Deckard's System Scanner v20071014.68
Run by utilisateur on 2007-12-12 15:40:50
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
9: 2007-12-12 14:40:55 UTC - RP388 - Deckard's System Scanner Restore Point
8: 2007-12-12 05:31:19 UTC - RP387 - Software Distribution Service 3.0
7: 2007-12-11 13:25:05 UTC - RP386 - Software Distribution Service 3.0
6: 2007-12-11 11:20:07 UTC - RP385 - Point de vérification système
5: 2007-12-10 07:19:02 UTC - RP384 - Point de vérification système
-- First Restore Point --
1: 2007-12-05 11:23:21 UTC - RP380 - Point de vérification système
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as utilisateur.exe) -----------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 15:42:06, on 12/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Wave Systems Corp\Common\DataServer.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\KONICA MINOLTA\PageScope Net Care\JavaService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
C:\Program Files\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Dell SAS RAID Storage Manager\JRE\bin\javaw.exe
C:\Program Files\Dell SAS RAID Storage Manager\MegaMonitor\mrmonitor.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell SAS RAID Storage Manager\MegaPopup\Popup.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Free Download Manager\FUM\fumoei.exe
C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\PVSW\Bin\w3dbsmgr.exe
C:\Program Files\WinPhone eXPert\Winphone.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\EBP\Gestion12.0\Gestion.exe
C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\Program Files\Adobe\Adobe Illustrator CS2\Support Files\Contents\Windows\Illustrator.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\Adobelm_Cleanup .0001
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\Adobelm_Cleanup .0001
C:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop.exe
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\Adobelm_Cleanup .0001
C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\Adobelm_Cleanup .0001
C:\PROGRA~1\FF\FIREFO~1\APP\FIREFOX\FIREFOX.EXE
C:\Documents and Settings\utilisateur\Bureau\dss.exe
C:\DOCUME~1\UTILIS~1\Bureau\GENERA~1\utilisateur.e xe
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL =
Page initiale personnalisée
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
Page initiale personnalisée
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\sw g.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Popup] "C:\Program Files\Dell SAS RAID Storage Manager\MegaPopup\Popup.exe"
O4 - HKLM\..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe
O4 - Startup: Pervasive.SQL Workgroup Engine.lnk = C:\PVSW\Bin\w3dbsmgr.exe
O4 - Startup: WinPhone eXPert.lnk = C:\Program Files\WinPhone eXPert\Winphone.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O4 - Global Startup: EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone:
Testeur de bande passante
O15 - Trusted Zone:
EBP Logiciels de gestion, comptabilité, paye pour PME - TPE - Particuliers
O15 - Trusted Zone:
http://www.free-drm-encoder.com
O15 - Trusted IP range:
Masita Sportswear Homepage
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsu...?1164622591218
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) -
http://www.installengine.com/engine/isetup.cab
O16 - DPF: {E6ACF817-0A85-4EBE-9F0A-096C6488CFEA} (NTR ActiveX 1.1.8) -
http://www.inquiero.com/inquiero/mod...ivex118_24.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DL L
O20 - AppInit_DLLs: wxvault.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Unknown owner - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service (file missing)
O23 - Service: DataSvr2 - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Common\DataServer.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Web Jetadmin (HPWebJetadmin) - Unknown owner - C:\Program Files\HP Web Jetadmin\hpwebjetd.exe" -k runservice (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KONICA MINOLTA PageScope Net Care (KM PageScope Net Care Service) - Unknown owner - C:\Program Files\KONICA MINOLTA\PageScope Net Care\JavaService.exe
O23 - Service: MRMonitor (MegaMonitorSrv) - Unknown owner - C:\Program Files\Dell SAS RAID Storage Manager\MegaMonitor\mrmonitor.exe
O23 - Service: SSMFramework (MSMFramework) - Unknown owner - C:\Program Files\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe
O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)
O23 - Service: NTRU Hybrid TSS v2.0.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
-- HijackThis Fixed Entries (C:\DOCUME~1\UTILIS~1\Bureau\GENERA~1\backups\) ----
backup-20071207-082422-188 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
backup-20071207-082422-234 O2 - BHO: Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\Adssite_sidebar.dll
backup-20071207-082422-284 O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
backup-20071207-082422-317 O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - (no file)
backup-20071207-082422-387 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
backup-20071207-082422-494 O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
backup-20071207-082422-540 O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
backup-20071207-082422-593 O4 - Global Startup: Logo Calibration Loader.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
backup-20071207-082422-640 O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nsc213.dll
backup-20071207-082422-654 O4 - Startup: PowerReg Scheduler.exe
backup-20071207-082422-735 O4 - Startup: iTunes.lnk = ?
backup-20071207-082422-803 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20071207-082422-864 O4 - Startup: WinPhone eXPert.lnk = C:\Program Files\WinPhone eXPert\Winphone.exe
backup-20071207-082422-921 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 PBADRV - c:\windows\system32\drivers\pbadrv.sys <Not Verified; Dell Inc; PBA Driver>
R2 Sentinel - c:\windows\system32\drivers\sentinel.sys <Not Verified; Rainbow Technologies, Inc.; Sentinel System Driver>
S2 Par1284 - c:\program files\cutting master 2 1.30\program\par1284.sys (file missing)
S3 EyeOneDp - c:\windows\system32\drivers\eyeonedp.sys
S3 lmimirr - c:\windows\system32\drivers\lmimirr.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler>
R2 Apple Mobile Device - "c:\program files\fichiers communs\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 DataSvr2 - "c:\program files\wave systems corp\common\dataserver.exe" <Not Verified; Wave Systems Corp.; Authentication Manager>
R2 EpsonBidirectionalService - c:\program files\fichiers communs\epson\ebapi\eebsvc.exe
R2 HPWebJetadmin (HP Web Jetadmin) - "c:\program files\hp web jetadmin\hpwebjetd.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server>
R2 KM PageScope Net Care Service (KONICA MINOLTA PageScope Net Care) - c:\program files\konica minolta\pagescope net care\javaservice.exe -ms4m -mx32m
R2 MegaMonitorSrv (MRMonitor) - "c:\program files\dell sas raid storage manager\megamonitor\mrmonitor.exe"
R2 MSMFramework (SSMFramework) - "c:\program files\dell sas raid storage manager\framework\vivaldiframework.exe"
R2 tcsd_win32.exe (NTRU Hybrid TSS v2.0.25 TCS) - "c:\program files\ntru cryptosystems\ntru hybrid tss v2.0.25\bin\tcsd_win32.exe"
S2 PDSched (PDScheduler) - "c:\program files\raxco\perfectdisk\pdsched.exe" <Not Verified; Raxco Software, Inc.; PDSched Module>
S3 AdobeVersionCue - c:\program files\adobe\adobe version cue\service\versioncue.exe <Not Verified; Adobe Sytems; Adobe Version Cue™>
S3 Clg13smtiwn -
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2007-12-06 07:51:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2007-11-12 and 2007-12-12 -----------------------------
2007-12-12 08:45:55 0 d-------- C:\Program Files\Mozilla Sunbird
2007-12-11 16:08:45 0 d-------- C:\Documents and Settings\utilisateur\Application Data\Free Download Manager
2007-12-11 16:08:42 0 d-------- C:\Program Files\Free Download Manager
2007-12-11 16:08:42 0 d-------- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2007-12-11 15:53:55 0 d-------- C:\Documents and Settings\utilisateur\Application Data\ntr
2007-12-10 20:15:18 0 d-------- C:\Documents and Settings\utilisateur\Application Data\Mozilla
2007-12-10 20:11:27 0 d-------- C:\Program Files\FF
2007-12-07 18:54:10 0 d-------- C:\Downloads
2007-12-07 18:48:14 0 d-------- C:\Kaspersky
2007-12-03 06:13:52 0 d-------- C:\Program Files\Avira
2007-12-03 06:13:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-11-29 12:36:57 0 d-------- C:\Program Files\Syslogd
2007-11-28 18:16:44 0 dr------- C:\Documents and Settings\LocalService\Favoris
2007-11-28 18:16:38 0 d-------- C:\Documents and Settings\LocalService\Application Data\Talkback
2007-11-28 18:15:10 0 d-------- C:\Documents and Settings\LocalService\Application Data\Mozilla
2007-11-15 16:06:06 0 d-------- C:\Documents and Settings\utilisateur\Application Data\Opera
2007-11-15 07:31:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-11-12 17:21:16 0 d--h----- C:\Documents and Settings\All Users\Application Data\{6A6BFF56-8325-4101-A340-724548B1F63F}
2007-11-12 15:48:52 0 d-------- C:\SERIFLOCK BOSS
-- Find3M Report ---------------------------------------------------------------
2007-12-12 10:26:57 0 d-------- C:\Program Files\Mozilla Thunderbird
2007-12-12 09:54:23 0 d-------- C:\Program Files\WinPhone eXPert
2007-12-12 08:46:44 0 d-------- C:\Program Files\BARRES DES TACHES
2007-12-12 06:12:05 0 d-------- C:\Documents and Settings\utilisateur\Application Data\Wave Systems Corp
2007-12-07 19:13:11 2996 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-05 22:27:13 0 d-------- C:\Program Files\HP Web Jetadmin
2007-11-28 15:00:56 0 d-------- C:\Program Files\Google
2007-11-23 21:13:26 0 d-------- C:\Program Files\DivX
2007-11-19 07:52:11 28175 --a------ C:\Documents and Settings\utilisateur\Application Data\Valeurs séparées par une virgule (Windows).ADR
2007-11-18 14:31:37 0 d-------- C:\Documents and Settings\utilisateur\Application Data\Adobe
2007-11-15 07:33:59 0 d-------- C:\Program Files\Fichiers communs
2007-11-12 11:12:13 0 d-------- C:\Documents and Settings\utilisateur\Application Data\Google
2007-11-09 14:31:56 0 d-------- C:\Program Files\BurnInTest
2007-11-08 23:58:09 0 d-------- C:\Program Files\BitDownload
2007-11-08 23:58:09 0 d-------- C:\Documents and Settings\utilisateur\Application Data\BitDownload
2007-11-08 07:55:15 0 d-------- C:\Program Files\iTunes
2007-11-08 07:55:03 0 d-------- C:\Program Files\iPod
2007-11-08 07:54:22 0 d-------- C:\Program Files\QuickTime
2007-11-08 07:32:11 0 d-------- C:\Program Files\EBP
2007-11-07 11:59:43 0 d-------- C:\Program Files\MAP
2007-11-07 11:51:30 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-07 10:23:26 493680 --a------ C:\WINDOWS\system32\perfh00C.dat
2007-11-07 10:23:26 87796 --a------ C:\WINDOWS\system32\perfc00C.dat
2007-11-07 10:12:25 28672 --a------ C:\WINDOWS\system32\hpzjfw01.dll <Not Verified; Hewlett-Packard; Firewall>
2007-11-07 10:12:25 204800 --a------ C:\WINDOWS\system32\hptcpmui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-11-07 10:12:25 155648 --a------ C:\WINDOWS\system32\hptcpmon.dll <Not Verified; Hewlett Packard; HP(R) Standard Port Monitor>
2007-11-07 10:12:25 73728 --a------ C:\WINDOWS\system32\hptcpmib.dll <Not Verified; Hewlett Packard; HP(R) Standard Port Monitor>
2007-11-07 09:14:13 0 d-------- C:\Program Files\MINOLTA-QMS, INC
2007-11-02 14:37:46 0 d-------- C:\Program Files\Fichiers communs\EBP
2007-11-02 07:27:44 0 d-------- C:\Program Files\Java
2007-10-30 20:07:29 0 d-------- C:\Program Files\KONICA MINOLTA
2007-10-30 18:09:33 0 d-------- C:\Program Files\Microsoft Works
2007-10-30 18:09:26 0 d-------- C:\Program Files\MSBuild
2007-10-30 18:08:41 0 d-------- C:\Program Files\Microsoft.NET
2007-10-30 18:04:55 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2007-10-25 08:53:52 0 d-------- C:\Program Files\Fichiers communs\Adobe
2007-10-20 01:56:16 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-10-20 01:54:28 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-10-20 01:54:28 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-10-20 01:54:12 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-10-20 01:54:12 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-20 01:54:12 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-20 01:54:10 739840 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-18 10:02:34 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-10-17 08:37:11 0 d-------- C:\Documents and Settings\utilisateur\Application Data\EBP
2007-10-10 06:32:40 108 --a------ C:\Program Files\INSTALL.LOG
2007-10-05 06:20:34 40733 --a------ C:\WINDOWS\system32\rightonadz-uninst.exe
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4}"= C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL [11/07/2007 06:31 266240]
[-HKEY_CLASSES_ROOT\CLSID\{E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/07/2006 12:19]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 01:11]
"SigmatelSysTrayApp"="stsystra.exe" [20/03/2006 16:00 C:\WINDOWS\stsystra.exe]
"Popup"="C:\Program Files\Dell SAS RAID Storage Manager\MegaPopup\Popup.exe" [20/04/2006 17:56]
"Document Manager"="C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe" [16/05/2006 13:35]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [26/04/2006 08:39]
"PMX Daemon"="ICO.EXE" [09/06/2006 13:47 C:\WINDOWS\system32\ico.exe]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [08/09/2005 06:20]
"ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [27/07/2004 17:50]
"ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [27/07/2004 17:50]
"nwiz"="nwiz.exe" [12/07/2006 12:19 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [12/07/2006 12:19]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [03/12/2007 06:17]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/11/2007 18:36]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [19/01/2005 15:18]
"@"="" []
"Pando"="C:\Program Files\Pando Networks\Pando\Pando.exe" [05/10/2007 12:33]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [05/08/2004 13:00]
"Free Uploader Oe Integration"="C:\Program Files\Free Download Manager\FUM\fumoei.exe" [10/06/2007 19:02]
C:\Documents and Settings\utilisateur\Menu D‚marrer\Programmes\D‚marrage\
Pervasive.SQL Workgroup Engine.lnk - C:\PVSW\Bin\w3dbsmgr.exe [22/07/2004 13:40:00]
WinPhone eXPert.lnk - C:\Program Files\WinPhone eXPert\Winphone.exe [27/11/2006 21:00:29]
Yahoo! Widget Engine.lnk - C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe [20/07/2007 18:57:16]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
EMBASSY Trust Suite Secure Update.lnk - C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe [30/01/2006 18:11:48]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [02/04/2007 06:35:06]
ProfileReminder.lnk - C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe [28/10/2004 14:01:10]
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [03/05/2005 23:07:32]
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoViewOnDrive"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wxvault.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 wvauth
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Slim Multimedia Keyboard.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Slim Multimedia Keyboard.lnk
backup=C:\WINDOWS\pss\Slim Multimedia Keyboard.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeVersionCue]
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
"C:\Program Files\BearShare\BearShare.exe" /pause
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\funkbook]
C:\DOCUME~1\UTILIS~1\APPLIC~1\OBJMIX~1\Roam view.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
"C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AntiVirScheduler"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{11f4a185-b4e8-11db-9517-001372369606}]
AutoRun\command- H:\loader.exe
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{3bfe3768-6d7f-11dc-9601-001372369606}]
Auto\command- H:\AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b6085fc4-5634-11dc-95d5-001372369606}]
AutoRun\command- H:\Installer.exe
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{d07e1a58-304d-11dc-95b1-001372369606}]
Auto\command- H:\RavMonE.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
-- End of Deckard's System Scanner: finished at 2007-12-12 15:42:30 ------------