Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

Mon curseur se déplace seul et il efface

Dernière réponse le 14 nov 2009 à 13:22:30 tom, le 6 jan 2009 à 15:20:50

Signaler ce message aux modérateurs

Bonjour,
Mon curseur se déplace seul, il efface ce que j'écris, ou encore vient se positionner en plein milieu d'une phrase que j'ai tapé. C'est très embettant.
Voici une copie de mon hijackthis, si quelqu'un peut m'aider

D'avance Merci

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:14:05 PM, on 1/6/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Armand\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Users\Armand\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Users\Armand\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Armand\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 9132 bytes

Configuration: Windows Vista
Firefox 3.0.5

Meilleures réponses pour « Mon curseur se déplace seul et il efface » dans :

Souris qui se déplace toute seule (Résolu) Voir

Curseur qui bouge tout seul... (Résolu) Voir

MON CURSEUR BOUGE TOUS SEUL (Résolu) Voir

Le courrier par internet VoirLe courrier par Internet Pour éviter les allers-retours au bureau de poste les bras chargés de courriers, il existe des services d'envoi de courrier par Internet. Plus besoin de se déplacer, seul impératif : un ordinateur connecté à Internet....

Curseur souris bouge seul dans un texte Voir

Curseur se déplace tout seul pendant frappe Voir

Pave numerique fou (Résolu) Voir

Télécharger ZAP Media Tools Voir

Télécharger Ant Commander Voir

Posez votre question Répondre

qwerty-, le 6 jan 2009 à 15:22:19

En tout cas, commence par te déconnecter du modem, le pirate qui t'as troyé ne pourra plus rien ! Meilleurs vœux a tous et toutes !
Il ne faut pas prendre les gens pour des cons,
Mais il ne faut jamais oublier qu'ils le sont .

Répondre à qwerty-

ric025, le 6 jan 2009 à 15:26:51

SAlut!!

Souris optique?

Commence par ceci:

Désactive l'UAC le temps de la désinfection :

http://www.commentcamarche.net/faq/sujet 8343 vista desactiver l uac

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

http://eric.71.mespages.googlepages.com/ToolBarSD.exe

Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de Toolbar-S&D.
Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.

Poste le rapport généré. (C:\TB.txt) Que l'on soit cadre, écrivain ou ouvrier, on se ressemble foutrement tous quand on dégueule
dans le caniveau... S.King

Répondre à ric025

tom, le 6 jan 2009 à 15:49:27

Voici le rapport obtenu après avoir
Désactivé l'UAC le temps de la désinfection :

http://www.commentcamarche.net/faq/sujet 8343 vista desactiver l uac

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.

http://eric.71.mespages.googlepages.com/ToolBarSD.exe

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Business ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A16
USER : Armand ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Internet Security 8.0.0.357 (Activated)
Firewall : Kaspersky Internet Security 8.0.0.357 (Activated)
C:\ (Local Disk) - NTFS - Total:232 Go (Free:184 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( Tue 01/06/2009|16:43 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="about:blank"
"Url"="http://go.microsoft.com/fwlink/?LinkId=44406"
"Url"="http://go.microsoft.com/fwlink/?LinkId=68928"
"Url"="http://go.microsoft.com/fwlink/?LinkId=68929"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Armand\AppData\Roaming\Microsoft\Windows\Recent\2 Sarbacane Goto Emailing Pro Fr 100% verifier bon+crack.txt.lnk

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - Tue 01/06/2009|16:44 - Option : [1]

-----------\\ Fin du rapport a 16:44:17.03

Répondre à tom

ric025, le 6 jan 2009 à 15:51:49

C:\Users\Armand\AppData\Roaming\Microsoft\Windows\Recent\2 Sarbacane Goto Emailing Pro Fr 100% verifier bon+crack.txt.lnk

--> A supprimer! Sinon, c'est reparti dans trois jours!

==========================

Ensuite: Désactive à nouveau l'UAC puis relance toolbarSD et exécute l'option 2, celle du nettoyage. Poste alors le rapport généré.

A+ Que l'on soit cadre, écrivain ou ouvrier, on se ressemble foutrement tous quand on dégueule
dans le caniveau... S.King

Répondre à ric025

tom, le 6 jan 2009 à 16:45:45

Ca n'a pas l'air de s'être arrangé. J'ai également passé AD AWARE qui m'a détecté un virus, que je lui ai fait éliminé.
Je ne sais plus quoi faire.
En tout cas merci à ceux qui m'ont apporté leur aide.

Répondre à tom

ric025, le 6 jan 2009 à 16:57:02

Je peux voir le rapport de suppression?

Ensuite:

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

http://images.malwareremoval.com/random/RSIT.exe

Double-clique sur RSIT.exe.

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

A noter: Les rapports se trouvent également ici: C:\rsit. Que l'on soit cadre, écrivain ou ouvrier, on se ressemble foutrement tous quand on dégueule
dans le caniveau... S.King

Répondre à ric025

tom, le 6 jan 2009 à 17:10:20

Fichier log et info

Voici le fichier log :

Logfile of random's system information tool 1.05 (written by random/random)
Run by Armand at 2009-01-06 18:06:48
Microsoft® Windows Vista™ Business Service Pack 1
System drive C: has 187 GB (78%) free of 238 GB
Total RAM: 2037 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:07:10 PM, on 1/6/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Armand\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Users\Armand\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Armand\Downloads\RSIT.exe
C:\Program Files\trend micro\Armand.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\Armand\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 9288 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\User_Feed_Synchronization-{036A3174-AA62-4D3F-BD31-E35D28CA1367}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll [2008-12-29 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-01-05 5804872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
{965B54B0-71E0-4611-8DE7-F73FA0B20E26} - Babylon - C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll [2008-09-01 267488]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-01-05 5804872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-12-13 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-12-13 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-12-13 133656]
"OEM02Mon.exe"=C:\Windows\OEM02Mon.exe [2007-05-10 36864]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2007-12-08 3444736]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2008-04-25 201992]
"DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-13 405504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-21 2153472]
"CollaborationHost"=C:\Windows\system32\p2phost.exe [2008-01-21 192000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Babylon Client]
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe [2008-09-01 3563232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2009-01-05 160592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector v2]
C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2006-11-29 90112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Armand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Outil de notification Live Search.lnk - C:\Users\Armand\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-04-13 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2008-04-25 206088]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-01-06 18:06:49 ----D---- C:\Program Files\trend micro
2009-01-06 18:06:48 ----D---- C:\rsit
2009-01-06 16:56:52 ----D---- C:\ProgramData\Lavasoft
2009-01-06 16:56:52 ----D---- C:\Program Files\Lavasoft
2009-01-06 16:43:37 ----A---- C:\TB.txt
2009-01-06 16:42:45 ----D---- C:\ToolBar SD
2009-01-06 08:53:39 ----D---- C:\ProgramData\InstallShield
2009-01-06 08:51:06 ----N---- C:\Windows\system32\ROBOEX32.DLL
2009-01-06 08:51:06 ----N---- C:\Windows\system32\INETWH32.dll
2009-01-06 08:51:04 ----D---- C:\Program Files\Ulead Systems
2009-01-06 08:51:04 ----D---- C:\Program Files\Common Files\Ulead Systems
2009-01-06 08:50:37 ----D---- C:\ProgramData\Ulead Systems
2009-01-06 08:28:22 ----D---- C:\Program Files\Bonjour
2009-01-06 08:27:32 ----D---- C:\Program Files\QuickTime
2009-01-06 08:27:31 ----D---- C:\ProgramData\Apple Computer
2009-01-06 08:27:08 ----D---- C:\Program Files\Apple Software Update
2009-01-06 08:26:17 ----D---- C:\Program Files\Common Files\Apple
2009-01-06 08:26:16 ----D---- C:\ProgramData\Apple
2009-01-05 20:22:55 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-01-05 20:21:53 ----D---- C:\Program Files\Microsoft
2009-01-05 20:21:34 ----D---- C:\Program Files\Windows Live SkyDrive
2009-01-05 20:21:16 ----D---- C:\Program Files\Windows Live
2009-01-05 20:02:39 ----D---- C:\Program Files\Common Files\Windows Live
2009-01-05 19:10:16 ----D---- C:\Users\Armand\AppData\Roaming\PeerNetworking
2009-01-05 18:32:57 ----D---- C:\Users\Armand\AppData\Roaming\TuneUp Software
2009-01-05 18:32:46 ----A---- C:\Windows\system32\authuitu.dll
2009-01-05 18:32:42 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2009-01-05 18:32:37 ----A---- C:\Windows\system32\uxtuneup.dll
2009-01-05 18:32:19 ----D---- C:\ProgramData\TuneUp Software
2009-01-05 18:32:11 ----D---- C:\Program Files\TuneUp Utilities 2008
2009-01-05 18:31:07 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-01-05 18:30:31 ----D---- C:\Program Files\GOTO Software
2009-01-05 17:37:32 ----D---- C:\Program Files\Microsoft Works
2009-01-05 17:36:54 ----D---- C:\Program Files\Microsoft Visual Studio
2009-01-05 17:36:54 ----D---- C:\Program Files\Common Files\DESIGNER
2009-01-05 17:36:19 ----D---- C:\Windows\PCHEALTH
2009-01-05 17:36:19 ----D---- C:\Program Files\Microsoft.NET
2009-01-05 17:33:55 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-01-05 17:31:58 ----RHD---- C:\MSOCache
2009-01-05 16:44:24 ----D---- C:\Program Files\Siber Systems
2008-12-30 10:13:12 ----D---- C:\Users\Armand\AppData\Roaming\GOTO Software
2008-12-29 21:09:17 ----D---- C:\Windows\Debug
2008-12-29 21:05:10 ----D---- C:\Windows\SoftwareDistribution
2008-12-29 21:03:26 ----D---- C:\Windows\CSC
2008-12-29 21:01:23 ----D---- C:\Windows\Prefetch
2008-12-29 21:01:17 ----SHD---- C:\System Volume Information
2008-12-29 21:00:43 ----D---- C:\Windows\Panther
2008-12-29 21:00:30 ----RAS---- C:\BOOTSECT.BAK
2008-12-29 21:00:28 ----SHD---- C:\Boot
2008-12-29 21:00:10 ----D---- C:\Windows\system32\OEM
2008-12-29 17:04:50 ----D---- C:\Users\Armand\AppData\Roaming\Creative
2008-12-29 16:58:48 ----D---- C:\Program Files\Common Files\Reallusion
2008-12-29 16:57:22 ----N---- C:\Windows\system32\msvcr71.dll
2008-12-29 16:57:21 ----N---- C:\Windows\system32\msvcp71.dll
2008-12-29 16:57:20 ----N---- C:\Windows\system32\MFC71.DLL
2008-12-29 16:57:11 ----D---- C:\Program Files\Creative Live! Cam
2008-12-29 16:56:09 ----D---- C:\Program Files\Creative
2008-12-29 16:20:12 ----D---- C:\Program Files\Common Files\EZB Systems
2008-12-29 16:20:09 ----D---- C:\Program Files\UltraISO
2008-12-29 15:50:35 ----D---- C:\Program Files\Free PDF to Word Converter
2008-12-29 15:50:04 ----D---- C:\Program Files\ElcomSoft
2008-12-29 14:53:05 ----D---- C:\Users\Armand\AppData\Roaming\Macromedia
2008-12-29 14:53:05 ----D---- C:\Users\Armand\AppData\Roaming\Adobe
2008-12-29 14:50:02 ----D---- C:\ProgramData\Babylon
2008-12-29 14:49:59 ----D---- C:\Program Files\Babylon
2008-12-29 14:40:55 ----D---- C:\Windows\system32\Macromed
2008-12-29 14:31:16 ----D---- C:\Program Files\Microsoft Office
2008-12-29 14:31:15 ----D---- C:\ProgramData\Microsoft Help
2008-12-29 14:21:33 ----D---- C:\Users\Armand\AppData\Roaming\Babylon
2008-12-29 14:18:37 ----D---- C:\Users\Armand\AppData\Roaming\skypePM
2008-12-29 14:16:51 ----D---- C:\Users\Armand\AppData\Roaming\Skype
2008-12-29 14:08:49 ----D---- C:\Program Files\Skype
2008-12-29 14:08:49 ----D---- C:\Program Files\Common Files\Skype
2008-12-29 14:08:46 ----D---- C:\ProgramData\Skype
2008-12-29 13:47:28 ----D---- C:\ProgramData\RoboForm
2008-12-29 13:31:52 ----D---- C:\Users\Armand\AppData\Roaming\ESTsoft
2008-12-29 13:31:52 ----D---- C:\Program Files\ESTsoft
2008-12-29 13:30:59 ----D---- C:\Program Files\AskBarDis
2008-12-29 13:30:50 ----D---- C:\Users\Armand\AppData\Roaming\Foxit
2008-12-29 13:30:50 ----D---- C:\Program Files\Foxit Software
2008-12-29 13:07:40 ----D---- C:\Users\Armand\AppData\Roaming\Mozilla
2008-12-29 13:07:33 ----D---- C:\Program Files\Mozilla Firefox
2008-12-29 12:24:17 ----D---- C:\ProgramData\Kaspersky Lab
2008-12-29 12:24:17 ----D---- C:\Program Files\Kaspersky Lab
2008-12-29 12:20:46 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2008-12-29 12:03:32 ----A---- C:\Windows\system32\mshtml.dll
2008-12-29 12:00:54 ----A---- C:\Windows\system32\msshooks.dll
2008-12-29 12:00:54 ----A---- C:\Windows\system32\msscb.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\wsepno.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\thawbrkr.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\srchadmin.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-12-29 12:00:53 ----A---- C:\Windows\system32\rtffilt.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\propsys.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\propdefs.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\offfilt.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\nlhtml.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\msstrc.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\mssprxy.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\mssitlb.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\msshsq.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\mimefilt.dll
2008-12-29 12:00:53 ----A---- C:\Windows\system32\korwbrkr.dll
2008-12-29 12:00:52 ----A---- C:\Windows\system32\xmlfilter.dll
2008-12-29 12:00:52 ----A---- C:\Windows\system32\tquery.dll
2008-12-29 12:00:52 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-12-29 12:00:52 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-12-29 12:00:52 ----A---- C:\Windows\system32\mssvp.dll
2008-12-29 12:00:52 ----A---- C:\Windows\system32\mssrch.dll
2008-12-29 12:00:52 ----A---- C:\Windows\system32\mssphtb.dll
2008-12-29 12:00:52 ----A---- C:\Windows\system32\mssph.dll
2008-12-29 12:00:52 ----A---- C:\Windows\system32\msscntrs.dll
2008-12-29 12:00:52 ----A---- C:\Windows\system32\chtbrkr.dll
2008-12-29 12:00:52 ----A---- C:\Windows\system32\chsbrkr.dll
2008-12-29 12:00:25 ----A---- C:\Windows\system32\tzres.dll
2008-12-29 11:55:44 ----A---- C:\Windows\system32\urlmon.dll
2008-12-29 11:55:44 ----A---- C:\Windows\system32\ieframe.dll
2008-12-29 11:55:43 ----A---- C:\Windows\system32\wininet.dll
2008-12-29 11:55:43 ----A---- C:\Windows\system32\mstime.dll
2008-12-29 11:55:43 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-29 11:55:43 ----A---- C:\Windows\system32\iertutil.dll
2008-12-29 11:55:39 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-12-29 11:55:37 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-12-29 11:55:27 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-12-29 11:54:53 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-29 11:54:52 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-29 11:54:52 ----A---- C:\Windows\system32\gameux.dll
2008-12-29 11:54:10 ----A---- C:\Windows\system32\shell32.dll
2008-12-29 11:53:52 ----A---- C:\Windows\system32\winload.exe
2008-12-29 11:53:52 ----A---- C:\Windows\system32\kd1394.dll
2008-12-29 11:53:52 ----A---- C:\Windows\system32\ci.dll
2008-12-29 11:53:51 ----A---- C:\Windows\system32\winresume.exe
2008-12-29 11:53:51 ----A---- C:\Windows\system32\srdelayed.exe
2008-12-29 11:53:51 ----A---- C:\Windows\system32\srcore.dll
2008-12-29 11:53:51 ----A---- C:\Windows\system32\srclient.dll
2008-12-29 11:53:51 ----A---- C:\Windows\system32\setbcdlocale.dll
2008-12-29 11:53:51 ----A---- C:\Windows\system32\rstrui.exe
2008-12-29 11:53:51 ----A---- C:\Windows\system32\kbd106n.dll
2008-12-29 11:52:59 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-12-29 11:52:59 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-12-29 11:52:58 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-12-29 11:52:54 ----A---- C:\Windows\system32\mf.dll
2008-12-29 11:52:53 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-29 11:52:53 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-29 11:52:53 ----A---- C:\Windows\system32\logagent.exe
2008-12-29 11:52:49 ----A---- C:\Windows\system32\wshext.dll
2008-12-29 11:52:49 ----A---- C:\Windows\system32\wscript.exe
2008-12-29 11:52:49 ----A---- C:\Windows\system32\vbscript.dll
2008-12-29 11:52:49 ----A---- C:\Windows\system32\scrrun.dll
2008-12-29 11:52:49 ----A---- C:\Windows\system32\scrobj.dll
2008-12-29 11:52:49 ----A---- C:\Windows\system32\jscript.dll
2008-12-29 11:52:49 ----A---- C:\Windows\system32\cscript.exe
2008-12-29 11:52:47 ----A---- C:\Windows\system32\netapi32.dll
2008-12-29 11:52:46 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-12-29 11:52:43 ----A---- C:\Windows\system32\rpcrt4.dll
2008-12-29 11:52:42 ----A---- C:\Windows\system32\pacerprf.dll
2008-12-29 11:52:41 ----A---- C:\Windows\system32\wmpeffects.dll
2008-12-29 11:52:40 ----A---- C:\Windows\system32\gdi32.dll
2008-12-29 11:52:35 ----A---- C:\Windows\system32\msxml3.dll
2008-12-29 11:50:31 ----D---- C:\Program Files\Marvell
2008-12-29 11:50:10 ----A---- C:\Windows\system32\inetcomm.dll
2008-12-29 11:49:41 ----D---- C:\Users\Armand\AppData\Roaming\TMP
2008-12-29 11:49:39 ----A---- C:\Windows\explorer.exe
2008-12-29 11:49:38 ----A---- C:\Windows\system32\emdmgmt.dll
2008-12-29 11:49:38 ----A---- C:\Windows\system32\dataclen.dll
2008-12-29 11:49:38 ----A---- C:\Windows\system32\cdd.dll
2008-12-29 11:49:31 ----A---- C:\Windows\system32\win32spl.dll
2008-12-29 11:49:31 ----A---- C:\Windows\system32\es.dll
2008-12-29 11:49:29 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-12-29 11:47:57 ----A---- C:\Windows\system32\wersvc.dll
2008-12-29 11:47:57 ----A---- C:\Windows\system32\Faultrep.dll
2008-12-29 11:47:42 ----A---- C:\Windows\system32\fsquirt.exe
2008-12-29 11:46:20 ----A---- C:\Windows\system32\connect.dll
2008-12-29 11:46:15 ----A---- C:\Windows\system32\quartz.dll
2008-12-29 11:46:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-12-29 11:46:12 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-12-29 11:46:03 ----A---- C:\Windows\system32\msxml6.dll
2008-12-29 11:41:28 ----A---- C:\Windows\system32\BtwRSupport.dll
2008-12-29 11:40:26 ----D---- C:\Windows\system32\es-MX
2008-12-29 11:40:26 ----D---- C:\Windows\system32\es-AR
2008-12-29 11:40:26 ----A---- C:\Windows\system32\wups2.dll
2008-12-29 11:40:26 ----A---- C:\Windows\system32\wucltux.dll
2008-12-29 11:40:26 ----A---- C:\Windows\system32\wuaueng.dll
2008-12-29 11:40:26 ----A---- C:\Windows\system32\wuauclt.exe
2008-12-29 11:40:25 ----D---- C:\Program Files\WIDCOMM
2008-12-29 11:40:13 ----A---- C:\Windows\system32\wups.dll
2008-12-29 11:40:13 ----A---- C:\Windows\system32\wudriver.dll
2008-12-29 11:40:13 ----A---- C:\Windows\system32\wuapi.dll
2008-12-29 11:40:02 ----A---- C:\Windows\system32\wuwebv.dll
2008-12-29 11:40:02 ----A---- C:\Windows\system32\wuapp.exe
2008-12-29 11:37:25 ----D---- C:\Program Files\Cisco
2008-12-29 11:36:17 ----A---- C:\Windows\system32\BCMLogon.dll
2008-12-29 11:36:16 ----A---- C:\Windows\system32\vcredist_x86.exe
2008-12-29 11:36:16 ----A---- C:\Windows\system32\vcredist_x86.bat
2008-12-29 11:36:16 ----A---- C:\Windows\system32\Uninst_EAPModules.bat
2008-12-29 11:36:16 ----A---- C:\Windows\system32\bcmwlu00.exe
2008-12-29 11:36:16 ----A---- C:\Windows\system32\bcmttls.dll
2008-12-29 11:36:15 ----A---- C:\Windows\system32\wltrynt.dll
2008-12-29 11:36:15 ----A---- C:\Windows\system32\WLTRAY.EXE
2008-12-29 11:36:15 ----A---- C:\Windows\system32\BCMWLTRY.EXE
2008-12-29 11:36:15 ----A---- C:\Windows\system32\bcmwlrmt.dll
2008-12-29 11:36:14 ----A---- C:\Windows\system32\WLTRYSVC.EXE
2008-12-29 11:36:14 ----A---- C:\Windows\system32\bcmwlcoi.dll
2008-12-29 11:36:13 ----A---- C:\Windows\system32\bcmihvui.dll
2008-12-29 11:36:13 ----A---- C:\Windows\system32\bcmihvsrv.dll
2008-12-29 11:36:06 ----D---- C:\Users\Armand\AppData\Roaming\InstallShield
2008-12-29 11:34:51 ----D---- C:\Program Files\CONEXANT
2008-12-29 11:34:30 ----A---- C:\Windows\system32\Uci32114.dll
2008-12-29 11:34:30 ----A---- C:\Windows\system32\mdmxsdk.dll
2008-12-29 11:28:37 ----A---- C:\Windows\system32\OEM02Srv.exe
2008-12-29 11:28:37 ----A---- C:\Windows\system32\OEM02Pin.dll
2008-12-29 11:28:37 ----A---- C:\Windows\system32\OEM02Hwx.dll
2008-12-29 11:28:37 ----A---- C:\Windows\system32\cximage.dll
2008-12-29 11:28:37 ----A---- C:\Windows\system32\CtCamMgr.dll
2008-12-29 11:28:37 ----A---- C:\Windows\OEM02Mon.exe
2008-12-29 11:28:37 ----A---- C:\Windows\CtDrvIns.exe
2008-12-29 11:24:13 ----N---- C:\Windows\system32\AEstSrv.exe
2008-12-29 11:24:13 ----A---- C:\Windows\system32\stlang.dll
2008-12-29 11:24:13 ----A---- C:\Windows\system32\stacsv.exe
2008-12-29 11:24:13 ----A---- C:\Windows\system32\aestecap.dll
2008-12-29 11:24:13 ----A---- C:\Windows\system32\aestaren.dll
2008-12-29 11:24:13 ----A---- C:\Windows\system32\aestacap.dll
2008-12-29 11:23:46 ----A---- C:\Windows\system32\staco.dll
2008-12-29 11:23:45 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-29 11:23:45 ----D---- C:\Program Files\SigmaTel
2008-12-29 11:23:45 ----A---- C:\Windows\system32\stcplx.dll
2008-12-29 11:23:45 ----A---- C:\Windows\system32\stapo.dll
2008-12-29 11:23:45 ----A---- C:\Windows\system32\stapi32.dll
2008-12-29 11:23:45 ----A---- C:\Windows\system32\ctppld.dll
2008-12-29 11:23:45 ----A---- C:\Windows\system32\ctapo32.dll
2008-12-29 11:23:41 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-29 11:19:18 ----D---- C:\Windows\system32\Lang
2008-12-29 11:19:18 ----A---- C:\Windows\system32\igxpun.exe
2008-12-29 11:19:18 ----A---- C:\Windows\system32\difxapi.dll
2008-12-29 11:19:13 ----D---- C:\Intel
2008-12-29 11:19:11 ----A---- C:\Windows\system32\HdmiCoin.dll
2008-12-29 11:19:09 ----A---- C:\Windows\system32\oemdspif.dll
2008-12-29 11:19:09 ----A---- C:\Windows\system32\igmedkrn.dll
2008-12-29 11:19:09 ----A---- C:\Windows\system32\igfxzoom.exe
2008-12-29 11:19:09 ----A---- C:\Windows\system32\igfxtray.exe
2008-12-29 11:19:09 ----A---- C:\Windows\system32\igfxTMM.dll
2008-12-29 11:19:09 ----A---- C:\Windows\system32\igfxsrvc.exe
2008-12-29 11:19:09 ----A---- C:\Windows\system32\igfxsrvc.dll
2008-12-29 11:19:09 ----A---- C:\Windows\system32\igfxress.dll
2008-12-29 11:19:09 ----A---- C:\Windows\system32\igfxpers.exe
2008-12-29 11:19:09 ----A---- C:\Windows\system32\igfxext.exe
2008-12-29 11:19:09 ----A---- C:\Windows\system32\igfxCoIn_v1253.dll
2008-12-29 11:19:09 ----A---- C:\Windows\system32\igfxcfg.exe
2008-12-29 11:19:09 ----A---- C:\Windows\system32\hkcmd.exe
2008-12-29 11:19:08 ----D---- C:\dell
2008-12-29 11:19:08 ----A---- C:\Windows\system32\igfxpph.dll
2008-12-29 11:19:08 ----A---- C:\Windows\system32\igfxexps.dll
2008-12-29 11:19:08 ----A---- C:\Windows\system32\igfxdo.dll
2008-12-29 11:19:08 ----A---- C:\Windows\system32\igfxdev.dll
2008-12-29 11:19:08 ----A---- C:\Windows\system32\igdumd32.dll
2008-12-29 11:19:08 ----A---- C:\Windows\system32\ig4icd32.dll
2008-12-29 11:19:08 ----A---- C:\Windows\system32\ig4dev32.dll
2008-12-29 11:19:08 ----A---- C:\Windows\system32\hccutils.dll
2008-12-29 11:15:41 ----D---- C:\Windows\system32\vmm32
2008-12-29 11:15:41 ----D---- C:\Program Files\Dell
2008-12-29 11:15:24 ----SHD---- C:\Windows\Installer
2008-12-29 11:10:36 ----D---- C:\Users\Armand\AppData\Roaming\Identities
2008-12-29 11:10:11 ----SD---- C:\Users\Armand\AppData\Roaming\Microsoft

======List of files/folders modified in the last 1 months======

2009-01-06 18:07:00 ----D---- C:\Windows\Temp
2009-01-06 18:06:49 ----RD---- C:\Program Files
2009-01-06 17:40:12 ----D---- C:\Windows\System32
2009-01-06 17:40:12 ----D---- C:\Windows\inf
2009-01-06 17:40:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-01-06 17:00:31 ----D---- C:\Windows
2009-01-06 16:56:52 ----HD---- C:\ProgramData
2009-01-06 16:56:52 ----D---- C:\Windows\system32\drivers
2009-01-06 12:48:51 ----A---- C:\Windows\win.ini
2009-01-06 12:48:03 ----RSD---- C:\Windows\assembly
2009-01-06 12:46:56 ----D---- C:\Program Files\Common Files\microsoft shared
2009-01-06 12:44:05 ----D---- C:\Windows\system32\catroot2
2009-01-06 10:33:57 ----D---- C:\Windows\system32\WDI
2009-01-06 08:51:06 ----RSD---- C:\Windows\Fonts
2009-01-06 08:51:04 ----D---- C:\Program Files\Common Files
2009-01-06 08:51:03 ----SD---- C:\Windows\Downloaded Program Files
2009-01-06 08:28:08 ----D---- C:\Program Files\Internet Explorer
2009-01-06 08:27:12 ----D---- C:\Windows\system32\Tasks
2009-01-06 08:26:58 ----D---- C:\Windows\system32\catroot
2009-01-05 20:24:54 ----D---- C:\Windows\Microsoft.NET
2009-01-05 20:22:55 ----D---- C:\Program Files\Common Files\System
2009-01-05 20:22:14 ----D---- C:\Windows\winsxs
2009-01-05 20:02:24 ----SD---- C:\ProgramData\Microsoft
2009-01-05 18:33:01 ----D---- C:\Windows\Tasks
2009-01-05 17:37:19 ----D---- C:\Program Files\MSBuild
2009-01-05 17:36:51 ----D---- C:\Windows\ShellNew
2008-12-30 11:10:39 ----D---- C:\Windows\rescache
2008-12-29 15:29:07 ----D---- C:\Windows\Logs
2008-12-29 12:07:30 ----D---- C:\Windows\system32\en-US
2008-12-29 12:07:30 ----D---- C:\Program Files\Windows Mail
2008-12-29 12:07:29 ----D---- C:\Windows\PolicyDefinitions
2008-12-29 12:07:29 ----D---- C:\Windows\AppPatch
2008-12-29 12:07:28 ----D---- C:\Windows\system32\migration
2008-12-29 12:07:27 ----D---- C:\Windows\system32\Boot
2008-12-29 11:41:28 ----SD---- C:\Windows\system32\Microsoft
2008-12-29 11:40:26 ----D---- C:\Windows\system32\zh-TW
2008-12-29 11:40:26 ----D---- C:\Windows\system32\zh-CN
2008-12-29 11:40:26 ----D---- C:\Windows\system32\sv-SE
2008-12-29 11:40:26 ----D---- C:\Windows\system32\ru-RU
2008-12-29 11:40:26 ----D---- C:\Windows\system32\pt-BR
2008-12-29 11:40:26 ----D---- C:\Windows\system32\pl-PL
2008-12-29 11:40:26 ----D---- C:\Windows\system32\ko-KR
2008-12-29 11:40:26 ----D---- C:\Windows\system32\ja-JP
2008-12-29 11:40:26 ----D---- C:\Windows\system32\it-IT
2008-12-29 11:40:26 ----D---- C:\Windows\system32\fr-FR
2008-12-29 11:40:26 ----D---- C:\Windows\system32\es-ES
2008-12-29 11:40:26 ----D---- C:\Windows\system32\de-DE
2008-12-29 11:36:17 ----D---- C:\Windows\Help
2008-12-29 11:29:01 ----D---- C:\Windows\twain_32
2008-12-29 11:15:27 ----D---- C:\Windows\system32\restore
2008-12-29 11:10:59 ----SHD---- C:\$Recycle.Bin
2008-12-29 11:10:11 ----RD---- C:\Users
2008-12-09 15:24:38 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-01-21 350720]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2008-12-15 74752]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2008-04-16 112144]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2008-12-29 216080]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2008-03-26 20496]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-12-06 1044984]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2006-11-06 78128]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2006-11-06 80176]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-06 16560]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-02 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-02 206848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-04-13 1674240]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\Windows\system32\drivers\IntcHdmi.sys [2007-03-26 111104]
R3 KLFLTDEV;Kaspersky Lab KLFltDev; C:\Windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 OEM02Dev;Creative Camera OEM002 Driver; C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-10-10 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-03-05 7424]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
R3 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
R3 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-13 330240]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-02 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]
S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 DFUBTUSB;WIDCOMM USB Bluetooth Driver in DFU State; C:\Windows\System32\Drivers\frmupgr.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-01-06 611664]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2007-09-20 73728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe [2008-04-25 201992]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-13 102400]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-12-08 24064]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-21 523776]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-01-05 306432]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2008-01-21 917504]
-----------------EOF-----------------

Voici le fichier info

info.txt logfile of random's system information tool 1.05 2009-01-06 18:07:12

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x9
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Advanced Audio FX Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9 /remove
Advanced PDF Password Recovery Pro (remove only)-->C:\Program Files\ElcomSoft\APDFPRP\uninstall.exe
Advanced Video FX Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9 /remove
AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
ALUpdate-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe"
ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Babylon Toolbar-->MsiExec.exe /I{67A339E5-D8AA-4E88-9278-A571B397F798}
Babylon-->C:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Cisco EAP-FAST Module-->MsiExec.exe /I{BF53252E-4AB2-4C7F-A0FD-6100755745E3}
Cisco LEAP Module-->MsiExec.exe /I{76F9CF97-FC4B-4E20-B363-D127C888448F}
Cisco PEAP Module-->MsiExec.exe /I{4E5386F5-C0F6-4532-A54A-374865AEAB71}
Conexant HDA D330 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F\HXFSETUP.EXE -U -Idel000fz.inf
Dell Resource CD-->MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021}
Dell Webcam Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x9 /remove
Dell Webcam Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x9 /remove
Dell Wireless WLAN Card-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Foxit Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Free PDF to Word Converter 1.3-->"C:\Program Files\Free PDF to Word Converter\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
Laptop Integrated Webcam Driver (1.04.01.1011) -->C:\Windows\CtDrvIns.exe -uninstall -script OEM002.uns -plugin OEM02Pin.dll -pluginres OEM02Pin.crl -nodisconprompt -langid 0x0409
Live! Cam Avatar Creator-->C:\Program Files\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
Live! Cam Avatar v1.0-->C:\Program Files\InstallShield Installation Information\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Sarbacane-->C:\PROGRA~1\GOTOSO~1\SARBAC~1\UNWISE.EXE C:\PROGRA~1\GOTOSO~1\SARBAC~1\INSTALL.LOG
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Ulead PhotoImpact 12-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11AFE21E-B193-430D-B57A-DFF7815BB962}\setup.exe" -l0x40c
UltraISO Premium V9.32-->"C:\Program Files\UltraISO\unins000.exe"
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
WIDCOMM Bluetooth Software 6.0.1.3100-->MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}

======Security center information======

AV: Kaspersky Internet Security
FW: Kaspersky Internet Security
AS: Windows Defender
AS: Kaspersky Internet Security

System event log

Computer Name: Arman
Event Code: 10029
Message: DCOM started the service wcncsvc with arguments "" in order to run the server:
{375FF000-DD27-11D9-8F9C-0002B3988E81}
Record Number: 9180
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090106155453.000000-000
Event Type: Information
User:

Computer Name: Arman
Event Code: 7036
Message: The Function Discovery Provider Host service entered the running state.
Record Number: 9181
Source Name: Service Control Manager
Time Written: 20090106155453.000000-000
Event Type: Information
User:

Computer Name: Arman
Event Code: 7036
Message: The Windows Connect Now - Config Registrar service entered the running state.
Record Number: 9182
Source Name: Service Control Manager
Time Written: 20090106155453.000000-000
Event Type: Information
User:

Computer Name: Arman
Event Code: 103
Message: The service stopped publishing because the default computer information has been removed. The user has elected to opt out of publishing on this computer.
Record Number: 9183
Source Name: Microsoft-Windows-ResourcePublication
Time Written: 20090106155453.036769-000
Event Type: Information
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: Arman
Event Code: 104
Message: The service is publishing to the network.
Record Number: 9184
Source Name: Microsoft-Windows-ResourcePublication
Time Written: 20090106155453.073769-000
Event Type: Information
User: NT AUTHORITY\LOCAL SERVICE

Application event log

Computer Name: Arman
Event Code: 1
Message: Certificate Services Client has been started successfully.
Record Number: 1277
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20090106153533.363769-000
Event Type: Information
User: Arman\Armand

Computer Name: Arman
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 1278
Source Name: Microsoft-Windows-WMI
Time Written: 20090106153555.000000-000
Event Type: Error
User:

Computer Name: Arman
Event Code: 1
Message: The Windows Security Center Service has started.
Record Number: 1279
Source Name: SecurityCenter
Time Written: 20090106153647.000000-000
Event Type: Information
User:

Computer Name: Arman
Event Code: 1001
Message: Performance counters for the WmiApRpl (WmiApRpl) service were removed successfully. The Record Data contains the new values of the system Last Counter and Last Help registry entries.
Record Number: 1280
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090106154011.000000-000
Event Type: Information
User:

Computer Name: Arman
Event Code: 1000
Message: Performance counters for the WmiApRpl (WmiApRpl) service were loaded successfully. The Record Data in the data section contains the new index values assigned to this service.
Record Number: 1281
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090106154012.000000-000
Event Type: Information
User:

Security event log

Computer Name: Arman
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 1454
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090106160709.883769-000
Event Type: Audit Failure
User:

Computer Name: Arman
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 1455
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090106160709.917769-000
Event Type: Audit Failure
User:

Computer Name: Arman
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 1456
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090106160709.934769-000

Répondre à tom

ric025, le 6 jan 2009 à 17:16:57

Le post est trop long. Tu peux me remettre juste le log "info.txt" stp? Que l'on soit cadre, écrivain ou ouvrier, on se ressemble foutrement tous quand on dégueule
dans le caniveau... S.King

Répondre à ric025

tom, le 6 jan 2009 à 17:22:08

Fichier info

Voici le fichier info

info.txt logfile of random's system information tool 1.05 2009-01-06 18:07:12

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x9
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Advanced Audio FX Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9 /remove
Advanced PDF Password Recovery Pro (remove only)-->C:\Program Files\ElcomSoft\APDFPRP\uninstall.exe
Advanced Video FX Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9 /remove
AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
ALUpdate-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe"
ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Babylon Toolbar-->MsiExec.exe /I{67A339E5-D8AA-4E88-9278-A571B397F798}
Babylon-->C:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Cisco EAP-FAST Module-->MsiExec.exe /I{BF53252E-4AB2-4C7F-A0FD-6100755745E3}
Cisco LEAP Module-->MsiExec.exe /I{76F9CF97-FC4B-4E20-B363-D127C888448F}
Cisco PEAP Module-->MsiExec.exe /I{4E5386F5-C0F6-4532-A54A-374865AEAB71}
Conexant HDA D330 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F\HXFSETUP.EXE -U -Idel000fz.inf
Dell Resource CD-->MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021}
Dell Webcam Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x9 /remove
Dell Webcam Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x9 /remove
Dell Wireless WLAN Card-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Foxit Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Free PDF to Word Converter 1.3-->"C:\Program Files\Free PDF to Word Converter\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
Kaspersky Internet Security 2009-->MsiExec.exe /I{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}
Laptop Integrated Webcam Driver (1.04.01.1011) -->C:\Windows\CtDrvIns.exe -uninstall -script OEM002.uns -plugin OEM02Pin.dll -pluginres OEM02Pin.crl -nodisconprompt -langid 0x0409
Live! Cam Avatar Creator-->C:\Program Files\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
Live! Cam Avatar v1.0-->C:\Program Files\InstallShield Installation Information\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Sarbacane-->C:\PROGRA~1\GOTOSO~1\SARBAC~1\UNWISE.EXE C:\PROGRA~1\GOTOSO~1\SARBAC~1\INSTALL.LOG
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package

Répondre à tom

ric025, le 6 jan 2009 à 17:23:23

Il est pas complet je crois.

Tu es sur le continent américain? Que l'on soit cadre, écrivain ou ouvrier, on se ressemble foutrement tous quand on dégueule
dans le caniveau... S.King

Répondre à ric025

kris, le 13 nov 2009 à 16:19:08

Bonjour, j'ai le même problème avez vous résolu l'histoire ?
j'ai un portable MSI , vista

Répondre à kris

david, le 14 nov 2009 à 13:22:30

G exactement le même soucis que vous et j essaye désespérément de le régler mais rien y fait si vous avez trouvé avant moi ou inversement on se contacte?

Répondre à david

Posez votre question Répondre