF4CB84C6\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\ich9usb.inf_x86_neutral_f548529d968ddf5b\ich9usb.inf
Windows Driver Package - Realtek (RSUSBSTOR) USB (09/02/2009 6.1.7600.30104)-->C:\PROGRA~1\DIFX\BBC37C1CF4CB84C6\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\rtsustor.inf_x86_neutral_e9906909aaf058fe\rtsustor.inf
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/06/2009 6.0.1.5888)-->C:\PROGRA~1\DIFX\BBC37C~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_f09cfcfc7d23b5d0\hdart.inf
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/28/2009 6.0.1.5904)-->C:\PROGRA~1\DIFX\BBC37C1CF4CB84C6\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_b50f9d02cd606625\hdart.inf
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WordBiz version 1.8-->"C:\Program Files\WordBiz\unins000.exe"

======System event log======

Computer Name: PC-de-ACGSP
Event Code: 7000
Message: Le service HsfXAudioService n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Record Number: 175998
Source Name: Service Control Manager
Time Written: 20100708123616.645681-000
Event Type: Erreur
User:

Computer Name: PC-de-ACGSP
Event Code: 7009
Message: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service HsfXAudioService.
Record Number: 175997
Source Name: Service Control Manager
Time Written: 20100708123616.645681-000
Event Type: Erreur
User:

Computer Name: PC-de-ACGSP
Event Code: 11
Message: Les bibliothèques de liens dynamiques sont chargées pour chaque application. L’administrateur système doit vérifier la liste des bibliothèques pour s’assurer qu’elles sont associées à des applications approuvées.
Record Number: 175967
Source Name: Microsoft-Windows-Wininit
Time Written: 20100708123612.282050-000
Event Type: Avertissement
User: AUTORITE NT\Système

Computer Name: PC-de-ACGSP
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 175928
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20100708123518.267803-000
Event Type: Avertissement
User: AUTORITE NT\Système

Computer Name: PC-de-ACGSP
Event Code: 10002
Message: Le module d’extensibilité WLAN s’est arrêté.

Chemin d’accès du module : C:\Windows\System32\IWMSSvc.dll

Record Number: 175925
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20100708123517.987002-000
Event Type: Avertissement
User: AUTORITE NT\Système

=====Application event log=====

Computer Name: PC-de-ACGSP
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 19579
Source Name: Microsoft-Windows-WMI
Time Written: 20100131083823.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-ACGSP
Event Code: 1000
Message: Nom de l’application défaillante ePowerTray.exe, version : 4.6.3005.0, horodatage : 0x4a952607
Nom du module défaillant : ePowerTray.exe, version : 4.6.3005.0, horodatage : 0x4a952607
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000b446
ID du processus défaillant : 0x1044
Heure de début de l’application défaillante : 0x01caa1868a9392d5
Chemin d’accès de l’application défaillante : C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerTray.exe
Chemin d’accès du module défaillant: C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerTray.exe
ID de rapport : e0f09202-0d79-11df-84d1-00235ae3298d
Record Number: 19557
Source Name: Application Error
Time Written: 20100130083137.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-ACGSP
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 19539
Source Name: Microsoft-Windows-WMI
Time Written: 20100130082915.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-ACGSP
Event Code: 1000
Message: Nom de l’application défaillante ePowerTray.exe, version : 4.6.3005.0, horodatage : 0x4a952607
Nom du module défaillant : ePowerTray.exe, version : 4.6.3005.0, horodatage : 0x4a952607
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000b446
ID du processus défaillant : 0xe4
Heure de début de l’application défaillante : 0x01caa122e8ddecd5
Chemin d’accès de l’application défaillante : C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerTray.exe
Chemin d’accès du module défaillant: C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerTray.exe
ID de rapport : 40928fea-0d16-11df-833f-00235ae3298d
Record Number: 19507
Source Name: Application Error
Time Written: 20100129203827.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-ACGSP
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 19494
Source Name: Microsoft-Windows-WMI
Time Written: 20100129203632.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name: PC-de-ACGSP
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-0-0
Nom du compte : -
Domaine du compte : -
ID d’ouverture de session : 0x0

Type d’ouverture de session : 3

Nouvelle ouverture de session :
ID de sécurité : S-1-5-7
Nom du compte : ANONYMOUS LOGON
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x122b5d4
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x0
Nom du processus : -

Informations sur le réseau :
Nom de la station de travail : ACGSP-BUREAU
Adresse du réseau source : 192.168.0.102
Port source : 3574

Informations détaillées sur l’authentification :
Processus d’ouverture de session : NtLmSsp
Package d’authentification : NTLM
Services en transit : -
Nom du package (NTLM uniquement) : NTLM V1
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 94340
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100625113333.605419-000
Event Type: Succès de l’audit
User:

Computer Name: PC-de-ACGSP
Event Code: 4634
Message: Fermeture de session d’un compte.

Sujet :
ID de sécurité : S-1-5-21-2264093477-827153958-22578150-501
Nom du compte : Invité
Domaine du compte : PC-de-ACGSP
ID du compte : 0x1228f73

Type d’ouverture de session : 3

Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur.
Record Number: 94339
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100625113332.269343-000
Event Type: Succès de l’audit
User:

Computer Name: PC-de-ACGSP
Event Code: 4634
Message: Fermeture de session d’un compte.

Sujet :
ID de sécurité : S-1-5-21-2264093477-827153958-22578150-501
Nom du compte : Invité
Domaine du compte : PC-de-ACGSP
ID du compte : 0x1226285

Type d’ouverture de session : 3

Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur.
Record Number: 94338
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100625113319.846632-000
Event Type: Succès de l’audit
User:

Computer Name: PC-de-ACGSP
Event Code: 4634
Message: Fermeture de session d’un compte.

Sujet :
ID de sécurité : S-1-5-21-2264093477-827153958-22578150-501
Nom du compte : Invité
Domaine du compte : PC-de-ACGSP
ID du compte : 0x1222037

Type d’ouverture de session : 3

Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur.
Record Number: 94337
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100625113308.210967-000
Event Type: Succès de l’audit
User:

Computer Name: PC-de-ACGSP
Event Code: 4634
Message: Fermeture de session d’un compte.

Sujet :
ID de sécurité : S-1-5-21-2264093477-827153958-22578150-501
Nom du compte : Invité
Domaine du compte : PC-de-ACGSP
ID du compte : 0x121cb05

Type d’ouverture de session : 3

Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur.
Record Number: 94336
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100625113256.187279-000
Event Type: Succès de l’audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"DFSTRACINGON"=FALSE
"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\PC Connectivity Solution\;C:\PVSW\Bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\QuickTime\QTSystem\
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"asl.log"=Destination=file;OnFirstLog=command,environment
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

[PLAYWINE]

Envoi 2

Logfile of random's system information tool 1.08 (written by random/random)
Run by A.C.G.S.P at 2010-09-11 14:12:35
Microsoft Windows 7 Édition Familiale Premium
System drive C: has 190 GB (75%) free of 254 GB
Total RAM: 3070 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:12:47, on 11/09/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFIE.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\IncrediMail\bin\ImNotfy.exe
C:\Users\A.C.G.S.P\Downloads\RSIT(2).exe
C:\Program Files\trend micro\A.C.G.S.P.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... ynote_lj65
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... ynote_lj65
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.asp ... ynote_lj65
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: ReducBarreHelper - {357ADA38-B41F-4432-9F10-5638FA4A75AD} - C:\Program Files\ReducBarre\ReducBarre.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: BuyObaB - {1660B308-BECB-4062-890D-396B2FBBC8CA} - C:\Program Files\ReducBarre\ReducBarre.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [EPSON SX510W Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU "C:\Users\ACGS~1.P\AppData\Local\Temp\E_S64AC.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Envoyer à OneNote - res:///105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate1ca9ceb219ea2eb) (gupdate1ca9ceb219ea2eb) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: HsfXAudioService - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Assistance IP (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Groupement de mise en réseau de pairs (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Superfetch (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Client de suivi de lien distribué (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Windows Connect Now - Registre de configuration (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de découverte automatique de Proxy Web pour les services HTTP Windows (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Windows Search (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 26440 bytes

======Scheduled tasks folder======

C:\Windows\tasks\FIXIOPCCleaner.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-2264093477-827153958-22578150-1000.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-13 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{357ADA38-B41F-4432-9F10-5638FA4A75AD}]
ReducBarreHelper Class - C:\Program Files\ReducBarre\ReducBarre.dll [2010-03-07 590848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-28 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-14 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2009-11-03 556432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2010-01-08 1109504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-28 263280]
{1660B308-BECB-4062-890D-396B2FBBC8CA} - BuyObaB - C:\Program Files\ReducBarre\ReducBarre.dll [2010-03-07 590848]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe [2009-08-26 494112]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2009-06-14 307200]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-18 1157640]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2009-07-14 144384]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]
"EPSON SX510W Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [2008-11-20 199680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-07-13 47904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [2009-03-10 250624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2009-09-27 83312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Video Web Camera\traybar.exe [2009-02-24 630784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2009-01-12 669520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-06-26 1311312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-26 30192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hiyo]
C:\Program Files\HiYo\bin\HiYo.exe [2010-07-13 255344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HomePlayer]
C:\Program Files\HomePlayer\HomePlayer.exe [2007-11-06 294912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-04-28 1828136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2010-09-01 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-10-17 91432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-28 7625248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2010-01-08 974848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-07-28 1833504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys]
C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe [2009-03-18 1160736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-07 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2009-09-20 270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-05-06 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Ubisoft\Scrabble2009\ScrabblePCR.exe"="C:\Program Files\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\Ubisoft\Scrabble2009\ScrabblePCR.exe"="C:\Program Files\Ubisoft\Scrabble2009\ScrabblePCR.exe:*:Enabled:ScrabblePCR"

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-11 14:12:35 ----DC---- C:\rsit
2010-09-11 11:41:47 ----SHDC---- C:\$RECYCLE.BIN
2010-09-11 11:29:34 ----D---- C:\Windows\MATS
2010-09-11 11:29:31 ----D---- C:\Program Files\Microsoft Fix it Center
2010-09-10 12:06:37 ----D---- C:\Program Files\Trend Micro
2010-09-07 08:12:38 ----D---- C:\Program Files\iTunes
2010-09-07 08:12:38 ----D---- C:\Program Files\iPod
2010-09-07 08:10:10 ----D---- C:\Program Files\QuickTime
2010-08-28 09:34:15 ----D---- C:\ProgramData\Sun
2010-08-28 09:34:14 ----D---- C:\Program Files\Common Files\Java
2010-08-28 09:34:05 ----A---- C:\Windows\system32\javaws.exe
2010-08-28 09:34:05 ----A---- C:\Windows\system32\javaw.exe
2010-08-28 09:34:05 ----A---- C:\Windows\system32\java.exe
2010-08-28 09:34:05 ----A---- C:\Windows\system32\deployJava1.dll
2010-08-27 13:34:35 ----A---- C:\Windows\system32\FeMakro.ini
2010-08-27 13:34:35 ----A---- C:\Windows\system32\FeAnim.ini
2010-08-27 13:34:20 ----A---- C:\Windows\system32\W95INF32.DLL
2010-08-27 13:34:20 ----A---- C:\Windows\system32\W95INF16.DLL
2010-08-27 13:34:20 ----A---- C:\Windows\system32\AcShlExt.dll
2010-08-27 13:30:44 ----A---- C:\Windows\system32\xls.dll
2010-08-27 13:30:44 ----A---- C:\Windows\system32\vbar332.dll
2010-08-27 13:30:44 ----A---- C:\Windows\system32\vbar2232.dll
2010-08-27 13:30:43 ----A---- C:\Windows\system32\VB6DE.DLL
2010-08-27 13:30:43 ----A---- C:\Windows\system32\VB5FR.DLL
2010-08-27 13:30:43 ----A---- C:\Windows\system32\VB5DE.DLL
2010-08-27 13:30:43 ----A---- C:\Windows\system32\VB5DB.DLL
2010-08-27 13:30:43 ----A---- C:\Windows\system32\VB40032.DLL
2010-08-27 13:30:42 ----A---- C:\Windows\system32\MSVCP50.DLL
2010-08-27 13:30:41 ----A---- C:\Windows\system32\MSVBVM50.DLL
2010-08-27 13:30:41 ----A---- C:\Windows\system32\msjter35.dll
2010-08-27 13:30:41 ----A---- C:\Windows\system32\msjter32.dll
2010-08-27 13:30:41 ----A---- C:\Windows\system32\msjt3032.dll
2010-08-27 13:30:41 ----A---- C:\Windows\system32\msjint35.dll
2010-08-27 13:30:41 ----A---- C:\Windows\system32\msjint32.dll
2010-08-27 13:30:39 ----A---- C:\Windows\system32\msjet35.dll
2010-08-27 13:30:39 ----A---- C:\Windows\system32\MFC71FRA.DLL
2010-08-27 13:30:39 ----A---- C:\Windows\system32\MFC71DEU.DLL
2010-08-27 13:30:39 ----A---- C:\Windows\system32\mfc42loc.dll
2010-08-27 13:30:38 ----A---- C:\Windows\system32\dao350.dll
2010-08-27 13:30:37 ----A---- C:\Windows\system32\atl71.dll
2010-08-27 13:30:35 ----D---- C:\Program Files\Micro Application
2010-08-27 11:48:07 ----D---- C:\Program Files\Common Files\Borland Shared
2010-08-27 11:47:25 ----HDC---- C:\ProgramData\{C5520C05-8621-44CF-8807-E06139F8A358}
2010-08-27 08:49:04 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-08-27 08:49:03 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-08-27 08:49:03 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2010-08-27 08:49:00 ----A---- C:\Windows\system32\drivers\aswFW.sys
2010-08-27 08:48:38 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-08-27 08:48:38 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2010-08-27 08:48:36 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-08-27 08:48:33 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-08-27 08:48:12 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2010-08-27 08:48:12 ----A---- C:\Windows\system32\aswBoot.exe
2010-08-27 08:48:10 ----D---- C:\ProgramData\Alwil Software
2010-08-26 18:08:50 ----D---- C:\Users\A.C.G.S.P\AppData\Roaming\FIXIO PC Utilities
2010-08-25 09:07:36 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-25 09:05:29 ----D---- C:\Users\A.C.G.S.P\AppData\Roaming\Malwarebytes
2010-08-25 09:04:06 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-08-25 09:04:01 ----D---- C:\ProgramData\Malwarebytes
2010-08-25 09:04:01 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-08-25 09:04:00 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-21 12:28:18 ----D---- C:\Users\A.C.G.S.P\AppData\Roaming\ArchiFacile
2010-08-14 21:57:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-14 21:57:11 ----A---- C:\Windows\system32\rtutils.dll
2010-08-14 21:57:05 ----A---- C:\Windows\system32\msxml3.dll
2010-08-14 21:56:59 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-14 21:56:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-14 21:56:22 ----A---- C:\Windows\system32\mshtml.dll
2010-08-14 21:54:13 ----A---- C:\Windows\system32\ieframe.dll
2010-08-14 21:54:04 ----A---- C:\Windows\system32\wininet.dll
2010-08-14 21:54:04 ----A---- C:\Windows\system32\urlmon.dll
2010-08-14 21:53:59 ----A---- C:\Windows\system32\iepeers.dll
2010-08-14 21:53:59 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-14 21:53:58 ----A---- C:\Windows\system32\mstime.dll
2010-08-14 21:53:56 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-14 21:53:56 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-14 21:53:56 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-14 21:53:56 ----A---- C:\Windows\system32\ieui.dll
2010-08-14 21:53:01 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-14 21:53:01 ----A---- C:\Windows\system32\iccvid.dll
2010-08-14 13:11:13 ----D---- C:\Windows\pss
2010-08-12 14:39:45 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-12 14:39:45 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-12 14:39:44 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-12 14:34:30 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 months======

2010-09-11 14:12:41 ----D---- C:\Windows\Temp
2010-09-11 14:09:35 ----D---- C:\Windows\system32\config
2010-09-11 14:00:45 ----D---- C:\Windows\inf
2010-09-11 14:00:45 ----AD---- C:\Windows\System32
2010-09-11 14:00:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-11 13:03:39 ----D---- C:\Windows\system32\drivers
2010-09-11 11:48:12 ----D---- C:\Windows\system32\NDF
2010-09-11 11:44:34 ----D---- C:\Windows\Tasks
2010-09-11 11:29:36 ----SHD---- C:\Windows\Installer
2010-09-11 11:29:35 ----HD---- C:\Config.Msi
2010-09-11 11:29:34 ----D---- C:\Windows
2010-09-11 11:29:31 ----D---- C:\Program Files
2010-09-10 13:42:46 ----D---- C:\Windows\Minidump
2010-09-10 13:42:46 ----D---- C:\Windows\debug
2010-09-10 13:40:11 ----D---- C:\Program Files\CCleaner
2010-09-10 12:56:50 ----SHD---- C:\System Volume Information
2010-09-10 12:55:27 ----D---- C:\Windows\system32\Tasks
2010-09-10 08:24:12 ----D---- C:\Windows\Prefetch
2010-09-10 07:38:55 ----D---- C:\Program Files\RebootPC v1.40
2010-09-09 14:42:54 ----A---- C:\Windows\Crw.ini
2010-09-08 19:55:14 ----D---- C:\Program Files\Mozilla Firefox
2010-09-08 19:33:28 ----A---- C:\Windows\NeroDigital.ini
2010-09-07 08:12:38 ----D---- C:\Program Files\Common Files\Apple
2010-09-07 08:09:20 ----D---- C:\Windows\system32\DriverStore
2010-09-07 08:09:20 ----D---- C:\Windows\system32\catroot
2010-09-05 19:39:11 ----D---- C:\Program Files\Microsoft Silverlight
2010-08-28 09:34:15 ----HD---- C:\ProgramData
2010-08-28 09:34:14 ----D---- C:\Program Files\Common Files
2010-08-28 09:34:01 ----D---- C:\Program Files\Java
2010-08-27 14:46:23 ----D---- C:\Program Files\WordBiz
2010-08-27 13:30:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-27 12:42:39 ----D---- C:\Windows\system32\catroot2
2010-08-27 11:30:54 ----D---- C:\Program Files\EBP
2010-08-27 08:48:10 ----D---- C:\Program Files\Alwil Software
2010-08-26 23:44:59 ----D---- C:\Windows\winsxs
2010-08-26 23:44:22 ----D---- C:\Windows\AppPatch
2010-08-26 21:31:03 ----D---- C:\Users\A.C.G.S.P\AppData\Roaming\HpUpdate
2010-08-26 18:36:10 ----HD---- C:\ACER
2010-08-23 12:10:53 ----D---- C:\ProgramData\ma-config.com
2010-08-23 12:10:53 ----D---- C:\Program Files\ma-config.com
2010-08-19 14:11:29 ----D---- C:\Windows\Downloaded Program Files
2010-08-18 11:15:06 ----D---- C:\Windows\Microsoft.NET
2010-08-18 11:14:38 ----RSD---- C:\Windows\assembly
2010-08-18 10:50:21 ----D---- C:\Program Files\Kit Internet Mobile Bouygues Telecom
2010-08-18 09:41:31 ----D---- C:\Windows\system32\migration
2010-08-18 09:41:31 ----D---- C:\Program Files\Internet Explorer
2010-08-17 21:50:50 ----D---- C:\Program Files\Microsoft Works
2010-08-17 21:49:54 ----D---- C:\ProgramData\Microsoft Help
2010-08-17 20:56:12 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2010-08-17 20:49:36 ----D---- C:\Users\A.C.G.S.P\AppData\Roaming\Samsung
2010-08-14 17:44:52 ----D---- C:\Program Files\Business-in-a-Box
2010-08-14 17:40:36 ----D---- C:\Program Files\eMule
2010-08-14 12:47:42 ----D---- C:\Windows\system32\wbem
2010-08-14 12:46:57 ----D---- C:\Windows\system32\wfp
2010-08-14 12:46:53 ----SD---- C:\ProgramData\Microsoft
2010-08-14 12:46:53 ----D---- C:\Windows\system32\CodeIntegrity
2010-08-14 12:46:53 ----D---- C:\ProgramData\pdf995
2010-08-14 12:46:51 ----D---- C:\Windows\registration
2010-08-14 12:25:25 ----SHD---- C:\Recovery

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2010-06-28 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2010-09-07 190416]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 435736]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2010-09-07 99792]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2010-09-07 340048]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-07-07 5882368]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-07-07 210944]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-21 107024]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-07-15 36608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-28 2735504]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2010-05-21 273960]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-03-18 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-03-18 37328]
R3 NETw5s32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows 7 32 bits ; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\Drivers\NTIDrvr.sys [2008-01-30 14848]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-02-06 205232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-07-07 5882368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2010-05-01 14336]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2009-04-22 9728]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2009-04-22 3072]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\Windows\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2010-05-21 4231680]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-02 174592]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-12-24 155808]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-02-23 62976]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-07-07 176128]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2010-09-07 119200]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe [2009-08-26 690720]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-01-19 858384]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-07-15 233472]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2009-03-10 44800]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-01-19 473360]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca9ceb219ea2eb;Service Google Update (gupdate1ca9ceb219ea2eb); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-24 133104]
S2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-28 182768]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-05-06 293456]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2010-08-13 259440]
S3 MatSvc;@%ProgramFiles%\Microsoft Fix it Center\MatsRes.dll,-9000; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1343400]
S4 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
S4 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
S4 EBP Pervasive.SQL;EBP Pervasive.SQL; C:\PVSW\Bin\WGE_SRV.exe [2006-12-07 32768]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-13 654848]
S4 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-26 30192]
S4 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-04-28 529704]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]

-----------------EOF-----------------

[PLAYWINE]

Envoi 3 et fin

Oui HKCU:Run ehTray.exe C:\Windows\ehome\ehTray.exe
Oui HKCU:Run ISUSPM "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
Oui HKCU:Run EPSON SX510W Series C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU "C:\Users\ACGS~1.P\AppData\Local\Temp\E_S64AC.tmp" /EF "HKCU"
Non HKCU:Run IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
Non HKCU:Run SmpcSys C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
Non HKCU:Run swg "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
Oui HKLM:Run SynTPEnh C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Oui HKLM:Run Acer ePower Management C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe
Oui HKLM:Run ATICustomerCare "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
Oui HKLM:Run LManager C:\Program Files\Launch Manager\LManager.exeAC
Oui HKLM:Run SunJavaUpdateSched "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Oui HKLM:Run IAStorIcon C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
Oui HKLM:Run avast5 C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
Non HKLM:Run AppleSyncNotifier C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
Non HKLM:Run BackupManagerTray "C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -k
Non HKLM:Run BCSSync "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
Non HKLM:Run Camera Assistant Software "C:\Program Files\Video Web Camera\traybar.exe"
Non HKLM:Run EEventManager C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
Non HKLM:Run EvtMgr6 C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
Non HKLM:Run Google Desktop Search "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
Non HKLM:Run Hiyo C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
Non HKLM:Run HomePlayer C:\Program Files\HomePlayer\HomePlayer.exe -autostart
Non HKLM:Run iTunesHelper "C:\Program Files\iTunes\iTunesHelper.exe"
Non HKLM:Run PDVD8LanguageShortcut "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
Non HKLM:Run QuickTime Task "C:\Program Files\QuickTime\QTTask.exe" -atboottime
Non HKLM:Run RemoteControl8 "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
Non HKLM:Run RtHDVCpl C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
Non HKLM:Run SearchSettings C:\Program Files\pdfforge Toolbar\SearchSettings.exe
Non HKLM:Run Skytel C:\Program Files\Realtek\Audio\HDA\Skytel.exe
Non Startup Common HP Digital Imaging Monitor.lnk C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe


Bonne lecture ... Merci

[roballar]

Bonjour,
Tu es sûre que tu n'as rien oublié...

[PLAYWINE]

Je t'ai adressé les 3 rapports demandés !!!!
Si j' ai fait un oubli ou une erreur ... merci de me le dire ..
Je te remercie par avance de ton étude des rapports ...

[chantal11]

Bonjour,

Pour avancer Nardino, il manque le rapport Malwarebytes

@+

[PLAYWINE]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4594

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11/09/2010 17:34:16
mbam-log-2010-09-11 (17-34-16).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 148648
Temps écoulé: 24 minute(s), 33 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Désolé le voilà ...
Merci de vos conclusions